public int getTimeout() {
return Integer.parseInt(Objects.requireNonNull(UrnPropertiesReader.getVariable(TIMEOUT)));
}
+
+ @Override
+ public boolean getUseSSL() {
+ return false;
+ }
+
+ @Override
+ public boolean getUseBasicAuth() {
+ return true;
+ }
}
-<?xml version="1.0"?>
+<?xml version="1.0" ?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
</plugin>
</plugins>
</build>
-</project>
+</project>
\ No newline at end of file
--- /dev/null
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP - SO
+ * ================================================================================
+ * Copyright (C) 2020 Deutsche Telekom.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.so.client;
+
+import java.io.FileInputStream;
+import java.nio.file.Paths;
+import java.security.KeyStore;
+
+public abstract class KeyStoreLoader {
+
+ static final String SSL_KEY_STORE_KEY = "javax.net.ssl.keyStore";
+
+ static public KeyStore getKeyStore() {
+ KeyStore ks = null;
+ final char[] password = getSSlKeyStorePassword().toCharArray();
+ try (FileInputStream fis =
+ new FileInputStream(Paths.get(System.getProperty(SSL_KEY_STORE_KEY)).normalize().toString())) {
+ ks = KeyStore.getInstance(KeyStore.getDefaultType());
+ ks.load(fis, password);
+ } catch (final Exception e) {
+ return null;
+ }
+
+ return ks;
+ }
+
+ static public String getSSlKeyStorePassword() {
+ return System.getProperty("javax.net.ssl.keyStorePassword");
+ }
+}
package org.onap.so.client;
-import java.io.FileInputStream;
import java.net.URI;
-import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.util.Optional;
public abstract class RestClientSSL extends RestClient {
private static final String TRUE = "true";
- private static final String SSL_KEY_STORE_KEY = "javax.net.ssl.keyStore";
private static final String MSO_LOAD_SSL_CLIENT_KEYSTORE_KEY = "mso.load.ssl.client.keystore";
-
protected RestClientSSL(RestProperties props, Optional<URI> path) {
super(props, path);
}
try {
String loadSSLKeyStore = System.getProperty(RestClientSSL.MSO_LOAD_SSL_CLIENT_KEYSTORE_KEY);
if (loadSSLKeyStore != null && loadSSLKeyStore.equalsIgnoreCase(TRUE)) {
- KeyStore ks = getKeyStore();
+ KeyStore ks = KeyStoreLoader.getKeyStore();
if (ks != null) {
- client = ClientBuilder.newBuilder().keyStore(ks, getSSlKeyStorePassword()).build();
+ client = ClientBuilder.newBuilder().keyStore(ks, KeyStoreLoader.getSSlKeyStorePassword()).build();
logger.info("RestClientSSL not using default SSL context - setting keystore here.");
return client;
}
}
return client;
}
-
- private KeyStore getKeyStore() {
- KeyStore ks = null;
- char[] password = getSSlKeyStorePassword().toCharArray();
- try (FileInputStream fis = new FileInputStream(
- Paths.get(System.getProperty(RestClientSSL.SSL_KEY_STORE_KEY)).normalize().toString())) {
- ks = KeyStore.getInstance(KeyStore.getDefaultType());
-
- ks.load(fis, password);
- } catch (Exception e) {
- return null;
- }
-
- return ks;
- }
-
- private String getSSlKeyStorePassword() {
- return System.getProperty("javax.net.ssl.keyStorePassword");
- }
}
* ============LICENSE_START=======================================================
* ONAP - SO
* ================================================================================
- * Copyright (C) 2017 - 2019 Bell Canada.
+ * Copyright (C) 2017 - 2019 Bell Canada, Deutsche Telekom.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
import io.grpc.ManagedChannel;
import io.grpc.internal.DnsNameResolverProvider;
import io.grpc.internal.PickFirstLoadBalancerProvider;
+import io.grpc.netty.GrpcSslContexts;
import io.grpc.netty.NettyChannelBuilder;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
import java.util.concurrent.CountDownLatch;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.TrustManagerFactory;
import org.onap.ccsdk.cds.controllerblueprints.processing.api.ExecutionServiceInput;
+import org.onap.so.client.KeyStoreLoader;
import org.onap.so.client.PreconditionFailedException;
import org.onap.so.client.RestPropertiesLoader;
import org.slf4j.Logger;
throw new PreconditionFailedException(
"No RestProperty.CDSProperties implementation found on classpath, can't create client.");
}
- this.channel = NettyChannelBuilder.forAddress(props.getHost(), props.getPort())
+ NettyChannelBuilder builder = NettyChannelBuilder.forAddress(props.getHost(), props.getPort())
.nameResolverFactory(new DnsNameResolverProvider())
- .loadBalancerFactory(new PickFirstLoadBalancerProvider())
- .intercept(new BasicAuthClientInterceptor(props)).usePlaintext().build();
+ .loadBalancerFactory(new PickFirstLoadBalancerProvider());
+ if (props.getUseSSL()) {
+ log.info("Configure SSL connection");
+ KeyStore ks = KeyStoreLoader.getKeyStore();
+ if (ks == null) {
+ log.error("Can't load KeyStore");
+ throw new RuntimeException("Can't load KeyStore to create secure channel");
+ }
+ try {
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init(ks);
+ builder.sslContext(GrpcSslContexts.forClient().trustManager(tmf).build());
+ } catch (NoSuchAlgorithmException e) {
+ log.error("Can't get default TrustManager algorithm");
+ throw new RuntimeException(e);
+ } catch (KeyStoreException e) {
+ log.error("TrustManagerFactory initialization failed");
+ throw new RuntimeException(e);
+ } catch (SSLException e) {
+ log.error("SslContext build error");
+ throw new RuntimeException(e);
+ }
+ }
+ if (props.getUseBasicAuth()) {
+ log.info("Configure Basic authentication");
+ builder.intercept(new BasicAuthClientInterceptor(props)).usePlaintext();
+ }
+ this.channel = builder.build();
this.handler = new CDSProcessingHandler(listener);
log.info("CDSProcessingClient started");
}
import org.onap.so.client.RestProperties;
-
public interface CDSProperties extends RestProperties {
String getHost();
String getBasicAuth();
int getTimeout();
+
+ boolean getUseSSL();
+
+ boolean getUseBasicAuth();
}
package org.onap.so.client.cds;
-
import static org.junit.Assert.*;
import static org.mockito.Mockito.*;
import io.grpc.inprocess.InProcessChannelBuilder;
private CDSProcessingHandler handler;
private CDSProcessingClient client;
-
private final MutableHandlerRegistry serviceRegistry = new MutableHandlerRegistry();
private final List<String> messagesDelivered = new ArrayList<>();
private final CountDownLatch allRequestsDelivered = new CountDownLatch(1);
new CDSProcessingClient(listener);
}
-
@Test
public void testSendMessageFail() throws Exception {
public int getTimeout() {
return 60;
}
+
+ @Override
+ public boolean getUseSSL() {
+ return false;
+ }
+
+ @Override
+ public boolean getUseBasicAuth() {
+ return true;
+ }
}
-<?xml version="1.0"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<?xml version="1.0" ?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.onap.oparent</groupId>
</plugins>
<pluginManagement>
<plugins>
+ <plugin>
<groupId>org.eclipse.m2e</groupId>
<artifactId>lifecycle-mapping</artifactId>
<version>1.0.0</version>
<execute />
</action>
</pluginExecution>
+ <pluginExecution>
<pluginExecutionFilter>
<groupId>org.codehaus.gmaven</groupId>
<artifactId>groovy-maven-plugin</artifactId>
</build>
</profile>
</profiles>
-</project>
+</project>
\ No newline at end of file
Code Review / so.git / commitdiff