2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.onap.aai.util;
22 import java.io.FileInputStream;
23 import java.security.KeyStore;
25 import javax.net.ssl.HostnameVerifier;
26 import javax.net.ssl.HttpsURLConnection;
27 import javax.net.ssl.KeyManagerFactory;
28 import javax.net.ssl.TrustManagerFactory;
29 import javax.net.ssl.SSLContext;
30 import javax.net.ssl.SSLSession;
32 import com.sun.jersey.api.client.Client;
33 import com.sun.jersey.api.client.config.ClientConfig;
34 import com.sun.jersey.api.client.config.DefaultClientConfig;
35 import com.sun.jersey.api.json.JSONConfiguration;
36 import com.sun.jersey.client.urlconnection.HTTPSProperties;
38 public class HttpsAuthExternalClient {
44 * @param keystoreFileName the keystore file name
45 * @param keystorePassword the keystore password
47 * @throws Exception the exception
49 public static Client getClient ( String keystoreFileName, String keystorePassword ) throws Exception {
51 ClientConfig config = new DefaultClientConfig();
52 config.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);
53 config.getClasses().add(org.onap.aai.restcore.CustomJacksonJaxBJsonProvider.class);
55 SSLContext ctx = null;
58 String truststore_path = AAIConstants.AAI_HOME_ETC_AUTH + AAIConfig.get(AAIConstants.AAI_TRUSTSTORE_FILENAME);
59 String truststore_password = AAIConfig.get(AAIConstants.AAI_TRUSTSTORE_PASSWD);
60 String keystore_path = AAIConstants.AAI_HOME_ETC_AUTH + keystoreFileName;
61 String keystore_password = keystorePassword;
63 //System.setProperty("javax.net.ssl.trustStore", truststore_path);
64 //System.setProperty("javax.net.ssl.trustStorePassword", truststore_password);
65 HttpsURLConnection.setDefaultHostnameVerifier( new HostnameVerifier(){
66 public boolean verify(String string,SSLSession ssls) {
71 ctx = SSLContext.getInstance("TLS");
72 KeyManagerFactory kmf = null;
75 /**** kmf = KeyManagerFactory.getInstance("SunX509");
76 FileInputStream fin = new FileInputStream(keystore_path);
77 KeyStore ks = KeyStore.getInstance("PKCS12");
78 char[] pwd = keystore_password.toCharArray();
83 String alg = TrustManagerFactory.getDefaultAlgorithm();
84 TrustManagerFactory tmf = TrustManagerFactory.getInstance(alg);
85 FileInputStream tin = new FileInputStream(truststore_path);
86 KeyStore ts = KeyStore.getInstance("PKCS12");
87 char[] tpwd = truststore_password.toCharArray();
91 //ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
92 // Updating key manager to null, to disable two way SSL
93 ctx.init(null, tmf.getTrustManagers(), null);
95 config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
96 new HTTPSProperties( new HostnameVerifier() {
98 public boolean verify( String s, SSLSession sslSession ) {
103 client = Client.create(config);
104 // uncomment this line to get more logging for the request/response
105 // client.addFilter(new LoggingFilter(System.out));
106 } catch (Exception e) {