aai-core/src/main/java/org/onap/aai/util/HttpsAuthExternalClient.java

   1 /**
   2  * ============LICENSE_START=======================================================
   3  * org.onap.aai
   4  * ================================================================================
   5  * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *    http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20 package org.onap.aai.util;
  21
  22 import java.io.FileInputStream;
  23 import java.security.KeyStore;
  24
  25 import javax.net.ssl.HostnameVerifier;
  26 import javax.net.ssl.HttpsURLConnection;
  27 import javax.net.ssl.KeyManagerFactory;
  28 import javax.net.ssl.TrustManagerFactory;
  29 import javax.net.ssl.SSLContext;
  30 import javax.net.ssl.SSLSession;
  31
  32 import com.sun.jersey.api.client.Client;
  33 import com.sun.jersey.api.client.config.ClientConfig;
  34 import com.sun.jersey.api.client.config.DefaultClientConfig;
  35 import com.sun.jersey.api.json.JSONConfiguration;
  36 import com.sun.jersey.client.urlconnection.HTTPSProperties;
  37
  38 public class HttpsAuthExternalClient {
  39
  40
  41         /**
  42          * Gets the client.
  43          *
  44          * @param keystoreFileName the keystore file name
  45          * @param keystorePassword the keystore password
  46          * @return the client
  47          * @throws Exception the exception
  48          */
  49         public static Client getClient ( String keystoreFileName, String keystorePassword ) throws Exception {
  50
  51                 ClientConfig config = new DefaultClientConfig();
  52                 config.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);
  53                 config.getClasses().add(org.onap.aai.restcore.CustomJacksonJaxBJsonProvider.class);
  54                 Client client = null;
  55                 SSLContext ctx = null;
  56
  57                 try {
  58                         String truststore_path = AAIConstants.AAI_HOME_ETC_AUTH + AAIConfig.get(AAIConstants.AAI_TRUSTSTORE_FILENAME);
  59                         String truststore_password = AAIConfig.get(AAIConstants.AAI_TRUSTSTORE_PASSWD);
  60                         String keystore_path = AAIConstants.AAI_HOME_ETC_AUTH + keystoreFileName;
  61                         String keystore_password = keystorePassword;
  62
  63                     //System.setProperty("javax.net.ssl.trustStore", truststore_path);
  64                     //System.setProperty("javax.net.ssl.trustStorePassword", truststore_password);
  65                         HttpsURLConnection.setDefaultHostnameVerifier( new HostnameVerifier(){
  66                             public boolean verify(String string,SSLSession ssls) {
  67                                 return true;
  68                             }
  69                         });
  70
  71                         ctx = SSLContext.getInstance("TLS");
  72                         KeyManagerFactory kmf = null;
  73
  74
  75                         /**** kmf = KeyManagerFactory.getInstance("SunX509");
  76                         FileInputStream fin = new FileInputStream(keystore_path);
  77                         KeyStore ks = KeyStore.getInstance("PKCS12");
  78                         char[] pwd = keystore_password.toCharArray();
  79                         ks.load(fin, pwd);
  80                         kmf.init(ks, pwd);
  81                         ***/
  82
  83                         String alg = TrustManagerFactory.getDefaultAlgorithm();
  84                         TrustManagerFactory tmf = TrustManagerFactory.getInstance(alg);
  85                         FileInputStream tin = new FileInputStream(truststore_path);
  86                         KeyStore ts = KeyStore.getInstance("PKCS12");
  87                         char[] tpwd = truststore_password.toCharArray();
  88                         ts.load(tin, tpwd);
  89                         tmf.init(ts);
  90
  91                         //ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
  92                         // Updating key manager to null, to disable two way SSL
  93                         ctx.init(null, tmf.getTrustManagers(), null);
  94
  95                         config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
  96                                                                         new HTTPSProperties( new HostnameVerifier() {
  97                                 @Override
  98                                 public boolean verify( String s, SSLSession sslSession ) {
  99                                         return true;
 100                                 }
 101                         }, ctx));
 102
 103                         client = Client.create(config);
 104                         // uncomment this line to get more logging for the request/response
 105                         // client.addFilter(new LoggingFilter(System.out));
 106                 } catch (Exception e) {
 107                         throw e;
 108                 }
 109                 return client;
 110         }
 111
 112 }