Code Review / ccsdk / sli / plugins.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Restapi-call-node: Fix setting truststore, should not set system properties
[ccsdk/sli/plugins.git] / restapi-call-node / provider / src / main / java / org / onap / ccsdk / sli / plugins / restapicall / RestapiCallNode.java
diff --git a/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java b/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java
index b131301..5ca2ca8 100755 (executable)
--- a/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java
+++ b/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java
@@ -38,7 +38,6 @@ import java.net.URI;
 import java.net.URL;
 import java.nio.file.Files;
 import java.nio.file.Paths;
-import java.security.KeyStore;
 import java.util.ArrayList;
 import java.util.Base64;
 import java.util.Collections;
@@ -52,10 +51,7 @@ import java.util.Properties;
 import java.util.Set;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
-
 import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLContext;
 import javax.ws.rs.ProcessingException;
 import javax.ws.rs.client.Client;
 import javax.ws.rs.client.ClientBuilder;
@@ -226,12 +222,6 @@ public class RestapiCallNode implements SvcLogicJavaPlugin {
         String skipSendingStr = paramMap.get(skipSendingMessage);
         p.skipSending = "true".equalsIgnoreCase(skipSendingStr);
         p.convertResponse = valueOf(parseParam(paramMap, "convertResponse", false, "true"));
-        p.trustStoreFileName = parseParam(paramMap, "trustStoreFileName", false, null);
-        p.trustStorePassword = parseParam(paramMap, "trustStorePassword", false, null);
-        p.keyStoreFileName = parseParam(paramMap, "keyStoreFileName", false, null);
-        p.keyStorePassword = parseParam(paramMap, "keyStorePassword", false, null);
-        p.ssl = p.trustStoreFileName != null && p.trustStorePassword != null && p.keyStoreFileName != null
-            && p.keyStorePassword != null;
         p.customHttpHeaders = parseParam(paramMap, "customHttpHeaders", false, null);
         p.partner = parseParam(paramMap, "partner", false, null);
         p.dumpHeaders = valueOf(parseParam(paramMap, "dumpHeaders", false, null));
@@ -791,18 +781,9 @@ public class RestapiCallNode implements SvcLogicJavaPlugin {
      */
     public HttpResponse sendHttpRequest(String request, Parameters p) throws SvcLogicException {
 
-        SSLContext ssl = null;
-        if (p.ssl && p.restapiUrl.startsWith("https")) {
-            ssl = createSSLContext(p);
-        }
-        Client client;
+        HttpsURLConnection.setDefaultHostnameVerifier((string, ssls) -> true);
 
-        if (ssl != null) {
-            HttpsURLConnection.setDefaultSSLSocketFactory(ssl.getSocketFactory());
-            client = ClientBuilder.newBuilder().sslContext(ssl).hostnameVerifier((s, sslSession) -> true).build();
-        } else {
-            client = ClientBuilder.newBuilder().hostnameVerifier((s, sslSession) -> true).build();
-        }
+        Client client = ClientBuilder.newBuilder().hostnameVerifier((s, sslSession) -> true).build();
         setClientTimeouts(client);
         // Needed to support additional HTTP methods such as PATCH
         client.property(HttpUrlConnectorProvider.SET_METHOD_WORKAROUND, true);
@@ -925,29 +906,6 @@ public class RestapiCallNode implements SvcLogicJavaPlugin {
         return r;
     }
 
-    protected SSLContext createSSLContext(Parameters p) {
-        try (FileInputStream in = new FileInputStream(p.keyStoreFileName)) {
-            System.setProperty("jsse.enableSNIExtension", "false");
-            System.setProperty("javax.net.ssl.trustStore", p.trustStoreFileName);
-            System.setProperty("javax.net.ssl.trustStorePassword", p.trustStorePassword);
-
-            HttpsURLConnection.setDefaultHostnameVerifier((string, ssls) -> true);
-
-            KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
-            KeyStore ks = KeyStore.getInstance("PKCS12");
-            char[] pwd = p.keyStorePassword.toCharArray();
-            ks.load(in, pwd);
-            kmf.init(ks, pwd);
-
-            SSLContext ctx = SSLContext.getInstance("TLS");
-            ctx.init(kmf.getKeyManagers(), null, null);
-            return ctx;
-        } catch (Exception e) {
-            log.error("Error creating SSLContext: {}", e.getMessage(), e);
-        }
-        return null;
-    }
-
     protected void setFailureResponseStatus(SvcLogicContext ctx, String prefix, String errorMessage,
         HttpResponse resp) {
         resp.code = 500;
@@ -1265,7 +1223,7 @@ public class RestapiCallNode implements SvcLogicJavaPlugin {
     }
 
     protected static String[] getMultipleUrls(String restapiUrl) {
-        List<String> urls = new ArrayList<String>();
+        List<String> urls = new ArrayList<>();
         int start = 0;
         for (int i = 0; i < restapiUrl.length(); i++) {
             if (restapiUrl.charAt(i) == ',') {
Common plugins used by directed graphs