2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2018 AT&T Intellectual Property. All rights
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END============================================
20 * ===================================================================
23 package org.onap.clamp.clds.config;
25 import java.io.IOException;
27 import java.security.KeyManagementException;
28 import java.security.KeyStore;
29 import java.security.KeyStoreException;
30 import java.security.NoSuchAlgorithmException;
31 import java.security.cert.CertificateException;
32 import javax.net.ssl.SSLContext;
33 import javax.net.ssl.TrustManagerFactory;
34 import org.apache.camel.CamelContext;
35 import org.apache.camel.builder.RouteBuilder;
36 import org.apache.camel.component.http4.HttpClientConfigurer;
37 import org.apache.camel.component.http4.HttpComponent;
38 import org.apache.camel.model.rest.RestBindingMode;
39 import org.apache.http.config.Registry;
40 import org.apache.http.config.RegistryBuilder;
41 import org.apache.http.conn.scheme.Scheme;
42 import org.apache.http.conn.scheme.SchemeRegistry;
43 import org.apache.http.conn.socket.ConnectionSocketFactory;
44 import org.apache.http.conn.socket.PlainConnectionSocketFactory;
45 import org.apache.http.conn.ssl.SSLSocketFactory;
46 import org.apache.http.impl.client.HttpClientBuilder;
47 import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
48 import org.onap.clamp.clds.util.ClampVersioning;
49 import org.onap.clamp.clds.util.ResourceFileUtils;
50 import org.onap.clamp.util.PassDecoder;
51 import org.springframework.beans.factory.annotation.Autowired;
52 import org.springframework.core.env.Environment;
53 import org.springframework.stereotype.Component;
56 public class CamelConfiguration extends RouteBuilder {
59 CamelContext camelContext;
62 private Environment env;
64 private void configureDefaultSslProperties() throws IOException {
65 if (env.getProperty("server.ssl.trust-store") != null) {
66 URL storeResource = Thread.currentThread().getContextClassLoader()
67 .getResource(env.getProperty("server.ssl.trust-store").replaceFirst("classpath:", ""));
68 System.setProperty("javax.net.ssl.trustStore", storeResource.getPath());
69 String keyFile = env.getProperty("clamp.config.keyFile");
70 String trustStorePass = PassDecoder.decode(env.getProperty("server.ssl.trust-store-password"),
72 System.setProperty("javax.net.ssl.trustStorePassword", trustStorePass);
73 System.setProperty("javax.net.ssl.trustStoreType", "jks");
74 System.setProperty("ssl.TrustManagerFactory.algorithm", "PKIX");
75 storeResource = Thread.currentThread().getContextClassLoader()
76 .getResource(env.getProperty("server.ssl.key-store").replaceFirst("classpath:", ""));
77 System.setProperty("javax.net.ssl.keyStore", storeResource.getPath());
79 String keyStorePass = PassDecoder.decode(env.getProperty("server.ssl.key-store-password"),
81 System.setProperty("javax.net.ssl.keyStorePassword", keyStorePass);
82 System.setProperty("javax.net.ssl.keyStoreType", env.getProperty("server.ssl.key-store-type"));
86 private void registerTrustStore()
87 throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException, CertificateException, IOException {
88 if (env.getProperty("server.ssl.trust-store") != null) {
89 KeyStore truststore = KeyStore.getInstance("JKS");
90 String keyFile = env.getProperty("clamp.config.keyFile");
91 String password = PassDecoder.decode(env.getProperty("server.ssl.trust-store-password"), keyFile);
93 ResourceFileUtils.getResourceAsStream(env.getProperty("server.ssl.trust-store")),
94 password.toCharArray());
96 TrustManagerFactory trustFactory = TrustManagerFactory.getInstance("PKIX");
97 trustFactory.init(truststore);
98 SSLContext sslcontext = SSLContext.getInstance("TLS");
99 sslcontext.init(null, trustFactory.getTrustManagers(), null);
100 SSLSocketFactory factory = new SSLSocketFactory(sslcontext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
101 SchemeRegistry registry = new SchemeRegistry();
102 final Scheme scheme = new Scheme("https4", 443, factory);
103 registry.register(scheme);
104 ConnectionSocketFactory plainsf = PlainConnectionSocketFactory.getSocketFactory();
105 HttpComponent http4 = camelContext.getComponent("https4", HttpComponent.class);
106 http4.setHttpClientConfigurer(new HttpClientConfigurer() {
109 public void configureHttpClient(HttpClientBuilder builder) {
110 builder.setSSLSocketFactory(factory);
111 Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
112 .register("https", factory).register("http", plainsf).build();
113 builder.setConnectionManager(new BasicHttpClientConnectionManager(registry));
120 public void configure()
121 throws KeyManagementException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
122 restConfiguration().component("servlet").bindingMode(RestBindingMode.json).jsonDataFormat("clamp-gson")
123 .dataFormatProperty("prettyPrint", "true")// .enableCORS(true)
124 // turn on swagger api-doc
125 .apiContextPath("api-doc").apiVendorExtension(true).apiProperty("api.title", "Clamp Rest API")
126 .apiProperty("api.version", ClampVersioning.getCldsVersionFromProps())
127 .apiProperty("base.path", "/restservices/clds/");
129 // camelContext.setTracing(true);
131 configureDefaultSslProperties();
132 registerTrustStore();
Code Review / clamp.git / blob