2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2018 AT&T Intellectual Property. All rights
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END============================================
20 * ===================================================================
23 package org.onap.clamp.clds.config;
25 import java.io.IOException;
27 import java.security.KeyManagementException;
28 import java.security.KeyStore;
29 import java.security.KeyStoreException;
30 import java.security.NoSuchAlgorithmException;
31 import java.security.cert.CertificateException;
33 import javax.net.ssl.SSLContext;
34 import javax.net.ssl.TrustManagerFactory;
36 import org.apache.camel.CamelContext;
37 import org.apache.camel.builder.RouteBuilder;
38 import org.apache.camel.component.http4.HttpClientConfigurer;
39 import org.apache.camel.component.http4.HttpComponent;
40 import org.apache.camel.model.rest.RestBindingMode;
41 import org.apache.http.config.Registry;
42 import org.apache.http.config.RegistryBuilder;
43 import org.apache.http.conn.scheme.Scheme;
44 import org.apache.http.conn.scheme.SchemeRegistry;
45 import org.apache.http.conn.socket.ConnectionSocketFactory;
46 import org.apache.http.conn.socket.PlainConnectionSocketFactory;
47 import org.apache.http.conn.ssl.SSLSocketFactory;
48 import org.apache.http.impl.client.HttpClientBuilder;
49 import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
50 import org.onap.clamp.clds.util.ClampVersioning;
51 import org.onap.clamp.util.PassDecoder;
52 import org.springframework.beans.factory.annotation.Autowired;
53 import org.springframework.core.env.Environment;
54 import org.springframework.stereotype.Component;
57 public class CamelConfiguration extends RouteBuilder {
60 CamelContext camelContext;
63 private Environment env;
65 private void configureDefaultSslProperties() throws IOException {
66 if (env.getProperty("server.ssl.trust-store") != null) {
67 URL storeResource = Thread.currentThread().getContextClassLoader()
68 .getResource(env.getProperty("server.ssl.trust-store").replaceAll("classpath:", ""));
69 System.setProperty("javax.net.ssl.trustStore", storeResource.getPath());
70 String keyFile = env.getProperty("clamp.config.keyFile");
71 String trustStorePass = PassDecoder.decode(env.getProperty("server.ssl.trust-store-password"),
73 System.setProperty("javax.net.ssl.trustStorePassword", trustStorePass);
74 System.setProperty("javax.net.ssl.trustStoreType", "jks");
75 System.setProperty("ssl.TrustManagerFactory.algorithm", "PKIX");
76 storeResource = Thread.currentThread().getContextClassLoader()
77 .getResource(env.getProperty("server.ssl.key-store").replaceAll("classpath:", ""));
78 System.setProperty("javax.net.ssl.keyStore", storeResource.getPath());
80 String keyStorePass = PassDecoder.decode(env.getProperty("server.ssl.key-store-password"),
82 System.setProperty("javax.net.ssl.keyStorePassword", keyStorePass);
83 System.setProperty("javax.net.ssl.keyStoreType", env.getProperty("server.ssl.key-store-type"));
87 private void registerTrustStore()
88 throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException, CertificateException, IOException {
89 if (env.getProperty("server.ssl.trust-store") != null) {
90 KeyStore truststore = KeyStore.getInstance("JKS");
91 String keyFile = env.getProperty("clamp.config.keyFile");
92 String password = PassDecoder.decode(env.getProperty("server.ssl.trust-store-password"), keyFile);
94 Thread.currentThread().getContextClassLoader()
95 .getResourceAsStream(env.getProperty("server.ssl.trust-store").replaceAll("classpath:", "")),
96 password.toCharArray());
98 TrustManagerFactory trustFactory = TrustManagerFactory.getInstance("PKIX");
99 trustFactory.init(truststore);
100 SSLContext sslcontext = SSLContext.getInstance("TLS");
101 sslcontext.init(null, trustFactory.getTrustManagers(), null);
102 SSLSocketFactory factory = new SSLSocketFactory(sslcontext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
103 SchemeRegistry registry = new SchemeRegistry();
104 final Scheme scheme = new Scheme("https4", 443, factory);
105 registry.register(scheme);
106 ConnectionSocketFactory plainsf = PlainConnectionSocketFactory.getSocketFactory();
107 HttpComponent http4 = camelContext.getComponent("https4", HttpComponent.class);
108 http4.setHttpClientConfigurer(new HttpClientConfigurer() {
111 public void configureHttpClient(HttpClientBuilder builder) {
112 builder.setSSLSocketFactory(factory);
113 Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
114 .register("https", factory).register("http", plainsf).build();
115 builder.setConnectionManager(new BasicHttpClientConnectionManager(registry));
122 public void configure()
123 throws KeyManagementException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
124 restConfiguration().component("servlet").bindingMode(RestBindingMode.json).jsonDataFormat("clamp-gson")
125 .dataFormatProperty("prettyPrint", "true")// .enableCORS(true)
126 // turn on swagger api-doc
127 .apiContextPath("api-doc").apiVendorExtension(true).apiProperty("api.title", "Clamp Rest API")
128 .apiProperty("api.version", ClampVersioning.getCldsVersionFromProps())
129 .apiProperty("base.path", "/restservices/clds/");
131 // camelContext.setTracing(true);
133 configureDefaultSslProperties();
134 registerTrustStore();