Code Review / dcaegen2 / analytics / tca-gen2.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: f19a66a)
Fix AAI connection issues 90/122490/1
authorRemigiusz Janeczek <remigiusz.janeczek@nokia.com>
Wed, 7 Jul 2021 12:28:17 +0000 (14:28 +0200)
committerRemigiusz Janeczek <remigiusz.janeczek@nokia.com>
Wed, 7 Jul 2021 12:28:17 +0000 (14:28 +0200)
Remove "ECOMP" from http headers
Add loading of AAF TrustStore for SslContext

Issue-ID: DCAEGEN2-2831
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I54dbae61f92361f1a7ecdae5f9dc8f7ab7fee46c

dcae-analytics/dcae-analytics-model/src/main/java/org/onap/dcae/analytics/model/AnalyticsHttpConstants.java patch | blob | history
dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java patch | blob | history

diff --git a/dcae-analytics/dcae-analytics-model/src/main/java/org/onap/dcae/analytics/model/AnalyticsHttpConstants.java b/dcae-analytics/dcae-analytics-model/src/main/java/org/onap/dcae/analytics/model/AnalyticsHttpConstants.java
index 421e158..17b8cb8 100644 (file)
--- a/dcae-analytics/dcae-analytics-model/src/main/java/org/onap/dcae/analytics/model/AnalyticsHttpConstants.java
+++ b/dcae-analytics/dcae-analytics-model/src/main/java/org/onap/dcae/analytics/model/AnalyticsHttpConstants.java
@@ -26,9 +26,9 @@ package org.onap.dcae.analytics.model;
  */
 public abstract class AnalyticsHttpConstants {
 
-    public static final String REQUEST_ID_HEADER_KEY = "X-ECOMP-RequestID";
-    public static final String REQUEST_TRANSACTION_ID_HEADER_KEY = "X-ECOMP-TransactionID";
-    public static final String REQUEST_APP_NAME_HEADER_KEY = "X-ECOMP-FromAppID";
+    public static final String REQUEST_ID_HEADER_KEY = "X-RequestID";
+    public static final String REQUEST_TRANSACTION_ID_HEADER_KEY = "X-TransactionID";
+    public static final String REQUEST_APP_NAME_HEADER_KEY = "X-FromAppID";
     public static final String REQUEST_BEGIN_TS_HEADER_KEY = "X-Begin-Timestamp";
     public static final String REQUEST_END_TS_HEADER_KEY = "X-End-Timestamp";
 
diff --git a/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java b/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java
index c5f66be..73a9539 100644 (file)
--- a/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java
+++ b/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java
@@ -20,6 +20,7 @@
 package org.onap.dcae.analytics.web.http;
 
 
+import java.io.File;
 import java.io.IOException;
 import java.net.URL;
 import java.security.KeyManagementException;
@@ -46,6 +47,8 @@ import org.apache.http.ssl.SSLContextBuilder;
 import org.onap.dcae.analytics.model.AnalyticsHttpConstants;
 import org.onap.dcae.analytics.model.util.function.StringToURLFunction;
 import org.onap.dcae.analytics.web.util.AnalyticsWebUtils;
+import org.onap.dcaegen2.services.sdk.security.ssl.Password;
+import org.onap.dcaegen2.services.sdk.security.ssl.Passwords;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.web.client.RestTemplateCustomizer;
@@ -221,6 +224,7 @@ public class HttpClientPreferencesCustomizer<T extends HttpClientPreferences> im
 
         if (!ignoreSSLValidation) {
             logger.info("SSL Validation will be enforced for Http Client Id: {}", httpClientId);
+            setSslContextFromEnvironment(httpClientBuilder);
             return;
         }
 
@@ -236,6 +240,30 @@ public class HttpClientPreferencesCustomizer<T extends HttpClientPreferences> im
 
     }
 
+    private void setSslContextFromEnvironment(HttpClientBuilder httpClientBuilder) {
+        final String caCertPath = System.getenv("DCAE_CA_CERTPATH");
+        if (!StringUtils.hasText(caCertPath)) {
+            return;
+        }
+        final SSLContextBuilder sslContextBuilder = new SSLContextBuilder();
+        final String truststoreFilename = "trust.jks";
+        final String truststorePassFilename = "trust.pass";
+        final String certDirPath = caCertPath.substring(0, caCertPath.lastIndexOf("/"));
+        final File truststoreFile = new File(certDirPath, truststoreFilename);
+        final File truststorePassFile = new File(certDirPath, truststorePassFilename);
+        final Password password = Passwords.fromFile(truststorePassFile);
+        password.use(chars -> {
+            try {
+                sslContextBuilder.loadTrustMaterial(truststoreFile, chars);
+                httpClientBuilder.setSSLContext(sslContextBuilder.build());
+            } catch (NoSuchAlgorithmException | KeyStoreException | CertificateException | IOException |
+                KeyManagementException e) {
+                logger.warn("Could not load trusted certificates from environment");
+            }
+            return null;
+        });
+    }
+
 
     /**
      * Header Request Interceptor adds defaults headers if not set explicitly
Standalone (SA) TCA