ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/client/HttpsBasicClient.java

   1 /*-
   2  * ============LICENSE_START==========================================
   3  * ONAP Portal
   4  * ===================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
   6  * ===================================================================
   7  * Modifications Copyright (c) 2019 Samsung
   8  * ===================================================================
   9  *
  10  * Unless otherwise specified, all software contained herein is licensed
  11  * under the Apache License, Version 2.0 (the "License");
  12  * you may not use this software except in compliance with the License.
  13  * You may obtain a copy of the License at
  14  *
  15  *             http://www.apache.org/licenses/LICENSE-2.0
  16  *
  17  * Unless required by applicable law or agreed to in writing, software
  18  * distributed under the License is distributed on an "AS IS" BASIS,
  19  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  20  * See the License for the specific language governing permissions and
  21  * limitations under the License.
  22  *
  23  * Unless otherwise specified, all documentation contained herein is licensed
  24  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
  25  * you may not use this documentation except in compliance with the License.
  26  * You may obtain a copy of the License at
  27  *
  28  *             https://creativecommons.org/licenses/by/4.0/
  29  *
  30  * Unless required by applicable law or agreed to in writing, documentation
  31  * distributed under the License is distributed on an "AS IS" BASIS,
  32  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  33  * See the License for the specific language governing permissions and
  34  * limitations under the License.
  35  *
  36  * ============LICENSE_END============================================
  37  *
  38  *
  39  */
  40
  41 package org.onap.portalapp.portal.scheduler.client;
  42
  43 import java.io.File;
  44 import java.text.SimpleDateFormat;
  45 import java.util.Date;
  46
  47 import javax.net.ssl.HostnameVerifier;
  48 import javax.net.ssl.HttpsURLConnection;
  49 import javax.net.ssl.SSLContext;
  50 import javax.net.ssl.SSLSession;
  51 import javax.ws.rs.client.Client;
  52 import javax.ws.rs.client.ClientBuilder;
  53
  54 import org.eclipse.jetty.util.security.Password;
  55 import org.glassfish.jersey.client.ClientConfig;
  56 import org.glassfish.jersey.client.ClientProperties;
  57 import org.onap.portalapp.portal.scheduler.SchedulerProperties;
  58 import org.onap.portalapp.portal.scheduler.util.CustomJacksonJaxBJsonProvider;
  59 import org.onap.portalapp.util.DateUtil;
  60 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
  61 import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
  62 import org.onap.portalsdk.core.onboarding.util.CipherUtil;
  63 import org.onap.portalsdk.core.onboarding.util.KeyConstants;
  64 import org.onap.portalsdk.core.onboarding.util.KeyProperties;
  65
  66  /**
  67   *  General SSL client using the VID tomcat keystore. It doesn't use client certificates.
  68   */
  69
  70 public class HttpsBasicClient{
  71
  72         /** The logger. */
  73         static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpsBasicClient.class);
  74
  75         /**
  76          * Retrieve an SSL client.
  77          *
  78          * @return Client The SSL client
  79          * @throws Exception the exception
  80          */
  81         public static Client getClient() throws Exception {
  82                 String methodName = "getClient";
  83                 ClientConfig config = new ClientConfig();
  84
  85
  86                 SSLContext ctx = null;
  87
  88                 try {
  89
  90                         SimpleDateFormat dateFormat = DateUtil.getDateFormat();
  91                         config.property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true);
  92
  93                         String truststorePath = SchedulerProperties.getProperty(SchedulerProperties.VID_TRUSTSTORE_FILENAME);
  94                         logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " "
  95                                 + "truststore_path=" +
  96                                 truststorePath);
  97                         String truststorePassword = SchedulerProperties.getProperty(SchedulerProperties.VID_TRUSTSTORE_PASSWD_X);
  98
  99
 100                         String decryptedTruststorePassword = null;
 101                         try {
 102                                         decryptedTruststorePassword = CipherUtil.decryptPKC(truststorePassword, KeyProperties.getProperty(KeyConstants.CIPHER_ENCRYPTION_KEY));
 103                                 }
 104                         catch (CipherUtilException e) {
 105                                 logger.error(EELFLoggerDelegate.errorLogger, "failed to decrypt; Using as is", e);
 106                                 decryptedTruststorePassword = truststorePassword;
 107                         }
 108
 109                         //logger.debug(dateFormat.format(new Date()) + " " + methodName + " decrypted_truststore_password=" + decrypted_truststore_password);
 110
 111                         File tr = new File (truststorePath);
 112                         logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " absolute "
 113                                 + "truststore path=" + tr.getAbsolutePath());
 114
 115                         //String keystore_path = certFilePath + AAIProperties.FILESEPARTOR + SystemProperties.getProperty(AAIProperties.AAI_KEYSTORE_FILENAME);
 116                         //String keystore_password = SystemProperties.getProperty(AAIProperties.AAI_KEYSTORE_PASSWD_X);
 117                         //String decrypted_keystore_password = EncryptedPropValue.decryptTriple(keystore_password);
 118
 119                     System.setProperty("javax.net.ssl.trustStore", truststorePath);
 120                     System.setProperty("javax.net.ssl.trustStorePassword", decryptedTruststorePassword);
 121                         HttpsURLConnection.setDefaultHostnameVerifier( new HostnameVerifier(){
 122                             public boolean verify(String string,SSLSession ssls) {
 123                                 return true;
 124                             }
 125                         });
 126
 127                         //May need to make the algorithm a parameter. MSO requires TLSv1.1      or TLSv1.2
 128                         ctx = SSLContext.getInstance("TLSv1.2");
 129
 130                         /*
 131                         KeyManagerFactory kmf = null;
 132                         try {
 133                                 kmf = KeyManagerFactory.getInstance("SunX509");
 134                                 FileInputStream fin = new FileInputStream(keystore_path);
 135                                 KeyStore ks = KeyStore.getInstance("PKCS12");
 136                                 char[] pwd = decrypted_keystore_password.toCharArray();
 137                                 ks.load(fin, pwd);
 138                                 kmf.init(ks, pwd);
 139                         } catch (Exception e) {
 140                                 System.out.println("Error setting up kmf: exiting");
 141                                 e.printStackTrace();
 142                                 System.exit(1);
 143                         }
 144
 145                         ctx.init(kmf.getKeyManagers(), null, null);
 146                         */
 147                         ctx.init(null, null, null);
 148
 149                         return ClientBuilder.newBuilder()
 150                                 .sslContext(ctx)
 151                                 .hostnameVerifier(new HostnameVerifier() {
 152                                         @Override
 153                                         public boolean verify( String s, SSLSession sslSession ) {
 154                                                 return true;
 155                                         }
 156                                 }).withConfig(config)
 157                                 .build()
 158                                 .register(CustomJacksonJaxBJsonProvider.class);
 159
 160         } catch (Exception e) {
 161             logger.debug(EELFLoggerDelegate.debugLogger, "Error setting up config: exiting", e);
 162             return null;
 163         }
 164     }
 165 }