2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2021 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 * ============LICENSE_END=========================================================
20 package org.o.ran.oam.nf.oam.adopter.app.http;
22 import com.google.common.base.Strings;
24 import java.io.IOException;
25 import java.security.KeyManagementException;
26 import java.security.KeyStoreException;
27 import java.security.NoSuchAlgorithmException;
28 import java.security.cert.CertificateException;
29 import javax.net.ssl.SSLContext;
30 import lombok.AccessLevel;
31 import lombok.NoArgsConstructor;
32 import org.apache.hc.client5.http.config.RequestConfig;
33 import org.apache.hc.client5.http.cookie.StandardCookieSpec;
34 import org.apache.hc.client5.http.impl.async.CloseableHttpAsyncClient;
35 import org.apache.hc.client5.http.impl.async.HttpAsyncClients;
36 import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager;
37 import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
38 import org.apache.hc.client5.http.ssl.ClientTlsStrategyBuilder;
39 import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
40 import org.apache.hc.client5.http.ssl.TrustAllStrategy;
41 import org.apache.hc.core5.http2.HttpVersionPolicy;
42 import org.apache.hc.core5.ssl.SSLContextBuilder;
43 import org.apache.hc.core5.ssl.SSLContexts;
44 import org.apache.hc.core5.util.Timeout;
45 import org.slf4j.Logger;
46 import org.slf4j.LoggerFactory;
48 @NoArgsConstructor(access = AccessLevel.PRIVATE)
49 public final class HttpCientFactory {
50 private static final Logger LOG = LoggerFactory.getLogger(HttpCientFactory.class);
53 * Generates a CloseableHttpAsyncClient.
55 public static CloseableHttpAsyncClient createClient(final String trustStore,
56 final String trustStorePassword, final Long conectionTimeout, final Long responseTimeout)
57 throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException,
58 CertificateException {
59 if (Strings.isNullOrEmpty(trustStore) || Strings.isNullOrEmpty(trustStorePassword)) {
60 return trustAllCertificate(conectionTimeout, responseTimeout);
62 final File trustStoreFilePath = new File(trustStore);
63 if (!trustStoreFilePath.exists() || trustStoreFilePath.isDirectory()) {
64 return trustAllCertificate(conectionTimeout, responseTimeout);
67 final SSLContext sslContext = getSslContext(trustStoreFilePath, trustStorePassword);
68 return trustTrustStore(sslContext, conectionTimeout, responseTimeout);
71 private static SSLContext getSslContext(final File trustStoreFilePath, final String trustStorePassword)
72 throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException,
73 KeyManagementException {
74 return new SSLContextBuilder()
75 .loadTrustMaterial(trustStoreFilePath.toURI().toURL(), trustStorePassword.toCharArray())
79 private static CloseableHttpAsyncClient trustTrustStore(final SSLContext sslContext,
80 final Long conectionTimeout, final Long responseTimeout) {
81 LOG.info("Trust all certificates under truststore");
82 final PoolingAsyncClientConnectionManager connectionManager =
83 PoolingAsyncClientConnectionManagerBuilder.create().setTlsStrategy(
84 ClientTlsStrategyBuilder.create()
85 .setSslContext(sslContext)
86 .setHostnameVerifier(NoopHostnameVerifier.INSTANCE)
90 return HttpAsyncClients.custom()
91 .setConnectionManager(connectionManager)
92 .setDefaultRequestConfig(createDefaultRequestConfig(conectionTimeout, responseTimeout))
93 .setVersionPolicy(HttpVersionPolicy.NEGOTIATE)
97 private static RequestConfig createDefaultRequestConfig(final Long conectionTimeout, final Long responseTimeout) {
98 return RequestConfig.custom()
99 .setConnectTimeout(Timeout.ofSeconds(conectionTimeout))
100 .setResponseTimeout(Timeout.ofSeconds(responseTimeout))
101 .setCookieSpec(StandardCookieSpec.STRICT)
105 private static CloseableHttpAsyncClient trustAllCertificate(final Long conectionTimeout, final Long responseTimeout)
106 throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
107 LOG.info("Trust all SSL certificates");
108 final SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(new TrustAllStrategy()).build();
109 final PoolingAsyncClientConnectionManager connectionManager =
110 PoolingAsyncClientConnectionManagerBuilder.create()
111 .setTlsStrategy(ClientTlsStrategyBuilder.create()
112 .setSslContext(sslContext)
113 .setHostnameVerifier(NoopHostnameVerifier.INSTANCE)
117 return HttpAsyncClients.custom()
118 .setConnectionManager(connectionManager)
119 .setDefaultRequestConfig(createDefaultRequestConfig(conectionTimeout, responseTimeout))
120 .setVersionPolicy(HttpVersionPolicy.NEGOTIATE)