ves-nf-oam-adopter/ves-nf-oam-adopter-app/src/main/java/org/o/ran/oam/nf/oam/adopter/app/http/HttpCientFactory.java

   1 /*
   2  *  ============LICENSE_START=======================================================
   3  *  O-RAN-SC
   4  *  ================================================================================
   5  *  Copyright © 2021 AT&T Intellectual Property. All rights reserved.
   6  *  ================================================================================
   7  *  Licensed under the Apache License, Version 2.0 (the "License");
   8  *  you may not use this file except in compliance with the License.
   9  *  You may obtain a copy of the License at
  10  *        http://www.apache.org/licenses/LICENSE-2.0
  11  *
  12  *  Unless required by applicable law or agreed to in writing, software
  13  *  distributed under the License is distributed on an "AS IS" BASIS,
  14  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15  *  See the License for the specific language governing permissions and
  16  *  limitations under the License.
  17  *  ============LICENSE_END=========================================================
  18  */
  19
  20 package org.o.ran.oam.nf.oam.adopter.app.http;
  21
  22 import com.google.common.base.Strings;
  23 import java.io.File;
  24 import java.io.IOException;
  25 import java.security.KeyManagementException;
  26 import java.security.KeyStoreException;
  27 import java.security.NoSuchAlgorithmException;
  28 import java.security.cert.CertificateException;
  29 import javax.net.ssl.SSLContext;
  30 import lombok.AccessLevel;
  31 import lombok.NoArgsConstructor;
  32 import org.apache.hc.client5.http.config.RequestConfig;
  33 import org.apache.hc.client5.http.cookie.StandardCookieSpec;
  34 import org.apache.hc.client5.http.impl.async.CloseableHttpAsyncClient;
  35 import org.apache.hc.client5.http.impl.async.HttpAsyncClients;
  36 import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager;
  37 import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
  38 import org.apache.hc.client5.http.ssl.ClientTlsStrategyBuilder;
  39 import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
  40 import org.apache.hc.client5.http.ssl.TrustAllStrategy;
  41 import org.apache.hc.core5.http2.HttpVersionPolicy;
  42 import org.apache.hc.core5.ssl.SSLContextBuilder;
  43 import org.apache.hc.core5.ssl.SSLContexts;
  44 import org.apache.hc.core5.util.Timeout;
  45 import org.slf4j.Logger;
  46 import org.slf4j.LoggerFactory;
  47
  48 @NoArgsConstructor(access = AccessLevel.PRIVATE)
  49 public final class HttpCientFactory {
  50     private static final Logger LOG = LoggerFactory.getLogger(HttpCientFactory.class);
  51
  52     /**
  53      * Generates a CloseableHttpAsyncClient.
  54      */
  55     public static CloseableHttpAsyncClient createClient(final String trustStore,
  56             final String trustStorePassword, final Long conectionTimeout, final Long responseTimeout)
  57             throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException,
  58             CertificateException {
  59         if (Strings.isNullOrEmpty(trustStore) || Strings.isNullOrEmpty(trustStorePassword)) {
  60             return trustAllCertificate(conectionTimeout, responseTimeout);
  61         }
  62         final File trustStoreFilePath = new File(trustStore);
  63         if (!trustStoreFilePath.exists() || trustStoreFilePath.isDirectory()) {
  64             return trustAllCertificate(conectionTimeout, responseTimeout);
  65         }
  66
  67         final SSLContext sslContext = getSslContext(trustStoreFilePath, trustStorePassword);
  68         return trustTrustStore(sslContext, conectionTimeout, responseTimeout);
  69     }
  70
  71     private static SSLContext getSslContext(final File trustStoreFilePath, final String trustStorePassword)
  72             throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException,
  73             KeyManagementException {
  74         return new SSLContextBuilder()
  75                 .loadTrustMaterial(trustStoreFilePath.toURI().toURL(), trustStorePassword.toCharArray())
  76                 .build();
  77     }
  78
  79     private static CloseableHttpAsyncClient trustTrustStore(final SSLContext sslContext,
  80             final Long conectionTimeout, final Long responseTimeout) {
  81         LOG.info("Trust all certificates under truststore");
  82         final PoolingAsyncClientConnectionManager connectionManager =
  83                 PoolingAsyncClientConnectionManagerBuilder.create().setTlsStrategy(
  84                         ClientTlsStrategyBuilder.create()
  85                                 .setSslContext(sslContext)
  86                                 .setHostnameVerifier(NoopHostnameVerifier.INSTANCE)
  87                                 .build())
  88                         .build();
  89
  90         return HttpAsyncClients.custom()
  91                 .setConnectionManager(connectionManager)
  92                 .setDefaultRequestConfig(createDefaultRequestConfig(conectionTimeout, responseTimeout))
  93                 .setVersionPolicy(HttpVersionPolicy.NEGOTIATE)
  94                 .build();
  95     }
  96
  97     private static RequestConfig createDefaultRequestConfig(final Long conectionTimeout, final Long responseTimeout) {
  98         return RequestConfig.custom()
  99                 .setConnectTimeout(Timeout.ofSeconds(conectionTimeout))
 100                 .setResponseTimeout(Timeout.ofSeconds(responseTimeout))
 101                 .setCookieSpec(StandardCookieSpec.STRICT)
 102                 .build();
 103     }
 104
 105     private static CloseableHttpAsyncClient trustAllCertificate(final Long conectionTimeout, final Long responseTimeout)
 106             throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
 107         LOG.info("Trust all SSL certificates");
 108         final SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(new TrustAllStrategy()).build();
 109         final PoolingAsyncClientConnectionManager connectionManager =
 110                 PoolingAsyncClientConnectionManagerBuilder.create()
 111                         .setTlsStrategy(ClientTlsStrategyBuilder.create()
 112                                 .setSslContext(sslContext)
 113                                 .setHostnameVerifier(NoopHostnameVerifier.INSTANCE)
 114                                 .build())
 115                         .build();
 116
 117         return HttpAsyncClients.custom()
 118                 .setConnectionManager(connectionManager)
 119                 .setDefaultRequestConfig(createDefaultRequestConfig(conectionTimeout, responseTimeout))
 120                 .setVersionPolicy(HttpVersionPolicy.NEGOTIATE)
 121                 .build();
 122     }
 123 }