X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=policy-agent%2Fsrc%2Fmain%2Fjava%2Forg%2Foransc%2Fpolicyagent%2Fclients%2FAsyncRestClient.java;h=b292c519387037359319e8b4d77208297c3aa024;hb=5a7560b9906f08ba2a47daace7da78484188aed7;hp=cefc7ca8eae16d7c8a9c8342a1f343f65644f614;hpb=6d503afd38bdf9823bda3dfe3d307adaeb6f7eee;p=nonrtric.git diff --git a/policy-agent/src/main/java/org/oransc/policyagent/clients/AsyncRestClient.java b/policy-agent/src/main/java/org/oransc/policyagent/clients/AsyncRestClient.java index cefc7ca8..b292c519 100644 --- a/policy-agent/src/main/java/org/oransc/policyagent/clients/AsyncRestClient.java +++ b/policy-agent/src/main/java/org/oransc/policyagent/clients/AsyncRestClient.java @@ -50,12 +50,14 @@ import org.springframework.http.ResponseEntity; import org.springframework.http.client.reactive.ReactorClientHttpConnector; import org.springframework.lang.Nullable; import org.springframework.util.ResourceUtils; +import org.springframework.web.reactive.function.client.ExchangeStrategies; import org.springframework.web.reactive.function.client.WebClient; import org.springframework.web.reactive.function.client.WebClient.RequestHeadersSpec; import org.springframework.web.reactive.function.client.WebClientResponseException; import reactor.core.publisher.Mono; import reactor.netty.http.client.HttpClient; +import reactor.netty.resources.ConnectionProvider; import reactor.netty.tcp.TcpClient; /** @@ -67,6 +69,7 @@ public class AsyncRestClient { private final String baseUrl; private static final AtomicInteger sequenceNumber = new AtomicInteger(); private final WebClientConfig clientConfig; + static KeyStore clientTrustStore = null; public AsyncRestClient(String baseUrl) { this(baseUrl, @@ -176,9 +179,10 @@ public class AsyncRestClient { } private Mono> retrieve(Object traceTag, RequestHeadersSpec request) { + final Class clazz = String.class; return request.retrieve() // - .toEntity(String.class) // - .doOnNext(entity -> logger.trace("{} Received: {}", traceTag, entity.getBody())) + .toEntity(clazz) // + .doOnNext(entity -> logger.trace("{} Received: {}", traceTag, entity.getBody())) // .doOnError(throwable -> onHttpError(traceTag, throwable)); } @@ -192,7 +196,7 @@ public class AsyncRestClient { logger.debug("{} HTTP error status = '{}', body '{}'", traceTag, exception.getStatusCode(), exception.getResponseBodyAsString()); } else { - logger.debug("{} HTTP error: {}", traceTag, t.getMessage()); + logger.debug("{} HTTP error", traceTag, t); } } @@ -222,12 +226,20 @@ public class AsyncRestClient { } } - SslContext createSslContextSecure(String trustStorePath, String trustStorePass) + private static synchronized KeyStore getTrustStore(String trustStorePath, String trustStorePass) throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException { + if (clientTrustStore == null) { + KeyStore store = KeyStore.getInstance(KeyStore.getDefaultType()); + store.load(new FileInputStream(ResourceUtils.getFile(trustStorePath)), trustStorePass.toCharArray()); + clientTrustStore = store; + } + return clientTrustStore; + } - final KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); - trustStore.load(new FileInputStream(ResourceUtils.getFile(trustStorePath)), trustStorePass.toCharArray()); + private SslContext createSslContextRejectingUntrustedPeers(String trustStorePath, String trustStorePass) + throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException { + final KeyStore trustStore = getTrustStore(trustStorePath, trustStorePass); List certificateList = Collections.list(trustStore.aliases()).stream() // .filter(alias -> isCertificateEntry(trustStore, alias)) // .map(alias -> getCertificate(trustStore, alias)) // @@ -242,8 +254,10 @@ public class AsyncRestClient { private SslContext createSslContext() throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException { if (this.clientConfig.isTrustStoreUsed()) { - return createSslContextSecure(this.clientConfig.trustStore(), this.clientConfig.trustStorePassword()); + return createSslContextRejectingUntrustedPeers(this.clientConfig.trustStore(), + this.clientConfig.trustStorePassword()); } else { + // Trust anyone return SslContextBuilder.forClient() // .trustManager(InsecureTrustManagerFactory.INSTANCE) // .build(); @@ -251,9 +265,11 @@ public class AsyncRestClient { } private WebClient createWebClient(String baseUrl, SslContext sslContext) { - TcpClient tcpClient = TcpClient.create() // + ConnectionProvider connectionProvider = ConnectionProvider.newConnection(); + TcpClient tcpClient = TcpClient.create(connectionProvider) // .option(ChannelOption.CONNECT_TIMEOUT_MILLIS, 10_000) // .secure(c -> c.sslContext(sslContext)) // + .doOnConnected(connection -> { connection.addHandlerLast(new ReadTimeoutHandler(30)); connection.addHandlerLast(new WriteTimeoutHandler(30)); @@ -261,9 +277,14 @@ public class AsyncRestClient { HttpClient httpClient = HttpClient.from(tcpClient); ReactorClientHttpConnector connector = new ReactorClientHttpConnector(httpClient); + ExchangeStrategies exchangeStrategies = ExchangeStrategies.builder() // + .codecs(configurer -> configurer.defaultCodecs().maxInMemorySize(-1)) // + .build(); + return WebClient.builder() // .clientConnector(connector) // .baseUrl(baseUrl) // + .exchangeStrategies(exchangeStrategies) // .build(); }