X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=ves-nf-oam-adopter%2Fves-nf-oam-adopter-app%2Fsrc%2Fmain%2Fjava%2Forg%2Fo%2Fran%2Foam%2Fnf%2Foam%2Fadopter%2Fapp%2Fhttp%2FHttpCientFactory.java;fp=ves-nf-oam-adopter%2Fves-nf-oam-adopter-app%2Fsrc%2Fmain%2Fjava%2Forg%2Fo%2Fran%2Foam%2Fnf%2Foam%2Fadopter%2Fapp%2Fhttp%2FHttpCientFactory.java;h=073a62212f528c5e0b632e94a46cf2ec65ba5ab6;hb=e4d3cdf5d8679fdad10e12d16d0913b9754049a4;hp=0000000000000000000000000000000000000000;hpb=5868c88405a5057923095e84b225adc23feef84b;p=oam%2Fnf-oam-adopter.git

diff --git a/ves-nf-oam-adopter/ves-nf-oam-adopter-app/src/main/java/org/o/ran/oam/nf/oam/adopter/app/http/HttpCientFactory.java b/ves-nf-oam-adopter/ves-nf-oam-adopter-app/src/main/java/org/o/ran/oam/nf/oam/adopter/app/http/HttpCientFactory.java
new file mode 100644
index 0000000..073a622
--- /dev/null
+++ b/ves-nf-oam-adopter/ves-nf-oam-adopter-app/src/main/java/org/o/ran/oam/nf/oam/adopter/app/http/HttpCientFactory.java
@@ -0,0 +1,123 @@
+/*
+ *  ============LICENSE_START=======================================================
+ *  O-RAN-SC
+ *  ================================================================================
+ *  Copyright Â© 2021 AT&T Intellectual Property. All rights reserved.
+ *  ================================================================================
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *  ============LICENSE_END=========================================================
+ */
+
+package org.o.ran.oam.nf.oam.adopter.app.http;
+
+import com.google.common.base.Strings;
+import java.io.File;
+import java.io.IOException;
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import javax.net.ssl.SSLContext;
+import lombok.AccessLevel;
+import lombok.NoArgsConstructor;
+import org.apache.hc.client5.http.config.RequestConfig;
+import org.apache.hc.client5.http.cookie.StandardCookieSpec;
+import org.apache.hc.client5.http.impl.async.CloseableHttpAsyncClient;
+import org.apache.hc.client5.http.impl.async.HttpAsyncClients;
+import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager;
+import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
+import org.apache.hc.client5.http.ssl.ClientTlsStrategyBuilder;
+import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
+import org.apache.hc.client5.http.ssl.TrustAllStrategy;
+import org.apache.hc.core5.http2.HttpVersionPolicy;
+import org.apache.hc.core5.ssl.SSLContextBuilder;
+import org.apache.hc.core5.ssl.SSLContexts;
+import org.apache.hc.core5.util.Timeout;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+@NoArgsConstructor(access = AccessLevel.PRIVATE)
+public final class HttpCientFactory {
+    private static final Logger LOG = LoggerFactory.getLogger(HttpCientFactory.class);
+
+    /**
+     * Generates a CloseableHttpAsyncClient.
+     */
+    public static CloseableHttpAsyncClient createClient(final String trustStore,
+            final String trustStorePassword, final Long conectionTimeout, final Long responseTimeout)
+            throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException,
+            CertificateException {
+        if (Strings.isNullOrEmpty(trustStore) || Strings.isNullOrEmpty(trustStorePassword)) {
+            return trustAllCertificate(conectionTimeout, responseTimeout);
+        }
+        final File trustStoreFilePath = new File(trustStore);
+        if (!trustStoreFilePath.exists() || trustStoreFilePath.isDirectory()) {
+            return trustAllCertificate(conectionTimeout, responseTimeout);
+        }
+
+        final SSLContext sslContext = getSslContext(trustStoreFilePath, trustStorePassword);
+        return trustTrustStore(sslContext, conectionTimeout, responseTimeout);
+    }
+
+    private static SSLContext getSslContext(final File trustStoreFilePath, final String trustStorePassword)
+            throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException,
+            KeyManagementException {
+        return new SSLContextBuilder()
+                .loadTrustMaterial(trustStoreFilePath.toURI().toURL(), trustStorePassword.toCharArray())
+                .build();
+    }
+
+    private static CloseableHttpAsyncClient trustTrustStore(final SSLContext sslContext,
+            final Long conectionTimeout, final Long responseTimeout) {
+        LOG.info("Trust all certificates under truststore");
+        final PoolingAsyncClientConnectionManager connectionManager =
+                PoolingAsyncClientConnectionManagerBuilder.create().setTlsStrategy(
+                        ClientTlsStrategyBuilder.create()
+                                .setSslContext(sslContext)
+                                .setHostnameVerifier(NoopHostnameVerifier.INSTANCE)
+                                .build())
+                        .build();
+
+        return HttpAsyncClients.custom()
+                .setConnectionManager(connectionManager)
+                .setDefaultRequestConfig(createDefaultRequestConfig(conectionTimeout, responseTimeout))
+                .setVersionPolicy(HttpVersionPolicy.NEGOTIATE)
+                .build();
+    }
+
+    private static RequestConfig createDefaultRequestConfig(final Long conectionTimeout, final Long responseTimeout) {
+        return RequestConfig.custom()
+                .setConnectTimeout(Timeout.ofSeconds(conectionTimeout))
+                .setResponseTimeout(Timeout.ofSeconds(responseTimeout))
+                .setCookieSpec(StandardCookieSpec.STRICT)
+                .build();
+    }
+
+    private static CloseableHttpAsyncClient trustAllCertificate(final Long conectionTimeout, final Long responseTimeout)
+            throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
+        LOG.info("Trust all SSL certificates");
+        final SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(new TrustAllStrategy()).build();
+        final PoolingAsyncClientConnectionManager connectionManager =
+                PoolingAsyncClientConnectionManagerBuilder.create()
+                        .setTlsStrategy(ClientTlsStrategyBuilder.create()
+                                .setSslContext(sslContext)
+                                .setHostnameVerifier(NoopHostnameVerifier.INSTANCE)
+                                .build())
+                        .build();
+
+        return HttpAsyncClients.custom()
+                .setConnectionManager(connectionManager)
+                .setDefaultRequestConfig(createDefaultRequestConfig(conectionTimeout, responseTimeout))
+                .setVersionPolicy(HttpVersionPolicy.NEGOTIATE)
+                .build();
+    }
+}