From 470500b80e966134abdd9abffa8ad239d75f9f13 Mon Sep 17 00:00:00 2001 From: ayyoob Date: Mon, 27 Feb 2017 16:44:21 +0530 Subject: [PATCH] added ssl context --- .../pom.xml | 3 +- .../client/OAuthRequestInterceptor.java | 7 +- .../client/publisher/PublisherClient.java | 5 +- .../integration/client/store/StoreClient.java | 5 +- .../client/util/PropertyUtils.java | 41 --------- .../apimgt/integration/client/util/Utils.java | 84 +++++++++++++++++++ 6 files changed, 95 insertions(+), 50 deletions(-) delete mode 100644 components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/PropertyUtils.java create mode 100644 components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/Utils.java diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/pom.xml b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/pom.xml index 5a9ada7d42..17130567e8 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/pom.xml +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/pom.xml @@ -68,7 +68,8 @@ io.swagger.annotations, org.wso2.carbon.core.util, javax.xml, - org.wso2.carbon.base + org.wso2.carbon.base, + javax.net.ssl jsr311-api, diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java index 2f893d74cb..e599a09154 100755 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java @@ -27,13 +27,12 @@ import org.wso2.carbon.apimgt.integration.client.internal.APIIntegrationClientDa import org.wso2.carbon.apimgt.integration.client.model.ClientProfile; import org.wso2.carbon.apimgt.integration.client.model.DCRClient; import org.wso2.carbon.apimgt.integration.client.model.OAuthApplication; -import org.wso2.carbon.apimgt.integration.client.util.PropertyUtils; +import org.wso2.carbon.apimgt.integration.client.util.Utils; import org.wso2.carbon.base.MultitenantConstants; import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.identity.jwt.client.extension.JWTClient; import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo; import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException; -import org.wso2.carbon.user.api.UserStoreException; import java.util.HashMap; import java.util.Map; @@ -59,10 +58,10 @@ public class OAuthRequestInterceptor implements RequestInterceptor { public OAuthRequestInterceptor() { String username = APIMConfigReader.getInstance().getConfig().getUsername(); String password = APIMConfigReader.getInstance().getConfig().getPassword(); - dcrClient = Feign.builder().requestInterceptor( + dcrClient = Feign.builder().client(Utils.getSSLClient()).requestInterceptor( new BasicAuthRequestInterceptor(username, password)) .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()) - .target(DCRClient.class, PropertyUtils.replaceProperties( + .target(DCRClient.class, Utils.replaceProperties( APIMConfigReader.getInstance().getConfig().getDcrEndpoint())); } diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/publisher/PublisherClient.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/publisher/PublisherClient.java index ab1e130954..9585d20ae4 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/publisher/PublisherClient.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/publisher/PublisherClient.java @@ -45,8 +45,9 @@ public class PublisherClient { * */ public PublisherClient(RequestInterceptor requestInterceptor) { - Feign.Builder builder = Feign.builder().requestInterceptor(requestInterceptor) - .encoder(new GsonEncoder()).decoder(new GsonDecoder()); + Feign.Builder builder = Feign.builder().client( + org.wso2.carbon.apimgt.integration.client.util.Utils.getSSLClient()).requestInterceptor( + requestInterceptor).encoder(new GsonEncoder()).decoder(new GsonDecoder()); String basePath = Utils.replaceSystemProperty(APIMConfigReader.getInstance().getConfig().getPublisherEndpoint()); api = builder.target(APIsApi.class, basePath); diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/store/StoreClient.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/store/StoreClient.java index da22e8ef7b..8bd83a729d 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/store/StoreClient.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/store/StoreClient.java @@ -45,8 +45,9 @@ public class StoreClient { public StoreClient(RequestInterceptor requestInterceptor) { - Feign.Builder builder = Feign.builder().requestInterceptor(requestInterceptor) - .encoder(new GsonEncoder()).decoder(new GsonDecoder()); + Feign.Builder builder = Feign.builder().client( + org.wso2.carbon.apimgt.integration.client.util.Utils.getSSLClient()).requestInterceptor( + requestInterceptor).encoder(new GsonEncoder()).decoder(new GsonDecoder()); String basePath = Utils.replaceSystemProperty(APIMConfigReader.getInstance().getConfig().getStoreEndpoint()); apis = builder.target(ApisAPIApi.class, basePath); diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/PropertyUtils.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/PropertyUtils.java deleted file mode 100644 index 83d162fdb4..0000000000 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/PropertyUtils.java +++ /dev/null @@ -1,41 +0,0 @@ -/* -* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -* -* WSO2 Inc. licenses this file to you under the Apache License, -* Version 2.0 (the "License"); you may not use this file except -* in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, -* software distributed under the License is distributed on an -* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -* KIND, either express or implied. See the License for the -* specific language governing permissions and limitations -* under the License. -*/ - -package org.wso2.carbon.apimgt.integration.client.util; - - -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -public class PropertyUtils { - - //This method is only used if the mb features are within DAS. - public static String replaceProperties(String text) { - String regex = "\\$\\{(.*?)\\}"; - Pattern pattern = Pattern.compile(regex); - Matcher matchPattern = pattern.matcher(text); - while (matchPattern.find()) { - String sysPropertyName = matchPattern.group(1); - String sysPropertyValue = System.getProperty(sysPropertyName); - if (sysPropertyValue != null && !sysPropertyName.isEmpty()) { - text = text.replaceAll("\\$\\{(" + sysPropertyName + ")\\}", sysPropertyValue); - } - } - return text; - } -} diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/Utils.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/Utils.java new file mode 100644 index 0000000000..9ed2640f1d --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/Utils.java @@ -0,0 +1,84 @@ +/* +* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +* +* WSO2 Inc. licenses this file to you under the Apache License, +* Version 2.0 (the "License"); you may not use this file except +* in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, +* software distributed under the License is distributed on an +* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +* KIND, either express or implied. See the License for the +* specific language governing permissions and limitations +* under the License. +*/ + +package org.wso2.carbon.apimgt.integration.client.util; + + +import feign.Client; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +public class Utils { + + //This method is only used if the mb features are within DAS. + public static String replaceProperties(String text) { + String regex = "\\$\\{(.*?)\\}"; + Pattern pattern = Pattern.compile(regex); + Matcher matchPattern = pattern.matcher(text); + while (matchPattern.find()) { + String sysPropertyName = matchPattern.group(1); + String sysPropertyValue = System.getProperty(sysPropertyName); + if (sysPropertyValue != null && !sysPropertyName.isEmpty()) { + text = text.replaceAll("\\$\\{(" + sysPropertyName + ")\\}", sysPropertyValue); + } + } + return text; + } + + public static Client getSSLClient() { + return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() { + @Override + public boolean verify(String s, SSLSession sslSession) { + return true; + } + }); + } + + private static SSLSocketFactory getTrustedSSLSocketFactory() { + try { + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + public void checkClientTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + public void checkServerTrusted( + java.security.cert.X509Certificate[] certs, String authType) { + } + } + }; + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + return sc.getSocketFactory(); + } catch (KeyManagementException | NoSuchAlgorithmException e) { + return null; + } + + } +}