Fix the SSL error when invoking internal API via HttpClient (#215)

Co-authored-by: Pahansith <pahansith@entgra.io>
Reviewed-on: community/device-mgt-core#215
revert
parent 320d012f5a
commit 0fbe062e49

@ -112,6 +112,11 @@
</build> </build>
<dependencies> <dependencies>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
</dependency>
<dependency> <dependency>
<groupId>org.eclipse.osgi</groupId> <groupId>org.eclipse.osgi</groupId>
<artifactId>org.eclipse.osgi</artifactId> <artifactId>org.eclipse.osgi</artifactId>

@ -26,18 +26,20 @@ import io.entgra.device.mgt.core.application.mgt.core.dao.VppApplicationDAO;
import io.entgra.device.mgt.core.application.mgt.core.exception.BadRequestException; import io.entgra.device.mgt.core.application.mgt.core.exception.BadRequestException;
import io.entgra.device.mgt.core.device.mgt.core.DeviceManagementConstants; import io.entgra.device.mgt.core.device.mgt.core.DeviceManagementConstants;
import io.entgra.device.mgt.core.application.mgt.core.exception.UnexpectedServerErrorException; import io.entgra.device.mgt.core.application.mgt.core.exception.UnexpectedServerErrorException;
import io.entgra.device.mgt.core.application.mgt.core.util.VppHttpUtil;
import io.entgra.device.mgt.core.device.mgt.extensions.logger.spi.EntgraLogger; import io.entgra.device.mgt.core.device.mgt.extensions.logger.spi.EntgraLogger;
import io.entgra.device.mgt.core.notification.logger.AppInstallLogContext; import io.entgra.device.mgt.core.notification.logger.AppInstallLogContext;
import io.entgra.device.mgt.core.notification.logger.impl.EntgraAppInstallLoggerImpl; import io.entgra.device.mgt.core.notification.logger.impl.EntgraAppInstallLoggerImpl;
import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.HttpMethodBase;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.methods.StringRequestEntity;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.json.JSONArray; import org.json.JSONArray;
import org.json.JSONObject; import org.json.JSONObject;
import io.entgra.device.mgt.core.apimgt.application.extension.dto.ApiApplicationKey; import io.entgra.device.mgt.core.apimgt.application.extension.dto.ApiApplicationKey;
@ -106,6 +108,9 @@ import java.io.InputStreamReader;
import java.net.HttpURLConnection; import java.net.HttpURLConnection;
import java.net.MalformedURLException; import java.net.MalformedURLException;
import java.net.URL; import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.HashMap; import java.util.HashMap;
@ -1297,38 +1302,37 @@ public class SubscriptionManagerImpl implements SubscriptionManager {
} }
} }
private int invokeIOTCoreAPI(HttpMethodBase request) throws UserStoreException, APIManagerException, IOException { private int invokeIOTCoreAPI(HttpPost request) throws UserStoreException, APIManagerException, IOException,
HttpClient httpClient; ApplicationManagementException {
CloseableHttpClient httpClient = getHttpClient();
String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(); String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
ApiApplicationKey apiApplicationKey = OAuthUtils.getClientCredentials(tenantDomain); ApiApplicationKey apiApplicationKey = OAuthUtils.getClientCredentials(tenantDomain);
String username = String username =
PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration() PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration()
.getAdminUserName() + Constants.ApplicationInstall.AT + tenantDomain; .getAdminUserName() + Constants.ApplicationInstall.AT + tenantDomain;
AccessTokenInfo tokenInfo = OAuthUtils.getOAuthCredentials(apiApplicationKey, username); AccessTokenInfo tokenInfo = OAuthUtils.getOAuthCredentials(apiApplicationKey, username);
request.addRequestHeader(Constants.ApplicationInstall.AUTHORIZATION, request.addHeader(Constants.ApplicationInstall.AUTHORIZATION,
Constants.ApplicationInstall.AUTHORIZATION_HEADER_VALUE + tokenInfo.getAccessToken()); Constants.ApplicationInstall.AUTHORIZATION_HEADER_VALUE + tokenInfo.getAccessToken());
httpClient = new HttpClient(); HttpResponse response = httpClient.execute(request);
httpClient.executeMethod(request); return response.getStatusLine().getStatusCode();
return request.getStatusCode();
} }
public int installEnrollmentApplications(ApplicationPolicyDTO applicationPolicyDTO) public int installEnrollmentApplications(ApplicationPolicyDTO applicationPolicyDTO)
throws ApplicationManagementException { throws ApplicationManagementException {
String requestUrl =null;
PostMethod request;
try { try {
String requestUrl = Constants.ApplicationInstall.ENROLLMENT_APP_INSTALL_PROTOCOL + System requestUrl = Constants.ApplicationInstall.ENROLLMENT_APP_INSTALL_PROTOCOL + System
.getProperty(Constants.ApplicationInstall.IOT_CORE_HOST) + Constants.ApplicationInstall.COLON .getProperty(Constants.ApplicationInstall.IOT_GATEWAY_HOST) + Constants.ApplicationInstall.COLON
+ System.getProperty(Constants.ApplicationInstall.IOT_CORE_PORT) + System.getProperty(Constants.ApplicationInstall.IOT_CORE_PORT)
+ Constants.ApplicationInstall.GOOGLE_APP_INSTALL_URL; + Constants.ApplicationInstall.GOOGLE_APP_INSTALL_URL;
Gson gson = new Gson(); Gson gson = new Gson();
String payload = gson.toJson(applicationPolicyDTO); String payload = gson.toJson(applicationPolicyDTO);
HttpPost httpPost = new HttpPost(requestUrl);
StringRequestEntity requestEntity = new StringRequestEntity(payload, MediaType.APPLICATION_JSON, StringEntity stringEntity = new StringEntity(payload, Constants.ApplicationInstall.ENCODING);
Constants.ApplicationInstall.ENCODING); httpPost.addHeader("Content-Type",MediaType.APPLICATION_JSON);
request = new PostMethod(requestUrl); httpPost.setEntity(stringEntity);
request.setRequestEntity(requestEntity); return invokeIOTCoreAPI(httpPost);
return invokeIOTCoreAPI(request);
} catch (UserStoreException e) { } catch (UserStoreException e) {
String msg = "Error while accessing user store for user with Android device."; String msg = "Error while accessing user store for user with Android device.";
log.error(msg, e); log.error(msg, e);
@ -1337,18 +1341,38 @@ public class SubscriptionManagerImpl implements SubscriptionManager {
String msg = "Error while retrieving access token for Android device"; String msg = "Error while retrieving access token for Android device";
log.error(msg, e); log.error(msg, e);
throw new ApplicationManagementException(msg, e); throw new ApplicationManagementException(msg, e);
} catch (HttpException e) {
String msg = "Error while calling the app store to install enrollment app with id: " + applicationPolicyDTO
.getApplicationDTO().getId() + " on device";
log.error(msg, e);
throw new ApplicationManagementException(msg, e);
} catch (IOException e) { } catch (IOException e) {
String msg = String msg =
"Error while installing the enrollment with id: " + applicationPolicyDTO.getApplicationDTO().getId() "Error while installing the enrollment with id: " + applicationPolicyDTO.getApplicationDTO().getId()
+ " on device"; + " on device: request URL: " + requestUrl;
log.error(msg + "request url: " + requestUrl, e);
throw new ApplicationManagementException(msg, e);
}
}
private CloseableHttpClient getHttpClient() throws ApplicationManagementException {
try {
SSLContextBuilder builder = new SSLContextBuilder();
builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(builder.build());
return HttpClients.custom().setSSLSocketFactory(sslsf).useSystemProperties().build();
} catch (NoSuchAlgorithmException e) {
String msg = "Failed while building the http client for EntApp installation. " +
"Used SSL algorithm not available";
log.error(msg, e);
throw new ApplicationManagementException(msg, e);
} catch (KeyStoreException e) {
String msg = "Failed while building the http client for EntApp installation. " +
"Failed to load required key stores";
log.error(msg, e);
throw new ApplicationManagementException(msg, e);
} catch (KeyManagementException e) {
String msg = "Failed while building the http client for EntApp installation. " +
"Failed while building SSL context";
log.error(msg, e); log.error(msg, e);
throw new ApplicationManagementException(msg, e); throw new ApplicationManagementException(msg, e);
} }
} }
private String getIOTCoreBaseUrl() { private String getIOTCoreBaseUrl() {

@ -178,6 +178,8 @@ public class Constants {
public static final String DEVICE_TYPE_ANDROID = "android"; public static final String DEVICE_TYPE_ANDROID = "android";
public static final String COLON = ":"; public static final String COLON = ":";
public static final String IOT_CORE_HOST = "iot.core.host"; public static final String IOT_CORE_HOST = "iot.core.host";
public static final String IOT_GATEWAY_HOST = "iot.gateway.host";
public static final String IOT_CORE_PORT = "iot.core.https.port"; public static final String IOT_CORE_PORT = "iot.core.https.port";
public static final String ENROLLMENT_APP_INSTALL_PROTOCOL = "https://"; public static final String ENROLLMENT_APP_INSTALL_PROTOCOL = "https://";
public static final String GOOGLE_APP_INSTALL_URL = "/api/device-mgt/android/v1.0/enterprise/change-app"; public static final String GOOGLE_APP_INSTALL_URL = "/api/device-mgt/android/v1.0/enterprise/change-app";

@ -2145,7 +2145,7 @@
<github.openfeign.version>9.3.1</github.openfeign.version> <github.openfeign.version>9.3.1</github.openfeign.version>
<jsr311.version>1.1.1</jsr311.version> <jsr311.version>1.1.1</jsr311.version>
<commons.logging.version>1.2</commons.logging.version> <commons.logging.version>1.2</commons.logging.version>
<apache.http.client.version>4.5.6</apache.http.client.version> <apache.http.client.version>4.5.13</apache.http.client.version>
<!-- apache http components core --> <!-- apache http components core -->
<apache.http.core.version>4.4.10</apache.http.core.version> <apache.http.core.version>4.4.10</apache.http.core.version>
<apache.http.mime.version>4.5.8</apache.http.mime.version> <apache.http.mime.version>4.5.8</apache.http.mime.version>

Loading…
Cancel
Save