added ssl context

8 years ago · 470500b80e
parent 264cd7e1f1
commit 470500b80e
6 changed files with 95 additions and 50 deletions
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/pom.xml
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/pom.xml
@ -68,7 +68,8 @@
 							io.swagger.annotations,
 							org.wso2.carbon.core.util,
 							javax.xml,
-							org.wso2.carbon.base
+							org.wso2.carbon.base,
+							javax.net.ssl
 						</Import-Package>
 						<Embed-Dependency>
 							jsr311-api,
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/OAuthRequestInterceptor.java
@ -27,13 +27,12 @@ import org.wso2.carbon.apimgt.integration.client.internal.APIIntegrationClientDa
 import org.wso2.carbon.apimgt.integration.client.model.ClientProfile;
 import org.wso2.carbon.apimgt.integration.client.model.DCRClient;
 import org.wso2.carbon.apimgt.integration.client.model.OAuthApplication;
-import org.wso2.carbon.apimgt.integration.client.util.PropertyUtils;
+import org.wso2.carbon.apimgt.integration.client.util.Utils;
 import org.wso2.carbon.base.MultitenantConstants;
 import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.identity.jwt.client.extension.JWTClient;
 import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
 import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
-import org.wso2.carbon.user.api.UserStoreException;

 import java.util.HashMap;
 import java.util.Map;
@ -59,10 +58,10 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
    public OAuthRequestInterceptor() {
        String username = APIMConfigReader.getInstance().getConfig().getUsername();
        String password = APIMConfigReader.getInstance().getConfig().getPassword();
-        dcrClient = Feign.builder().requestInterceptor(
+        dcrClient = Feign.builder().client(Utils.getSSLClient()).requestInterceptor(
                new BasicAuthRequestInterceptor(username, password))
                .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
-                .target(DCRClient.class, PropertyUtils.replaceProperties(
+                .target(DCRClient.class, Utils.replaceProperties(
                        APIMConfigReader.getInstance().getConfig().getDcrEndpoint()));
    }

--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/publisher/PublisherClient.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/publisher/PublisherClient.java
@ -45,8 +45,9 @@ public class PublisherClient {
     *
     */
    public PublisherClient(RequestInterceptor requestInterceptor) {
-        Feign.Builder builder = Feign.builder().requestInterceptor(requestInterceptor)
-                .encoder(new GsonEncoder()).decoder(new GsonDecoder());
+        Feign.Builder builder = Feign.builder().client(
+                org.wso2.carbon.apimgt.integration.client.util.Utils.getSSLClient()).requestInterceptor(
+                requestInterceptor).encoder(new GsonEncoder()).decoder(new GsonDecoder());
        String basePath = Utils.replaceSystemProperty(APIMConfigReader.getInstance().getConfig().getPublisherEndpoint());

        api = builder.target(APIsApi.class, basePath);
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/store/StoreClient.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/store/StoreClient.java
@ -45,8 +45,9 @@ public class StoreClient {

    public StoreClient(RequestInterceptor requestInterceptor) {

-        Feign.Builder builder = Feign.builder().requestInterceptor(requestInterceptor)
-                .encoder(new GsonEncoder()).decoder(new GsonDecoder());
+        Feign.Builder builder = Feign.builder().client(
+                org.wso2.carbon.apimgt.integration.client.util.Utils.getSSLClient()).requestInterceptor(
+                requestInterceptor).encoder(new GsonEncoder()).decoder(new GsonDecoder());
        String basePath = Utils.replaceSystemProperty(APIMConfigReader.getInstance().getConfig().getStoreEndpoint());

        apis = builder.target(ApisAPIApi.class, basePath);
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/PropertyUtils.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/PropertyUtils.java
@ -1,41 +0,0 @@
-/*
-*  Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
-*
-*  WSO2 Inc. licenses this file to you under the Apache License,
-*  Version 2.0 (the "License"); you may not use this file except
-*  in compliance with the License.
-*  You may obtain a copy of the License at
-*
-*    http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing,
-* software distributed under the License is distributed on an
-* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-* KIND, either express or implied.  See the License for the
-* specific language governing permissions and limitations
-* under the License.
-*/
-
-package org.wso2.carbon.apimgt.integration.client.util;
-
-
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-public class PropertyUtils {
-
-    //This method is only used if the mb features are within DAS.
-    public static String replaceProperties(String text) {
-        String regex = "\\$\\{(.*?)\\}";
-        Pattern pattern = Pattern.compile(regex);
-        Matcher matchPattern = pattern.matcher(text);
-        while (matchPattern.find()) {
-            String sysPropertyName = matchPattern.group(1);
-            String sysPropertyValue = System.getProperty(sysPropertyName);
-            if (sysPropertyValue != null && !sysPropertyName.isEmpty()) {
-                text = text.replaceAll("\\$\\{(" + sysPropertyName + ")\\}", sysPropertyValue);
-            }
-        }
-        return text;
-    }
-}
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/Utils.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.integration.client/src/main/java/org/wso2/carbon/apimgt/integration/client/util/Utils.java
@ -0,0 +1,84 @@
+/*
+*  Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+*
+*  WSO2 Inc. licenses this file to you under the Apache License,
+*  Version 2.0 (the "License"); you may not use this file except
+*  in compliance with the License.
+*  You may obtain a copy of the License at
+*
+*    http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing,
+* software distributed under the License is distributed on an
+* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+* KIND, either express or implied.  See the License for the
+* specific language governing permissions and limitations
+* under the License.
+*/
+
+package org.wso2.carbon.apimgt.integration.client.util;
+
+
+import feign.Client;
+
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+public class Utils {
+
+    //This method is only used if the mb features are within DAS.
+    public static String replaceProperties(String text) {
+        String regex = "\\$\\{(.*?)\\}";
+        Pattern pattern = Pattern.compile(regex);
+        Matcher matchPattern = pattern.matcher(text);
+        while (matchPattern.find()) {
+            String sysPropertyName = matchPattern.group(1);
+            String sysPropertyValue = System.getProperty(sysPropertyName);
+            if (sysPropertyValue != null && !sysPropertyName.isEmpty()) {
+                text = text.replaceAll("\\$\\{(" + sysPropertyName + ")\\}", sysPropertyValue);
+            }
+        }
+        return text;
+    }
+
+    public static Client getSSLClient() {
+        return new Client.Default(getTrustedSSLSocketFactory(), new HostnameVerifier() {
+            @Override
+            public boolean verify(String s, SSLSession sslSession) {
+                return true;
+            }
+        });
+    }
+
+    private static SSLSocketFactory getTrustedSSLSocketFactory() {
+        try {
+            TrustManager[] trustAllCerts = new TrustManager[]{
+                    new X509TrustManager() {
+                        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+                            return null;
+                        }
+                        public void checkClientTrusted(
+                                java.security.cert.X509Certificate[] certs, String authType) {
+                        }
+                        public void checkServerTrusted(
+                                java.security.cert.X509Certificate[] certs, String authType) {
+                        }
+                    }
+            };
+            SSLContext sc = SSLContext.getInstance("SSL");
+            sc.init(null, trustAllCerts, new java.security.SecureRandom());
+            return sc.getSocketFactory();
+        } catch (KeyManagementException | NoSuchAlgorithmException e) {
+            return null;
+        }
+
+    }
+}