List of usage examples for com.squareup.okhttp ConnectionSpec MODERN_TLS
ConnectionSpec MODERN_TLS
To view the source code for com.squareup.okhttp ConnectionSpec MODERN_TLS.
Click Source Link
From source file:co.paralleluniverse.fibers.okhttp.CallTest.java
License:Open Source License
@Test public void noRecoveryFromTlsHandshakeFailureWhenTlsFallbackIsDisabled() throws Exception { client.setConnectionSpecs(Arrays.asList(ConnectionSpec.MODERN_TLS, ConnectionSpec.CLEARTEXT)); server.get().useHttps(sslContext.getSocketFactory(), false); server.enqueue(new MockResponse().setSocketPolicy(SocketPolicy.FAIL_HANDSHAKE)); suppressTlsFallbackScsv(client);//from w ww .j a va2 s . c o m client.setHostnameVerifier(new RecordingHostnameVerifier()); Internal.instance.setNetwork(client, new SingleInetAddressNetwork()); Request request = new Request.Builder().url(server.getUrl("/")).build(); try { FiberOkHttpUtil.executeInFiber(client, request); fail(); } catch (SSLProtocolException expected) { // RI response to the FAIL_HANDSHAKE } catch (SSLHandshakeException expected) { // Android's response to the FAIL_HANDSHAKE } }
From source file:co.paralleluniverse.fibers.okhttp.CallTest.java
License:Open Source License
@Test public void cleartextCallsFailWhenCleartextIsDisabled() throws Exception { // Configure the client with only TLS configurations. No cleartext! client.setConnectionSpecs(Arrays.asList(ConnectionSpec.MODERN_TLS, ConnectionSpec.COMPATIBLE_TLS)); server.enqueue(new MockResponse()); Request request = new Request.Builder().url(server.getUrl("/")).build(); try {/* ww w . ja v a 2s .com*/ FiberOkHttpUtil.executeInFiber(client, request); fail(); } catch (UnknownServiceException expected) { assertTrue(expected.getMessage().contains("CLEARTEXT communication not supported")); } }
From source file:com.cloudant.http.internal.ok.OkHttpClientHttpUrlConnectionFactory.java
License:Open Source License
public OkHttpClientHttpUrlConnectionFactory() { client = new OkHttpClient(); client.setConnectionSpecs(Arrays.asList(new ConnectionSpec[] { ConnectionSpec.CLEARTEXT, // for http new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).allEnabledTlsVersions() .allEnabledCipherSuites().build() // for https }));/*from w w w.j av a 2 s . c o m*/ factory = new OkUrlFactory(client); }
From source file:com.granita.contacticloudsync.HttpClientTest.java
License:Open Source License
public void testTLSVersion() throws IOException { server.useHttps(new SSLSocketFactoryCompat(null), false); assertEquals("https", server.url("/").scheme()); httpClient.setConnectionSpecs(Collections.singletonList( new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).tlsVersions(TlsVersion.TLS_1_2).build())); // FIXME//from ww w . j av a2 s. co m /*server.enqueue(new MockResponse().setResponseCode(204)); Response response = httpClient.newCall(new Request.Builder() .get().url(server.url("/")) .build()).execute(); assertTrue(response.isSuccessful());*/ }
From source file:com.linecorp.armeria.server.grpc.interop.ArmeriaGrpcServerInteropTest.java
License:Apache License
@Override protected ManagedChannel createChannel() { try {/*from w w w. j ava 2 s . com*/ final int port = server.httpsPort(); return OkHttpChannelBuilder.forAddress("localhost", port).negotiationType(NegotiationType.TLS) .maxInboundMessageSize(16 * 1024 * 1024).connectionSpec(ConnectionSpec.MODERN_TLS) .overrideAuthority("example.com:" + port) .sslSocketFactory( TestUtils.newSslSocketFactoryForCa(Platform.get().getProvider(), ssc.certificate())) .build(); } catch (Exception ex) { throw new RuntimeException(ex); } }
From source file:io.macgyver.plugin.elb.a10.A10ClientImpl.java
License:Apache License
/** * The A10 control port has a brain-dead HTTPS stack that is unable to * negotiate TLS versions./* ww w . ja v a 2s.c o m*/ * * @return */ List<ConnectionSpec> getA10CompatibleConnectionSpecs() { List<ConnectionSpec> list = Lists.newArrayList(); list.add(new Builder(ConnectionSpec.MODERN_TLS).tlsVersions(TlsVersion.TLS_1_0).build()); // This // is // essential list.add(ConnectionSpec.MODERN_TLS); list.add(ConnectionSpec.CLEARTEXT); return ImmutableList.copyOf(list); }
From source file:keywhiz.cli.ClientUtils.java
License:Apache License
/** * Creates a {@link OkHttpClient} to start a TLS connection. * * @param devTrustStore if not null, uses the provided TrustStore instead of whatever is * configured in the JVM. This is a convenient way to allow developers to * start playing with Keywhiz right away. This option should not be used in * production systems. * @param cookies list of cookies to include in the client. * @return new http client./* w w w.j av a 2s.c o m*/ */ public static OkHttpClient sslOkHttpClient(@Nullable KeyStore devTrustStore, List<HttpCookie> cookies) { checkNotNull(cookies); SSLContext sslContext; try { TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(devTrustStore); TrustManager[] trustManagers = trustManagerFactory.getTrustManagers(); sslContext = SSLContext.getInstance("TLSv1.2"); sslContext.init(new KeyManager[0], trustManagers, new SecureRandom()); } catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException e) { throw Throwables.propagate(e); } SSLSocketFactory socketFactory = sslContext.getSocketFactory(); OkHttpClient client = new OkHttpClient().setSslSocketFactory(socketFactory) .setConnectionSpecs(Arrays.asList(ConnectionSpec.MODERN_TLS)).setFollowSslRedirects(false); client.setRetryOnConnectionFailure(false); client.networkInterceptors().add(new XsrfTokenInterceptor("XSRF-TOKEN", "X-XSRF-TOKEN")); CookieManager cookieManager = new CookieManager(); cookieManager.setCookiePolicy(CookiePolicy.ACCEPT_ALL); cookies.forEach(c -> cookieManager.getCookieStore().add(null, c)); client.setCookieHandler(cookieManager); return client; }
From source file:org.catrobat.catroid.web.ServerCalls.java
License:Open Source License
private ServerCalls() { okHttpClient = new OkHttpClient(); okHttpClient.setConnectionSpecs(Arrays.asList(ConnectionSpec.MODERN_TLS)); gson = new Gson(); }
From source file:org.jclouds.docker.config.DockerOkHttpClientSupplier.java
License:Apache License
@Override public OkHttpClient get() { OkHttpClient client = new OkHttpClient(); ConnectionSpec tlsSpec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) .tlsVersions(TlsVersion.TLS_1_0, TlsVersion.TLS_1_1, TlsVersion.TLS_1_2).build(); ConnectionSpec cleartextSpec = new ConnectionSpec.Builder(ConnectionSpec.CLEARTEXT).build(); client.setConnectionSpecs(ImmutableList.of(tlsSpec, cleartextSpec)); // check if identity and credential are files, to set up sslContext if (new File(creds.get().identity).isFile() && new File(creds.get().credential).isFile()) { client.setSslSocketFactory(dockerSSLContextSupplier.get().getSocketFactory()); }//from w ww . jav a 2 s . c o m return client; }
From source file:org.jclouds.http.okhttp.OkHttpCommandExecutorServiceTest.java
License:Apache License
@Test(expectedExceptions = HttpResponseException.class, expectedExceptionsMessageRegExp = ".*exhausted connection specs.*") public void testHTTPConnectionFailsIfOnlySSLConfigured() throws Exception { MockWebServer server = mockWebServer(new MockResponse()); Module httpConfigModule = new ConnectionSpecModule(ConnectionSpec.MODERN_TLS); PatchApi api = api(PatchApi.class, server.getUrl("/").toString(), httpConfigModule); try {/*from w w w. j a v a 2 s. c o m*/ api.patchNothing(""); } finally { closeQuietly(api); server.shutdown(); } }