org.codice.ddf.commands.solr.SolrHttpWrapper.java Source code

Java tutorial

Introduction

Here is the source code for org.codice.ddf.commands.solr.SolrHttpWrapper.java

Source

/**
 * Copyright (c) Codice Foundation
 * <p>
 * This is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser
 * General Public License as published by the Free Software Foundation, either version 3 of the
 * License, or any later version.
 * <p>
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
 * even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details. A copy of the GNU Lesser General Public License
 * is distributed along with this program and can be found at
 * <http://www.gnu.org/licenses/lgpl.html>.
 */
package org.codice.ddf.commands.solr;

import java.io.FileInputStream;
import java.io.IOException;
import java.net.URI;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;

import javax.net.ssl.SSLContext;

import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpResponse;
import org.apache.http.HttpStatus;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicHttpResponse;
import org.codice.solr.factory.SolrClientFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import ddf.security.SecurityConstants;

public class SolrHttpWrapper implements HttpWrapper {

    private static final Logger LOGGER = LoggerFactory.getLogger(SolrHttpWrapper.class);

    HttpClient solrClient;

    public SolrHttpWrapper() {

        SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(getSslContext(),
                getProtocols(), getCipherSuites(), SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

        solrClient = HttpClients.custom().setSSLSocketFactory(sslConnectionSocketFactory)
                .setDefaultCookieStore(new BasicCookieStore()).setMaxConnTotal(128).setMaxConnPerRoute(32).build();
    }

    private static KeyStore getKeyStore(String location, String password) {
        LOGGER.debug("Loading keystore from {}", location);
        KeyStore keyStore = null;

        try (FileInputStream storeStream = new FileInputStream(location)) {
            keyStore = KeyStore.getInstance(System.getProperty("javax.net.ssl.keyStoreType"));
            keyStore.load(storeStream, password.toCharArray());
        } catch (CertificateException | IOException | NoSuchAlgorithmException | KeyStoreException e) {
            LOGGER.error("Unable to load keystore at " + location, e);
        }

        return keyStore;
    }

    private static String[] getCipherSuites() {
        if (System.getProperty(SecurityConstants.HTTPS_CIPHER_SUITES) != null) {
            return StringUtils.split(System.getProperty(SecurityConstants.HTTPS_CIPHER_SUITES), ",");
        }
        return SolrClientFactory.DEFAULT_CIPHER_SUITES
                .toArray(new String[SolrClientFactory.DEFAULT_CIPHER_SUITES.size()]);

    }

    @Override
    public ResponseWrapper execute(URI uri) {
        HttpResponse httpResponse;
        HttpGet get = new HttpGet(uri);
        try {
            LOGGER.info("Executing uri: {}", uri.toString());
            httpResponse = solrClient.execute(get);
            return new ResponseWrapper(httpResponse);
        } catch (IOException e) {
            LOGGER.debug("Error during request. Returning null response.");
        }
        BasicHttpResponse response = new BasicHttpResponse(null, HttpStatus.SC_INTERNAL_SERVER_ERROR,
                "Error during request.");
        return new ResponseWrapper(response);
    }

    private SSLContext getSslContext() {
        String keystorePath = System.getProperty(SecurityConstants.KEYSTORE_PATH);
        String keystorePassword = System.getProperty(SecurityConstants.KEYSTORE_PASSWORD);
        String truststorePath = System.getProperty(SecurityConstants.TRUSTSTORE_PATH);
        String truststorePassword = System.getProperty(SecurityConstants.TRUSTSTORE_PASSWORD);
        if (keystorePath == null || keystorePassword == null || truststorePath == null
                || truststorePassword == null) {
            throw new IllegalArgumentException("KeyStore and TrustStore system properties must be set.");
        }

        KeyStore trustStore = getKeyStore(truststorePath, truststorePassword);
        KeyStore keyStore = getKeyStore(keystorePath, keystorePassword);

        SSLContext sslContext;

        try {
            sslContext = SSLContexts.custom().loadKeyMaterial(keyStore, keystorePassword.toCharArray())
                    .loadTrustMaterial(trustStore).useTLS().build();
        } catch (UnrecoverableKeyException | NoSuchAlgorithmException | KeyStoreException
                | KeyManagementException e) {
            LOGGER.error("Unable to create secure HttpClient", e);
            return null;
        }

        sslContext.getDefaultSSLParameters().setNeedClientAuth(true);
        sslContext.getDefaultSSLParameters().setWantClientAuth(true);

        return sslContext;
    }

    private String[] getProtocols() {
        if (System.getProperty("https.protocols") != null) {
            return StringUtils.split(System.getProperty("https.protocols"), ",");
        }
        return SolrClientFactory.DEFAULT_PROTOCOLS.toArray(new String[SolrClientFactory.DEFAULT_PROTOCOLS.size()]);
    }

}