org.nmdp.b12s.mac.client.http.X509Config.java Source code

Java tutorial

Introduction

Here is the source code for org.nmdp.b12s.mac.client.http.X509Config.java

Source

/**
 * This file is part of project mac-client from the multiple-allele-code repository.
 *
 * mac-client is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * mac-client is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with mac-client.  If not, see <http://www.gnu.org/licenses/>.
 */
package org.nmdp.b12s.mac.client.http;

import java.io.IOException;
import java.net.URL;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;

import javax.net.ssl.SSLContext;

import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;

/**
 * Sample Java X.509 client based on 
 * <a href=http://hc.apache.org/httpcomponents-client-4.5.x/httpclient/examples/org/apache/http/examples/client/ClientCustomSSL.java">ClientCustomSSL.java</a>
 *
 */
public class X509Config {

    public static SSLContext defaultSslContext() {

        try {
            URL trustKeyStoreUrl = ConfigProperty.getFileAsUrl("TRUST_JKS_URL", X509Config.class, "/trusted.jks");
            char[] trustPassword = ConfigProperty.getPropertyPassword("TRUST_JKS_PWD", "changeit");
            URL clientKeyStoreUrl = ConfigProperty.getFileAsUrl("CLIENT_JKS_FILE", X509Config.class,
                    "/test-client.jks");
            char[] clientPassword = ConfigProperty.getPropertyPassword("CLIENT_JKS_URL", "changeit");
            char[] clientKeyPassword = ConfigProperty.getPropertyPassword("CLIENT_KEY_PWD", clientPassword);
            SSLContext sslContext = SSLContexts.custom()
                    // Configure trusted certs
                    .loadTrustMaterial(trustKeyStoreUrl, trustPassword)
                    // Configure client certificate
                    .loadKeyMaterial(clientKeyStoreUrl, clientPassword, clientKeyPassword).build();
            return sslContext;
        } catch (KeyManagementException | UnrecoverableKeyException | NoSuchAlgorithmException | KeyStoreException
                | CertificateException | IOException e) {
            throw new RuntimeException(e);
        }
    }

    public static void main(String[] args) throws KeyStoreException, NoSuchAlgorithmException, CertificateException,
            IOException, KeyManagementException, UnrecoverableKeyException {
        URL trustKeyStoreUrl = X509Config.class.getResource("/trusted.jks");

        URL clientKeyStoreUri = X509Config.class.getResource("/test-client.jks");

        SSLContext sslContext = SSLContexts.custom()
                // Configure trusted certs
                .loadTrustMaterial(trustKeyStoreUrl, "changeit".toCharArray())
                // Configure client certificate
                .loadKeyMaterial(clientKeyStoreUri, "changeit".toCharArray(), "changeit".toCharArray()).build();

        try (TextHttpClient httpClient = new TextHttpClient("https://macbeta.b12x.org/mac/api", sslContext)) {

        }
        // Allow TLSv1 protocol only
        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" },
                null, SSLConnectionSocketFactory.getDefaultHostnameVerifier());

        try (CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).build()) {

            HttpGet httpget = new HttpGet("https://macbeta.b12x.org/mac/api/codes/AA");
            System.out.println("executing request " + httpget.getRequestLine());

            try (CloseableHttpResponse response = httpclient.execute(httpget)) {
                HttpEntity entity = response.getEntity();

                System.out.println("----------------------------------------");
                System.out.println(response.getStatusLine());
                if (entity != null) {
                    Charset charset = StandardCharsets.UTF_8;
                    for (Header contentType : response.getHeaders("Content-Type")) {
                        System.out.println("Content-Type: " + contentType);
                        for (String part : contentType.getValue().split(";")) {
                            if (part.startsWith("charset=")) {
                                String charsetName = part.split("=")[1];
                                charset = Charset.forName(charsetName);
                            }
                        }
                    }
                    System.out.println("Response content length: " + entity.getContentLength());
                    String content = EntityUtils.toString(entity, charset);
                    System.out.println(content);
                }
                EntityUtils.consume(entity);
            }
        }
    }

}