Java tutorial
/* * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. * * WSO2 Inc. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except * in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ package org.wso2.carbon.apimgt.integration.client.util; import feign.Client; import javax.net.ssl.*; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.security.*; import java.security.cert.CertificateException; import java.util.regex.Matcher; import java.util.regex.Pattern; import feign.Logger; import feign.Request; import feign.Response; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.base.ServerConfiguration; public class Utils { private static final Log log = LogFactory.getLog(Utils.class); private static final String KEY_STORE_TYPE = "JKS"; /** * Default truststore type of the client */ private static final String TRUST_STORE_TYPE = "JKS"; /** * Default keymanager type of the client */ private static final String KEY_MANAGER_TYPE = "SunX509"; //Default Key Manager Type /** * Default trustmanager type of the client */ private static final String TRUST_MANAGER_TYPE = "SunX509"; //Default Trust Manager Type private static final String SSLV3 = "SSLv3"; //This method is only used if the mb features are within DAS. public static String replaceProperties(String text) { String regex = "\\$\\{(.*?)\\}"; Pattern pattern = Pattern.compile(regex); Matcher matchPattern = pattern.matcher(text); while (matchPattern.find()) { String sysPropertyName = matchPattern.group(1); String sysPropertyValue = System.getProperty(sysPropertyName); if (sysPropertyValue != null && !sysPropertyName.isEmpty()) { text = text.replaceAll("\\$\\{(" + sysPropertyName + ")\\}", sysPropertyValue); } } return text; } public static Client getSSLClient() { boolean isIgnoreHostnameVerification = Boolean .parseBoolean(System.getProperty("org.wso2.ignoreHostnameVerification")); if (isIgnoreHostnameVerification) { return new Client.Default(getSimpleTrustedSSLSocketFactory(), new HostnameVerifier() { @Override public boolean verify(String s, SSLSession sslSession) { return true; } }); } else { return new Client.Default(getTrustedSSLSocketFactory(), null); } } private static SSLSocketFactory getSimpleTrustedSSLSocketFactory() { try { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); return sc.getSocketFactory(); } catch (KeyManagementException | NoSuchAlgorithmException e) { return null; } } private static SSLSocketFactory getTrustedSSLSocketFactory() { try { String keyStorePassword = ServerConfiguration.getInstance() .getFirstProperty("Security.KeyStore.Password"); String keyStoreLocation = ServerConfiguration.getInstance() .getFirstProperty("Security.KeyStore.Location"); String trustStorePassword = ServerConfiguration.getInstance() .getFirstProperty("Security.TrustStore.Password"); String trustStoreLocation = ServerConfiguration.getInstance() .getFirstProperty("Security.TrustStore.Location"); KeyStore keyStore = loadKeyStore(keyStoreLocation, keyStorePassword, KEY_STORE_TYPE); KeyStore trustStore = loadTrustStore(trustStoreLocation, trustStorePassword); return initSSLConnection(keyStore, keyStorePassword, trustStore); } catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException | CertificateException | IOException | UnrecoverableKeyException e) { log.error("Error while creating the SSL socket factory due to " + e.getMessage(), e); return null; } } private static SSLSocketFactory initSSLConnection(KeyStore keyStore, String keyStorePassword, KeyStore trustStore) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException { KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE); keyManagerFactory.init(keyStore, keyStorePassword.toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TRUST_MANAGER_TYPE); trustManagerFactory.init(trustStore); // Create and initialize SSLContext for HTTPS communication SSLContext sslContext = SSLContext.getInstance(SSLV3); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); SSLContext.setDefault(sslContext); return sslContext.getSocketFactory(); } private static KeyStore loadKeyStore(String keyStorePath, String ksPassword, String type) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { InputStream fileInputStream = null; try { char[] keypassChar = ksPassword.toCharArray(); KeyStore keyStore = KeyStore.getInstance(type); fileInputStream = new FileInputStream(keyStorePath); keyStore.load(fileInputStream, keypassChar); return keyStore; } finally { if (fileInputStream != null) { fileInputStream.close(); } } } private static KeyStore loadTrustStore(String trustStorePath, String tsPassword) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException { return loadKeyStore(trustStorePath, tsPassword, TRUST_STORE_TYPE); } }