2 * Copyright (c) 2016 Cisco Systems, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.groupbasedpolicy.gbp_ise_adapter.impl.util;
11 import com.sun.jersey.api.client.Client;
12 import com.sun.jersey.api.client.config.ClientConfig;
13 import com.sun.jersey.api.client.config.DefaultClientConfig;
14 import com.sun.jersey.client.urlconnection.HTTPSProperties;
15 import java.security.GeneralSecurityException;
16 import java.security.KeyManagementException;
17 import java.security.NoSuchAlgorithmException;
18 import javax.net.ssl.SSLContext;
19 import javax.net.ssl.TrustManager;
20 import org.apache.commons.net.util.TrustManagerUtils;
21 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.config.groupbasedpolicy.gbp.ise.adapter.model.rev160630.gbp.ise.adapter.ise.harvest.config.ConnectionConfig;
24 * Purpose: setup ise-ready jersey {@link Client}
26 public class RestClientFactory {
28 private RestClientFactory() {
29 throw new IllegalAccessError("factory class - no instances supported");
33 * @param connectionConfig config provided
34 * @return initiated jersey client - ready to talk to ise
36 * @throws GeneralSecurityException in case when insecure certificate hack fails
38 public static Client createIseClient(final ConnectionConfig connectionConfig) throws GeneralSecurityException {
39 final DefaultClientConfig clientConfig = new DefaultClientConfig();
40 clientConfig.getProperties()
41 .put(ClientConfig.PROPERTY_CONNECT_TIMEOUT, connectionConfig.getConnectionTimeout());
42 clientConfig.getProperties()
43 .put(ClientConfig.PROPERTY_READ_TIMEOUT, connectionConfig.getReadTimeout());
45 hackInsecureCertificate(clientConfig);
46 return Client.create(clientConfig);
49 private static void hackInsecureCertificate(final ClientConfig clientConfigArg)
50 throws NoSuchAlgorithmException, KeyManagementException {
51 final TrustManager[] trustAllCerts = new TrustManager[]{TrustManagerUtils.getAcceptAllTrustManager()};
53 SSLContext sslContext = SSLContext.getInstance("SSL");
54 sslContext.init(null, trustAllCerts, null);
56 clientConfigArg.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(
57 (s, sslSession) -> true,