sxp-integration/sxp-ise-adapter/src/main/java/org/opendaylight/groupbasedpolicy/sxp_ise_adapter/impl/util/RestClientFactory.java

   1 /*
   2  * Copyright (c) 2016 Cisco Systems, Inc. and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 package org.opendaylight.groupbasedpolicy.sxp_ise_adapter.impl.util;
  10
  11 import com.sun.jersey.api.client.Client;
  12 import com.sun.jersey.api.client.WebResource;
  13 import com.sun.jersey.api.client.config.ClientConfig;
  14 import com.sun.jersey.api.client.config.DefaultClientConfig;
  15 import com.sun.jersey.client.urlconnection.HTTPSProperties;
  16 import java.security.GeneralSecurityException;
  17 import java.security.KeyManagementException;
  18 import java.security.NoSuchAlgorithmException;
  19 import java.util.List;
  20 import javax.net.ssl.SSLContext;
  21 import javax.net.ssl.TrustManager;
  22 import org.apache.commons.net.util.TrustManagerUtils;
  23 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.config.groupbasedpolicy.sxp.integration.sxp.ise.adapter.model.rev160630.gbp.sxp.ise.adapter.ise.source.config.ConnectionConfig;
  24 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.config.groupbasedpolicy.sxp.integration.sxp.ise.adapter.model.rev160630.gbp.sxp.ise.adapter.ise.source.config.connection.config.Header;
  25
  26 /**
  27  * Purpose: setup ise-ready jersey {@link Client}
  28  */
  29 public class RestClientFactory {
  30
  31     public static final String PATH_ERS_CONFIG_SGT = "/ers/config/sgt";
  32
  33     private RestClientFactory() {
  34         throw new IllegalAccessError("factory class - no instances supported");
  35     }
  36
  37     /**
  38      * @param connectionConfig config provided
  39      * @return initiated jersey client - ready to talk to ise
  40      *
  41      * @throws GeneralSecurityException in case when insecure certificate hack fails
  42      */
  43     public static Client createIseClient(final ConnectionConfig connectionConfig) throws GeneralSecurityException {
  44         final DefaultClientConfig clientConfig = new DefaultClientConfig();
  45         clientConfig.getProperties()
  46                 .put(ClientConfig.PROPERTY_CONNECT_TIMEOUT, connectionConfig.getConnectionTimeout());
  47         clientConfig.getProperties()
  48                 .put(ClientConfig.PROPERTY_READ_TIMEOUT, connectionConfig.getReadTimeout());
  49
  50         hackInsecureCertificate(clientConfig);
  51         return Client.create(clientConfig);
  52     }
  53
  54     private static void hackInsecureCertificate(final ClientConfig clientConfigArg)
  55             throws NoSuchAlgorithmException, KeyManagementException {
  56         final TrustManager[] trustAllCerts = new TrustManager[]{TrustManagerUtils.getAcceptAllTrustManager()};
  57
  58         SSLContext sslContext = SSLContext.getInstance("SSL");
  59         sslContext.init(null, trustAllCerts, null);
  60
  61         clientConfigArg.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(
  62                 (s, sslSession) -> true,
  63                 sslContext
  64         ));
  65     }
  66
  67     public static WebResource.Builder createRequestBuilder(final WebResource resource, final List<Header> headers,
  68                                                            final String path) {
  69         final WebResource webResource = resource.path(path);
  70         final WebResource.Builder requestBuilder = webResource.getRequestBuilder();
  71         headers.stream().forEach(
  72                 (header) -> requestBuilder.header(header.getName(), header.getValue()));
  73         return requestBuilder;
  74     }
  75 }