2 * Copyright (c) 2016 Cisco Systems, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.groupbasedpolicy.sxp_ise_adapter.impl.util;
11 import com.sun.jersey.api.client.Client;
12 import com.sun.jersey.api.client.WebResource;
13 import com.sun.jersey.api.client.config.ClientConfig;
14 import com.sun.jersey.api.client.config.DefaultClientConfig;
15 import com.sun.jersey.client.urlconnection.HTTPSProperties;
16 import java.security.GeneralSecurityException;
17 import java.security.KeyManagementException;
18 import java.security.NoSuchAlgorithmException;
19 import java.util.List;
20 import javax.net.ssl.SSLContext;
21 import javax.net.ssl.TrustManager;
22 import org.apache.commons.net.util.TrustManagerUtils;
23 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.config.groupbasedpolicy.sxp.integration.sxp.ise.adapter.model.rev160630.gbp.sxp.ise.adapter.ise.source.config.ConnectionConfig;
24 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.config.groupbasedpolicy.sxp.integration.sxp.ise.adapter.model.rev160630.gbp.sxp.ise.adapter.ise.source.config.connection.config.Header;
27 * Purpose: setup ise-ready jersey {@link Client}
29 public class RestClientFactory {
31 public static final String PATH_ERS_CONFIG_SGT = "/ers/config/sgt";
33 private RestClientFactory() {
34 throw new IllegalAccessError("factory class - no instances supported");
38 * @param connectionConfig config provided
39 * @return initiated jersey client - ready to talk to ise
41 * @throws GeneralSecurityException in case when insecure certificate hack fails
43 public static Client createIseClient(final ConnectionConfig connectionConfig) throws GeneralSecurityException {
44 final DefaultClientConfig clientConfig = new DefaultClientConfig();
45 clientConfig.getProperties()
46 .put(ClientConfig.PROPERTY_CONNECT_TIMEOUT, connectionConfig.getConnectionTimeout());
47 clientConfig.getProperties()
48 .put(ClientConfig.PROPERTY_READ_TIMEOUT, connectionConfig.getReadTimeout());
50 hackInsecureCertificate(clientConfig);
51 return Client.create(clientConfig);
54 private static void hackInsecureCertificate(final ClientConfig clientConfigArg)
55 throws NoSuchAlgorithmException, KeyManagementException {
56 final TrustManager[] trustAllCerts = new TrustManager[]{TrustManagerUtils.getAcceptAllTrustManager()};
58 SSLContext sslContext = SSLContext.getInstance("SSL");
59 sslContext.init(null, trustAllCerts, null);
61 clientConfigArg.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(
62 (s, sslSession) -> true,
67 public static WebResource.Builder createRequestBuilder(final WebResource resource, final List<Header> headers,
69 final WebResource webResource = resource.path(path);
70 final WebResource.Builder requestBuilder = webResource.getRequestBuilder();
71 headers.stream().forEach(
72 (header) -> requestBuilder.header(header.getName(), header.getValue()));
73 return requestBuilder;