From: Jussi Koskela Date: Fri, 20 Apr 2018 06:13:28 +0000 (+0300) Subject: Create HTTP(s) client in SCL with certificate verification disabled X-Git-Tag: v1.43.0~136^2~490 X-Git-Url: https://gerrit.simantics.org/r/gitweb?a=commitdiff_plain;h=69c49563a4bc5dff7d4e57541f15f384648f5b83;p=simantics%2Fplatform.git Create HTTP(s) client in SCL with certificate verification disabled Also fixed buildClient function to actually use the provided ClientBuilder. refs #7870 Change-Id: Ie0d7ae420fc3b96df607efacb64a8bc8384ec717 --- diff --git a/bundles/org.simantics.scl.rest/scl/HTTP/Client.scl b/bundles/org.simantics.scl.rest/scl/HTTP/Client.scl index 34fc6a77e..9ebeeea8f 100644 --- a/bundles/org.simantics.scl.rest/scl/HTTP/Client.scl +++ b/bundles/org.simantics.scl.rest/scl/HTTP/Client.scl @@ -76,6 +76,7 @@ importJava "org.simantics.scl.rest.HttpClientUtils" where buildClient :: ClientBuilder -> Client statusMessageOf :: Response -> String asyncInvoke :: Invocation -> ResponseHandler -> FailureHandler -> Future Response + trustAllClientBuilder :: ClientBuilder importJava "javax.ws.rs.client.Entity" where data Entity diff --git a/bundles/org.simantics.scl.rest/src/org/simantics/scl/rest/HttpClientUtils.java b/bundles/org.simantics.scl.rest/src/org/simantics/scl/rest/HttpClientUtils.java index dfdbf5ba9..ef42cc859 100644 --- a/bundles/org.simantics.scl.rest/src/org/simantics/scl/rest/HttpClientUtils.java +++ b/bundles/org.simantics.scl.rest/src/org/simantics/scl/rest/HttpClientUtils.java @@ -1,7 +1,15 @@ package org.simantics.scl.rest; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.X509Certificate; import java.util.concurrent.Future; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; import javax.ws.rs.client.Client; import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Invocation; @@ -20,7 +28,7 @@ public class HttpClientUtils { public static Client buildClient(ClientBuilder clientBuilder) { final ClientConfig clientConfig = new ClientConfig(); clientConfig.register(MultiPartFeature.class); - return ClientBuilder.newBuilder().withConfig((Configuration) clientConfig).build(); + return clientBuilder.withConfig((Configuration) clientConfig).build(); } public static String statusMessageOf(Response response) { @@ -54,4 +62,27 @@ public class HttpClientUtils { } }); } + + public static ClientBuilder trustAllClientBuilder() throws NoSuchAlgorithmException, KeyManagementException { + TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + public void checkClientTrusted(X509Certificate[] certs, String authType) { + } + public void checkServerTrusted(X509Certificate[] certs, String authType) { + } + } + }; + + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + + return ClientBuilder.newBuilder().sslContext(sc).hostnameVerifier(new HostnameVerifier() { + @Override + public boolean verify(String hostname, SSLSession session) { + return true; + } + }); + } }