Create HTTP(s) client in SCL with certificate verification disabled 28/1728/2
authorJussi Koskela <jussi.koskela@semantum.fi>
Fri, 20 Apr 2018 06:13:28 +0000 (09:13 +0300)
committerTuukka Lehtonen <tuukka.lehtonen@semantum.fi>
Fri, 20 Apr 2018 13:42:10 +0000 (16:42 +0300)
Also fixed buildClient function to actually use the provided
ClientBuilder.

refs #7870

Change-Id: Ie0d7ae420fc3b96df607efacb64a8bc8384ec717

bundles/org.simantics.scl.rest/scl/HTTP/Client.scl
bundles/org.simantics.scl.rest/src/org/simantics/scl/rest/HttpClientUtils.java

index 34fc6a77edcb620f96b3a4ceff0e1014cd447c78..9ebeeea8f8907994ed5430d1a4ce1adc0f89afff 100644 (file)
@@ -76,6 +76,7 @@ importJava "org.simantics.scl.rest.HttpClientUtils" where
     buildClient :: ClientBuilder -> Client
     statusMessageOf :: Response -> <Proc> String
     asyncInvoke :: Invocation -> ResponseHandler -> FailureHandler -> <Proc> Future Response
+    trustAllClientBuilder :: <Proc> ClientBuilder
 
 importJava "javax.ws.rs.client.Entity" where
     data Entity
index dfdbf5ba99276892c58f3b629778551af1dfa652..ef42cc8595c3d9c6c4ba30e4edb8682e50c827f3 100644 (file)
@@ -1,7 +1,15 @@
 package org.simantics.scl.rest;
 
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
 import java.util.concurrent.Future;
 
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
 import javax.ws.rs.client.Client;
 import javax.ws.rs.client.ClientBuilder;
 import javax.ws.rs.client.Invocation;
@@ -20,7 +28,7 @@ public class HttpClientUtils {
     public static Client buildClient(ClientBuilder clientBuilder) {
         final ClientConfig clientConfig = new ClientConfig();
         clientConfig.register(MultiPartFeature.class);
-        return ClientBuilder.newBuilder().withConfig((Configuration) clientConfig).build();
+        return clientBuilder.withConfig((Configuration) clientConfig).build();
     }
     
     public static String statusMessageOf(Response response) {
@@ -54,4 +62,27 @@ public class HttpClientUtils {
             }
         });
     }
+    
+    public static ClientBuilder trustAllClientBuilder() throws NoSuchAlgorithmException, KeyManagementException {
+        TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
+            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+                return null;
+            }
+            public void checkClientTrusted(X509Certificate[] certs, String authType) {
+            }
+            public void checkServerTrusted(X509Certificate[] certs, String authType) {
+            }
+        }
+        };
+
+        SSLContext sc = SSLContext.getInstance("SSL");
+        sc.init(null, trustAllCerts, new java.security.SecureRandom());
+
+        return ClientBuilder.newBuilder().sslContext(sc).hostnameVerifier(new HostnameVerifier() {
+            @Override
+            public boolean verify(String hostname, SSLSession session) {
+                return true;
+            }
+        });
+    }
 }