Create HTTP(s) client in SCL with certificate verification disabled

author Jussi Koskela <jussi.koskela@semantum.fi>

Fri, 20 Apr 2018 06:13:28 +0000 (09:13 +0300)

committer Tuukka Lehtonen <tuukka.lehtonen@semantum.fi>

Fri, 20 Apr 2018 13:42:10 +0000 (16:42 +0300)
author Jussi Koskela <jussi.koskela@semantum.fi>
Fri, 20 Apr 2018 06:13:28 +0000 (09:13 +0300)
committer Tuukka Lehtonen <tuukka.lehtonen@semantum.fi>
Fri, 20 Apr 2018 13:42:10 +0000 (16:42 +0300)
diff --git a/bundles/org.simantics.scl.rest/scl/HTTP/Client.scl b/bundles/org.simantics.scl.rest/scl/HTTP/Client.scl

index 34fc6a77edcb620f96b3a4ceff0e1014cd447c78..9ebeeea8f8907994ed5430d1a4ce1adc0f89afff 100644 (file)
--- a/bundles/org.simantics.scl.rest/scl/HTTP/Client.scl
+++ b/bundles/org.simantics.scl.rest/scl/HTTP/Client.scl
@@ -76,6 +76,7 @@ importJava "org.simantics.scl.rest.HttpClientUtils" where
      buildClient :: ClientBuilder -> Client
      statusMessageOf :: Response -> <Proc> String
      asyncInvoke :: Invocation -> ResponseHandler -> FailureHandler -> <Proc> Future Response
+    trustAllClientBuilder :: <Proc> ClientBuilder
  
  importJava "javax.ws.rs.client.Entity" where
      data Entity
diff --git a/bundles/org.simantics.scl.rest/src/org/simantics/scl/rest/HttpClientUtils.java b/bundles/org.simantics.scl.rest/src/org/simantics/scl/rest/HttpClientUtils.java

index dfdbf5ba99276892c58f3b629778551af1dfa652..ef42cc8595c3d9c6c4ba30e4edb8682e50c827f3 100644 (file)
--- a/bundles/org.simantics.scl.rest/src/org/simantics/scl/rest/HttpClientUtils.java
+++ b/bundles/org.simantics.scl.rest/src/org/simantics/scl/rest/HttpClientUtils.java
@@ -1,7 +1,15 @@
  package org.simantics.scl.rest;
  
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
  import java.util.concurrent.Future;
  
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
  import javax.ws.rs.client.Client;
  import javax.ws.rs.client.ClientBuilder;
  import javax.ws.rs.client.Invocation;
@@ -20,7 +28,7 @@ public class HttpClientUtils {
      public static Client buildClient(ClientBuilder clientBuilder) {
          final ClientConfig clientConfig = new ClientConfig();
          clientConfig.register(MultiPartFeature.class);
-        return ClientBuilder.newBuilder().withConfig((Configuration) clientConfig).build();
+        return clientBuilder.withConfig((Configuration) clientConfig).build();
      }
      
      public static String statusMessageOf(Response response) {
@@ -54,4 +62,27 @@ public class HttpClientUtils {
              }
          });
      }
+    
+    public static ClientBuilder trustAllClientBuilder() throws NoSuchAlgorithmException, KeyManagementException {
+        TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
+            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+                return null;
+            }
+            public void checkClientTrusted(X509Certificate[] certs, String authType) {
+            }
+            public void checkServerTrusted(X509Certificate[] certs, String authType) {
+            }
+        }
+        };
+
+        SSLContext sc = SSLContext.getInstance("SSL");
+        sc.init(null, trustAllCerts, new java.security.SecureRandom());
+
+        return ClientBuilder.newBuilder().sslContext(sc).hostnameVerifier(new HostnameVerifier() {
+            @Override
+            public boolean verify(String hostname, SSLSession session) {
+                return true;
+            }
+        });
+    }
  }
author	Jussi Koskela <jussi.koskela@semantum.fi>
	Fri, 20 Apr 2018 06:13:28 +0000 (09:13 +0300)
committer	Tuukka Lehtonen <tuukka.lehtonen@semantum.fi>
	Fri, 20 Apr 2018 13:42:10 +0000 (16:42 +0300)
bundles/org.simantics.scl.rest/scl/HTTP/Client.scl		patch \| blob \| history
bundles/org.simantics.scl.rest/src/org/simantics/scl/rest/HttpClientUtils.java		patch \| blob \| history