ui/src/main/java/org/akraino/validation/ui/conf/UiInitializer.java

   1 /*
   2  * Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License"); you may
   5  * not use this file except in compliance with the License. You may obtain
   6  * a copy of the License at
   7  *
   8  * http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
  13  * implied. See the License for the specific language governing
  14  * permissions and limitations under the License.
  15  */
  16 package org.akraino.validation.ui.conf;
  17
  18 import java.security.KeyManagementException;
  19 import java.security.NoSuchAlgorithmException;
  20 import java.security.cert.X509Certificate;
  21 import java.util.Map;
  22
  23 import javax.net.ssl.HostnameVerifier;
  24 import javax.net.ssl.HttpsURLConnection;
  25 import javax.net.ssl.SSLContext;
  26 import javax.net.ssl.SSLSession;
  27 import javax.net.ssl.TrustManager;
  28 import javax.net.ssl.X509TrustManager;
  29
  30 import org.springframework.context.event.ContextRefreshedEvent;
  31 import org.springframework.context.event.EventListener;
  32 import org.springframework.stereotype.Component;
  33
  34 import com.sun.jersey.api.client.config.DefaultClientConfig;
  35 import com.sun.jersey.client.urlconnection.HTTPSProperties;
  36
  37 @Component
  38 public class UiInitializer {
  39
  40     // Create all-trusting host name verifier
  41     private final HostnameVerifier hostnameVerifier = new HostnameVerifier() {
  42         @Override
  43         public boolean verify(String hostname, SSLSession session) {
  44             return true;
  45         }
  46     };
  47     // Create a trust manager that does not validate certificate chains
  48     private final TrustManager[] trustAll = new TrustManager[] { new X509TrustManager() {
  49         @Override
  50         public X509Certificate[] getAcceptedIssuers() {
  51             return null; // Not relevant.
  52         }
  53
  54         @Override
  55         public void checkClientTrusted(X509Certificate[] certs, String authType) {
  56             // Do nothing. Just allow them all.
  57         }
  58
  59         @Override
  60         public void checkServerTrusted(X509Certificate[] certs, String authType) {
  61             // Do nothing. Just allow them all.
  62         }
  63     } };
  64
  65     @EventListener(ContextRefreshedEvent.class)
  66     public void setHttpProperties() throws NoSuchAlgorithmException, KeyManagementException {
  67         SSLContext sslContext = SSLContext.getInstance("SSL");
  68         sslContext.init(null, this.trustAll, new java.security.SecureRandom());
  69         HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
  70         // Install the all-trusting host verifier
  71         HttpsURLConnection.setDefaultHostnameVerifier(this.hostnameVerifier);
  72         DefaultClientConfig config = new DefaultClientConfig();
  73         Map<String, Object> properties = config.getProperties();
  74         HTTPSProperties httpsProperties = new HTTPSProperties((str, sslSession) -> true, sslContext);
  75         properties.put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, httpsProperties);
  76     }
  77
  78 }