summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-05-05 09:36:51 +0200
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-05-05 09:36:51 +0200
commit72c60055809b0f7994c4e78c9ba54a3828506a46 (patch)
tree29588b7d8ad6836c68a04242ca896bf6376690f0
parent2a8a81480af60c447f3ec927d3432b651a4a1bfb (diff)
downloadEAAF-Components-72c60055809b0f7994c4e78c9ba54a3828506a46.tar.gz
EAAF-Components-72c60055809b0f7994c4e78c9ba54a3828506a46.tar.bz2
EAAF-Components-72c60055809b0f7994c4e78c9ba54a3828506a46.zip
refactor interface of method 'buildSslContextWithSslClientAuthentication' to inject information about the KeyStore-Provider
-rw-r--r--eaaf_core_utils/pom.xml7
-rw-r--r--eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java5
-rw-r--r--eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java15
3 files changed, 13 insertions, 14 deletions
diff --git a/eaaf_core_utils/pom.xml b/eaaf_core_utils/pom.xml
index 630ac8d4..13df6c1e 100644
--- a/eaaf_core_utils/pom.xml
+++ b/eaaf_core_utils/pom.xml
@@ -49,12 +49,7 @@
<groupId>io.grpc</groupId>
<artifactId>grpc-core</artifactId>
</dependency>
-
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-webmvc</artifactId>
- </dependency>
-
+
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java
index 00d5891a..4e811eaa 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java
@@ -1,6 +1,7 @@
package at.gv.egiz.eaaf.core.impl.http;
import java.security.KeyStore;
+import java.security.Provider;
import java.util.HashMap;
import java.util.Map;
@@ -42,6 +43,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
import lombok.extern.slf4j.Slf4j;
@Slf4j
@@ -237,8 +239,7 @@ public class HttpClientFactory implements IHttpClientFactory {
SSLContext sslContext = null;
if (httpClientConfig.getAuthMode().equals(HttpClientConfiguration.ClientAuthMode.SSL)) {
log.debug("Open keyStore with type: {}", httpClientConfig.getKeyStoreConfig().getKeyStoreType());
- final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(httpClientConfig.getKeyStoreConfig())
- .getFirst();
+ final Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(httpClientConfig.getKeyStoreConfig());
log.trace("Injecting SSL client-authentication into http client ... ");
sslContext = HttpUtils.buildSslContextWithSslClientAuthentication(keyStore,
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java
index 2d514912..06b8dfd2 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java
@@ -22,6 +22,7 @@ import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
+import java.security.Provider;
import java.security.UnrecoverableKeyException;
import javax.annotation.Nonnull;
@@ -29,15 +30,15 @@ import javax.annotation.Nullable;
import javax.net.ssl.SSLContext;
import javax.servlet.http.HttpServletRequest;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
-
import org.apache.commons.lang3.StringUtils;
import org.apache.http.conn.ssl.TrustAllStrategy;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.ssl.TrustStrategy;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
import lombok.extern.slf4j.Slf4j;
@Slf4j
@@ -155,7 +156,7 @@ public class HttpUtils {
* @throws EaafFactoryException In case of a {@link SSLContext}
* initialization error
*/
- public static SSLContext buildSslContextWithSslClientAuthentication(@Nonnull final KeyStore keyStore,
+ public static SSLContext buildSslContextWithSslClientAuthentication(@Nonnull final Pair<KeyStore, Provider> keyStore,
@Nullable String keyAlias, @Nullable String keyPasswordString,
boolean trustAllServerCertificates, @Nonnull String friendlyName)
throws EaafConfigurationException, EaafFactoryException {
@@ -165,13 +166,15 @@ public class HttpUtils {
: keyPasswordString.toCharArray();
SSLContextBuilder sslContextBuilder = SSLContexts.custom();
+ Provider provider = null;
+ sslContextBuilder.setProvider(provider);
if (StringUtils.isNotEmpty(keyAlias)) {
sslContextBuilder = sslContextBuilder
- .loadKeyMaterial(keyStore, keyPassword, new EaafSslKeySelectionStrategy(keyAlias));
+ .loadKeyMaterial(keyStore.getFirst(), keyPassword, new EaafSslKeySelectionStrategy(keyAlias));
} else {
sslContextBuilder = sslContextBuilder
- .loadKeyMaterial(keyStore, keyPassword);
+ .loadKeyMaterial(keyStore.getFirst(), keyPassword);
}