fix(http): allow SSL host-certificate validation in any case

Before, it was only supported in case of SSL client authentication

1 files changed, 69 insertions, 0 deletions

diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java
index 269c516e..493d966b 100644
--- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java
@@ -1,6 +1,7 @@
 package at.gv.egiz.eaaf.core.test.http;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
@@ -17,6 +18,8 @@ import java.security.Provider;
 import java.security.UnrecoverableKeyException;
 import java.security.cert.X509Certificate;
 
+import javax.net.ssl.SSLHandshakeException;
+
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.hc.client5.http.ClientProtocolException;
 import org.apache.hc.client5.http.classic.methods.HttpGet;
@@ -214,6 +217,72 @@ public class HttpClientFactoryTest {
   }
 
   @Test
+  public void getCustomClientBasicAuthWithSslTrustAll() throws EaafException, ClientProtocolException,
+      IOException, KeyStoreException {
+    final HttpClientConfiguration config = new HttpClientConfiguration("jUnit");
+    config.setEnablePreEmptiveHttpBasicAuth(false);
+    config.setAuthMode("password");
+    config.setUsername("jUnit");
+    config.setPassword("password");
+    config.setDisableTlsHostCertificateValidation(true);
+
+    final CloseableHttpClient client = httpClientFactory.getHttpClient(config);
+    Assert.assertNotNull("httpClient", client);
+
+    // set-up mock-up web-server with SSL client authentication
+    final String localhost = InetAddress.getByName("localhost").getCanonicalHostName();
+    final HeldCertificate localhostCertificate = new HeldCertificate.Builder()
+        .addSubjectAlternativeName(localhost)
+        .build();
+    final HandshakeCertificates serverCertificates = new HandshakeCertificates.Builder()
+        .heldCertificate(localhostCertificate)
+        .build();
+    mockWebServer = new MockWebServer();
+    mockWebServer.useHttps(serverCertificates.sslSocketFactory(), false);
+    mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+        .setBody("Successful auth!"));
+    mockServerUrl = mockWebServer.url("/sp/junit");
+
+    // perform test request
+    final HttpUriRequest httpGet2 = new HttpGet(mockServerUrl.url().toString());
+    final CloseableHttpResponse httpResp2 = client.execute(httpGet2);
+    Assert.assertEquals("http statusCode", 200, httpResp2.getCode());
+
+  }
+
+  @Test
+  public void getCustomClientBasicAuthWithSsl() throws EaafException, ClientProtocolException,
+      IOException, KeyStoreException {
+    final HttpClientConfiguration config = new HttpClientConfiguration("jUnit");
+    config.setEnablePreEmptiveHttpBasicAuth(false);
+    config.setAuthMode("password");
+    config.setUsername("jUnit");
+    config.setPassword("password");
+
+    final CloseableHttpClient client = httpClientFactory.getHttpClient(config);
+    Assert.assertNotNull("httpClient", client);
+
+    // set-up mock-up web-server with SSL client authentication
+    final String localhost = InetAddress.getByName("localhost").getCanonicalHostName();
+    final HeldCertificate localhostCertificate = new HeldCertificate.Builder()
+        .addSubjectAlternativeName(localhost)
+        .build();
+    final HandshakeCertificates serverCertificates = new HandshakeCertificates.Builder()
+        .heldCertificate(localhostCertificate)
+        .build();
+    mockWebServer = new MockWebServer();
+    mockWebServer.useHttps(serverCertificates.sslSocketFactory(), false);
+    mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+        .setBody("Successful auth!"));
+    mockServerUrl = mockWebServer.url("/sp/junit");
+
+    // perform test request
+    final HttpUriRequest httpGet2 = new HttpGet(mockServerUrl.url().toString());
+    assertThrows(SSLHandshakeException.class, () -> client.execute(httpGet2));
+
+  }
+
+  @Test
   public void getCustomClientBasicAuthWithPreEmptive() throws EaafException, ClientProtocolException,
       IOException, InterruptedException {
     final HttpClientConfiguration config = new HttpClientConfiguration("jUnit");