From f95a1fb3982395ccbc7e139cb5bd8a1c106bbb48 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 11 Mar 2020 12:46:45 +0100
Subject: refactor HttpClientFactory.java to build HTTP clients with different
 authentication mechanisms

---
 .../impl/http/EaafSslKeySelectionStrategy.java     | 50 ++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslKeySelectionStrategy.java

(limited to 'eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslKeySelectionStrategy.java')

diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslKeySelectionStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslKeySelectionStrategy.java
new file mode 100644
index 00000000..1e1e2137
--- /dev/null
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslKeySelectionStrategy.java
@@ -0,0 +1,50 @@
+package at.gv.egiz.eaaf.core.impl.http;
+
+import java.net.Socket;
+import java.util.Map;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.http.ssl.PrivateKeyDetails;
+import org.apache.http.ssl.PrivateKeyStrategy;
+
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * Private Key selection implementation for Apache HTTP clients.
+ *
+ * @author tlenz
+ *
+ */
+@Slf4j
+public class EaafSslKeySelectionStrategy implements PrivateKeyStrategy {
+
+  private final String keyAlias;
+
+  /**
+   * Private Key selection implementation for Apache HTTP clients.
+   *
+   * @param alias Alias of the Key that should be used for SSL client authentication.
+   */
+  public EaafSslKeySelectionStrategy(String alias) {
+    this.keyAlias = alias;
+
+  }
+
+  @Override
+  public String chooseAlias(Map<String, PrivateKeyDetails> aliases, Socket socket) {
+    log.trace("Selection SSL client-auth key for alias: {}", keyAlias);
+    final PrivateKeyDetails selected = aliases.get(keyAlias);
+    if (selected != null) {
+      log.trace("Select SL client-auth key with type:", selected.getType());
+      return keyAlias;
+
+    } else {
+      log.warn("KeyStore contains NO key with alias: {}. Using first key from keystore", keyAlias);
+      log.info("Available aliases: {}", StringUtils.join(aliases.keySet(), ", "));
+      return aliases.keySet().iterator().next();
+
+    }
+
+  }
+
+}
-- 
cgit v1.2.3