javeme commented on code in PR #133:
URL:
https://github.com/apache/incubator-hugegraph-commons/pull/133#discussion_r1310624196
##########
hugegraph-common/src/main/java/org/apache/hugegraph/rest/AbstractRestClient.java:
##########
@@ -360,136 +416,36 @@ public String getAuthContext() {
return this.authContext.get();
}
- private void attachAuthToRequest(Builder builder) {
+ private void attachAuthToRequest(Request.Builder builder) {
// Add auth header
String auth = this.getAuthContext();
if (StringUtils.isNotEmpty(auth)) {
- builder.header(HttpHeaders.AUTHORIZATION, auth);
+ builder.addHeader("Authorization", auth);
}
}
- private Pair<Builder, Entity<?>> buildRequest(
- String path, String id, Object object,
- MultivaluedMap<String, Object> headers,
- Map<String, Object> params) {
- WebTarget target = this.target;
- if (params != null && !params.isEmpty()) {
- for (Map.Entry<String, Object> param : params.entrySet()) {
- target = target.queryParam(param.getKey(), param.getValue());
- }
- }
-
- Builder builder = id == null ? target.path(path).request() :
- target.path(path).path(encode(id)).request();
+ @SneakyThrows
+ private X509TrustManager trustManagerForCertificates(String
trustStoreFile, String trustStorePass){
+ char[] password = trustStorePass.toCharArray();
- String encoding = null;
- if (headers != null && !headers.isEmpty()) {
- // Add headers
- builder = builder.headers(headers);
- encoding = (String) headers.getFirst("Content-Encoding");
+ //load keyStore
+ KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+ try(FileInputStream in = new FileInputStream(trustStoreFile)) {
+ keyStore.load(in, password);
}
- // Add auth header
- this.attachAuthToRequest(builder);
- /*
- * We should specify the encoding of the entity object manually,
- * because Entity.json() method will reset "content encoding =
- * null" that has been set up by headers before.
- */
- MediaType customContentType = parseCustomContentType(headers);
- Entity<?> entity;
- if (encoding == null) {
- entity = Entity.entity(object, customContentType);
- } else {
- Variant variant = new Variant(customContentType,
- (String) null, encoding);
- entity = Entity.entity(object, variant);
- }
- return Pair.of(builder, entity);
- }
-
- /**
- * parse user custom content-type, returns MediaType.APPLICATION_JSON_TYPE
default.
- * @param headers custom http header
- */
- private static MediaType parseCustomContentType(MultivaluedMap<String,
Object> headers) {
- String customContentType = null;
- if (MapUtils.isNotEmpty(headers) && headers.get("Content-Type") !=
null) {
- List<?> contentTypeObj = headers.get("Content-Type");
- if (contentTypeObj != null && !contentTypeObj.isEmpty()) {
- customContentType = contentTypeObj.get(0).toString();
- }
- return MediaType.valueOf(customContentType);
- }
- return MediaType.APPLICATION_JSON_TYPE;
- }
-
- private static void configConnectionManager(String url, ClientConfig conf)
{
- /*
- * Using httpclient with connection pooling, and configuring the
- * jersey connector. But the jersey that has been released in the
maven central
- * repository seems to have a bug:
https://github.com/jersey/jersey/pull/3752
- */
- PoolingHttpClientConnectionManager pool = connectionManager(url, conf);
- Object maxTotal = conf.getProperty("maxTotal");
- Object maxPerRoute = conf.getProperty("maxPerRoute");
- if (maxTotal != null) {
- pool.setMaxTotal((int) maxTotal);
- }
- if (maxPerRoute != null) {
- pool.setDefaultMaxPerRoute((int) maxPerRoute);
- }
- conf.property(ApacheClientProperties.CONNECTION_MANAGER, pool);
- conf.connectorProvider(new ApacheConnectorProvider());
- }
+ TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ trustManagerFactory.init(keyStore);
- private static PoolingHttpClientConnectionManager connectionManager(
- String url,
- ClientConfig conf) {
- String protocol = (String) conf.getProperty("protocol");
- if (protocol == null || "http".equals(protocol)) {
- return new PoolingHttpClientConnectionManager(TTL, TimeUnit.HOURS);
+ TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
+ if (trustManagers.length != 1 || !(trustManagers[0] instanceof
X509TrustManager)) {
+ throw new IllegalStateException("Unexpected default trust
managers:"
+ + Arrays.toString(trustManagers));
}
-
- assert "https".equals(protocol);
- String trustStoreFile = (String) conf.getProperty("trustStoreFile");
- E.checkArgument(trustStoreFile != null && !trustStoreFile.isEmpty(),
- "The trust store file must be set when use https");
- String trustStorePass = (String)
conf.getProperty("trustStorePassword");
- E.checkArgument(trustStorePass != null,
- "The trust store password must be set when use https");
- SSLContext context = SslConfigurator.newInstance()
- .trustStoreFile(trustStoreFile)
- .trustStorePassword(trustStorePass)
- .securityProtocol("SSL")
- .createSSLContext();
- TrustManager[] trustAllManager = NoCheckTrustManager.create();
- try {
- context.init(null, trustAllManager, new SecureRandom());
- } catch (KeyManagementException e) {
- throw new ClientException("Failed to init security management", e);
- }
-
- HostnameVerifier verifier = new HostNameVerifier(url);
- ConnectionSocketFactory httpSocketFactory, httpsSocketFactory;
- httpSocketFactory = PlainConnectionSocketFactory.getSocketFactory();
- httpsSocketFactory = new SSLConnectionSocketFactory(context, verifier);
- Registry<ConnectionSocketFactory> registry =
- RegistryBuilder.<ConnectionSocketFactory>create()
- .register("http", httpSocketFactory)
- .register("https", httpsSocketFactory)
- .build();
- return new PoolingHttpClientConnectionManager(registry, null,
- null, null, TTL,
- TimeUnit.HOURS);
- }
-
- public static String encode(String raw) {
- return UriComponent.encode(raw, UriComponent.Type.PATH_SEGMENT);
+ return (X509TrustManager) trustManagers[0];
}
public static class HostNameVerifier implements HostnameVerifier {
-
Review Comment:
expect a blank line after the class define
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
