Skip to content

Commit

Permalink
Merge pull request #4 from inomera/fea/fb/2-loading-ssl-cert-from-config
Browse files Browse the repository at this point in the history 
Add PEM-based SSL support
  • Loading branch information
@FatihBozik
FatihBozik authored Jan 27, 2025
2 parents 04a90a5 + f6558a5 commit 64e3fb9
Show file tree
Hide file tree
Showing 22 changed files with 1,883 additions and 65 deletions.
83 changes: 55 additions & 28 deletions ...-integration/src/main/java/com/inomera/integration/config/model/HttpClientProperties.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,15 +49,18 @@ public class HttpClientProperties implements Serializable {
/**
* Whether SSL validation should be skipped.
*/
private boolean skipSsl;
private Boolean skipSsl;

/**
* The SSL properties.
*/
private SSLProperties ssl;

/**
* Whether automatic redirection handling is enabled.
*/
private boolean redirectsEnable;

//TODO: SSL props should be added

/**
* Default constructor for {@code HttpClientProperties}.
*/
Expand All @@ -67,17 +70,20 @@ public HttpClientProperties() {
/**
* Constructs an instance of {@code HttpClientProperties} with specified values.
*
* @param requestTimeout The request timeout in milliseconds.
* @param connectTimeout The connection timeout in milliseconds.
* @param requestTimeout The request timeout in milliseconds.
* @param connectTimeout The connection timeout in milliseconds.
* @param idleConnectionsTimeout The idle connection timeout in milliseconds.
* @param maxConnections The maximum number of connections.
* @param maxConnPerRoute The maximum connections per route.
* @param poolConcurrencyPolicy The connection pool concurrency policy.
* @param timeToLive The connection time-to-live in milliseconds.
* @param skipSsl Whether to skip SSL validation.
* @param redirectsEnable Whether to enable automatic redirects.
* @param maxConnections The maximum number of connections.
* @param maxConnPerRoute The maximum connections per route.
* @param poolConcurrencyPolicy The connection pool concurrency policy.
* @param timeToLive The connection time-to-live in milliseconds.
* @param skipSsl Whether to skip SSL validation.
* @param ssl The SSL properties.
* @param redirectsEnable Whether to enable automatic redirects.
*/
public HttpClientProperties(int requestTimeout, int connectTimeout, int idleConnectionsTimeout, int maxConnections, int maxConnPerRoute, String poolConcurrencyPolicy, int timeToLive, boolean skipSsl, boolean redirectsEnable) {
public HttpClientProperties(int requestTimeout, int connectTimeout, int idleConnectionsTimeout, int maxConnections,
int maxConnPerRoute, String poolConcurrencyPolicy, int timeToLive, Boolean skipSsl,
SSLProperties ssl, boolean redirectsEnable) {
this.requestTimeout = requestTimeout;
this.connectTimeout = connectTimeout;
this.idleConnectionsTimeout = idleConnectionsTimeout;
Expand All @@ -86,6 +92,7 @@ public HttpClientProperties(int requestTimeout, int connectTimeout, int idleConn
this.poolConcurrencyPolicy = poolConcurrencyPolicy;
this.timeToLive = timeToLive;
this.skipSsl = skipSsl;
this.ssl = ssl;
this.redirectsEnable = redirectsEnable;
}

Expand All @@ -98,6 +105,7 @@ private HttpClientProperties(Builder builder) {
this.poolConcurrencyPolicy = builder.poolConcurrencyPolicy;
this.timeToLive = builder.timeToLive;
this.skipSsl = builder.skipSsl;
this.ssl = builder.ssl;
this.redirectsEnable = builder.redirectsEnable;
}

Expand Down Expand Up @@ -157,14 +165,26 @@ public void setTimeToLive(long timeToLive) {
this.timeToLive = timeToLive;
}

public boolean isSkipSsl() {
public Boolean getSkipSsl() {
return skipSsl;
}

public void setSkipSsl(boolean skipSsl) {
public boolean isSkipSsl() {
return skipSsl == null || skipSsl;
}

public void setSkipSsl(Boolean skipSsl) {
this.skipSsl = skipSsl;
}

public SSLProperties getSsl() {
return ssl;
}

public void setSsl(SSLProperties ssl) {
this.ssl = ssl;
}

public boolean isRedirectsEnable() {
return redirectsEnable;
}
Expand All @@ -176,16 +196,17 @@ public void setRedirectsEnable(boolean redirectsEnable) {
@Override
public String toString() {
return "HttpClientProperties{" +
"requestTimeout=" + requestTimeout +
", connectTimeout=" + connectTimeout +
", idleConnectionsTimeout=" + idleConnectionsTimeout +
", maxConnections=" + maxConnections +
", maxConnPerRoute=" + maxConnPerRoute +
", poolConcurrencyPolicy='" + poolConcurrencyPolicy + '\'' +
", timeToLive=" + timeToLive +
", skipSsl=" + skipSsl +
", redirectsEnable=" + redirectsEnable +
'}';
"requestTimeout=" + requestTimeout +
", connectTimeout=" + connectTimeout +
", idleConnectionsTimeout=" + idleConnectionsTimeout +
", maxConnections=" + maxConnections +
", maxConnPerRoute=" + maxConnPerRoute +
", poolConcurrencyPolicy='" + poolConcurrencyPolicy + '\'' +
", timeToLive=" + timeToLive +
", skipSsl=" + skipSsl +
", ssl=" + ssl +
", redirectsEnable=" + redirectsEnable +
'}';
}

public void patch(HttpClientProperties httpClientProperties) {
Expand Down Expand Up @@ -221,8 +242,8 @@ public void patch(HttpClientProperties httpClientProperties) {
setTimeToLive(httpClientProperties.getTimeToLive());
}

if (!isSkipSsl()) {
setSkipSsl(httpClientProperties.isSkipSsl());
if (getSkipSsl() == null) {
setSkipSsl(httpClientProperties.getSkipSsl());
}

if (!isRedirectsEnable()) {
Expand All @@ -242,8 +263,9 @@ public static class Builder {
private int maxConnPerRoute;
private String poolConcurrencyPolicy;
private long timeToLive;
private boolean skipSsl;
private Boolean skipSsl;
private boolean redirectsEnable;
private SSLProperties ssl;

public Builder requestTimeout(long requestTimeout) {
this.requestTimeout = requestTimeout;
Expand Down Expand Up @@ -280,7 +302,7 @@ public Builder timeToLive(long timeToLive) {
return this;
}

public Builder skipSsl(boolean skipSsl) {
public Builder skipSsl(Boolean skipSsl) {
this.skipSsl = skipSsl;
return this;
}
Expand All @@ -290,6 +312,11 @@ public Builder redirectsEnable(boolean redirectsEnable) {
return this;
}

public Builder ssl(SSLProperties ssl) {
this.ssl = ssl;
return this;
}

public HttpClientProperties build() {
return new HttpClientProperties(this);
}
Expand Down
83 changes: 83 additions & 0 deletions ...ntegration/src/main/java/com/inomera/integration/config/model/PemSSLBundleProperties.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
package com.inomera.integration.config.model;

/**
* {@link SSLBundleProperties} for PEM-encoded certificates and private keys.
*/
public class PemSSLBundleProperties extends SSLBundleProperties {
/**
* Keystore properties.
*/
private final Store keystore = new Store();

/**
* Truststore properties.
*/
private final Store truststore = new Store();

/**
* Store properties.
*/
public static class Store {

/**
* Type of the store to create, e.g. JKS.
*/
private String type;

/**
* Location or content of the certificate or certificate chain in PEM format.
*/
private String certificate;

/**
* Location or content of the private key in PEM format.
*/
private String privateKey;

/**
* Password used to decrypt an encrypted private key.
*/
private String privateKeyPassword;

public String getType() {
return this.type;
}

public void setType(String type) {
this.type = type;
}

public String getCertificate() {
return this.certificate;
}

public void setCertificate(String certificate) {
this.certificate = certificate;
}

public String getPrivateKey() {
return this.privateKey;
}

public void setPrivateKey(String privateKey) {
this.privateKey = privateKey;
}

public String getPrivateKeyPassword() {
return this.privateKeyPassword;
}

public void setPrivateKeyPassword(String privateKeyPassword) {
this.privateKeyPassword = privateKeyPassword;
}

}

public Store getKeystore() {
return this.keystore;
}

public Store getTruststore() {
return this.truststore;
}
}
100 changes: 100 additions & 0 deletions ...o-integration/src/main/java/com/inomera/integration/config/model/SSLBundleProperties.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,100 @@
package com.inomera.integration.config.model;

import java.util.Set;

/**
* Base class for SSL Bundle properties.
*/
public abstract class SSLBundleProperties {

/**
* Key details for the bundle.
*/
private final Key key = new Key();

/**
* Options for the SLL connection.
*/
private final Options options = new Options();

/**
* SSL Protocol to use.
*/
private String protocol = "TLS";

public Key getKey() {
return this.key;
}

public Options getOptions() {
return this.options;
}

public String getProtocol() {
return this.protocol;
}

public void setProtocol(String protocol) {
this.protocol = protocol;
}

public static class Options {

/**
* Supported SSL ciphers.
*/
private Set<String> ciphers;

/**
* Enabled SSL protocols.
*/
private Set<String> enabledProtocols;

public Set<String> getCiphers() {
return this.ciphers;
}

public void setCiphers(Set<String> ciphers) {
this.ciphers = ciphers;
}

public Set<String> getEnabledProtocols() {
return this.enabledProtocols;
}

public void setEnabledProtocols(Set<String> enabledProtocols) {
this.enabledProtocols = enabledProtocols;
}

}

public static class Key {

/**
* The password used to access the key in the key store.
*/
private String password;

/**
* The alias that identifies the key in the key store.
*/
private String alias;

public String getPassword() {
return this.password;
}

public void setPassword(String password) {
this.password = password;
}

public String getAlias() {
return this.alias;
}

public void setAlias(String alias) {
this.alias = alias;
}

}
}
16 changes: 16 additions & 0 deletions micro-integration/src/main/java/com/inomera/integration/config/model/SSLProperties.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
package com.inomera.integration.config.model;

/**
* Properties for centralized SSL trust material configuration.
*/
public class SSLProperties {

/**
* PEM-encoded SSL trust material.
*/
private final PemSSLBundleProperties pem = new PemSSLBundleProperties();

public PemSSLBundleProperties getPem() {
return this.pem;
}
}
2 changes: 1 addition & 1 deletion ...on/src/test/java/com/inomera/integration/config/DefaultAdapterConfigDataSupplierTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ void should_getDefaultConfig() {
assertEquals(20000L, config.getAdapterProperties().getHttp().getRequestTimeout());
assertEquals(30000L, config.getAdapterProperties().getHttp().getIdleConnectionsTimeout());
assertEquals(30000L, config.getAdapterProperties().getHttp().getTimeToLive());
assertTrue(config.getAdapterProperties().getHttp().isSkipSsl());
assertTrue(config.getAdapterProperties().getHttp().getSkipSsl());
}

@Test
Expand Down
Loading

0 comments on commit 64e3fb9

Please sign in to comment.