diff options
Diffstat (limited to 'base/kra/functional')
-rw-r--r-- | base/kra/functional/src/com/netscape/cms/servlet/test/DRMErrorInterceptor.java | 43 | ||||
-rw-r--r-- | base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java | 172 |
2 files changed, 3 insertions, 212 deletions
diff --git a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMErrorInterceptor.java b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMErrorInterceptor.java deleted file mode 100644 index 7572acef5..000000000 --- a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMErrorInterceptor.java +++ /dev/null @@ -1,43 +0,0 @@ -package com.netscape.cms.servlet.test; - -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.MultivaluedMap; - -import org.jboss.resteasy.client.ClientResponse; -import org.jboss.resteasy.client.core.ClientErrorInterceptor; - -import com.netscape.cms.servlet.base.CMSException; - -public class DRMErrorInterceptor implements ClientErrorInterceptor { - - public void handle(ClientResponse<?> response) { - - // handle HTTP code 4xx and 5xx - int code = response.getResponseStatus().getStatusCode(); - if (code < 400) return; - - MultivaluedMap<String, String> headers = response.getHeaders(); - String contentType = headers.getFirst("Content-Type"); - - // handle XML content only - if (!contentType.startsWith(MediaType.TEXT_XML)) return; - - CMSException exception; - - try { - // Requires RESTEasy 2.3.2 - // https://issues.jboss.org/browse/RESTEASY-652 - CMSException.Data data = response.getEntity(CMSException.Data.class); - - Class<?> clazz = Class.forName(data.className); - exception = (CMSException) clazz.getConstructor(CMSException.Data.class).newInstance(data); - - } catch (Exception e) { - e.printStackTrace(); - return; - } - - throw exception; - } - -} diff --git a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java index f346526d8..772612bf4 100644 --- a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java +++ b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java @@ -1,35 +1,17 @@ package com.netscape.cms.servlet.test; -import java.io.IOException; -import java.net.InetAddress; -import java.net.InetSocketAddress; -import java.net.Socket; -import java.net.URI; import java.net.URISyntaxException; -import java.net.UnknownHostException; import java.util.Collection; -import java.util.Enumeration; import java.util.Iterator; -import org.apache.commons.httpclient.ConnectTimeoutException; -import org.apache.http.client.HttpClient; -import org.apache.http.conn.scheme.LayeredSchemeSocketFactory; -import org.apache.http.conn.scheme.Scheme; -import org.apache.http.conn.scheme.SchemeSocketFactory; -import org.apache.http.impl.client.DefaultHttpClient; -import org.apache.http.params.HttpParams; -import org.jboss.resteasy.client.ClientExecutor; import org.jboss.resteasy.client.ClientResponse; import org.jboss.resteasy.client.ProxyFactory; -import org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor; -import org.jboss.resteasy.spi.ResteasyProviderFactory; -import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; -import org.mozilla.jss.ssl.SSLSocket; import com.netscape.certsrv.dbs.keydb.KeyId; import com.netscape.certsrv.request.RequestId; import com.netscape.cms.servlet.admin.SystemCertificateResource; import com.netscape.cms.servlet.cert.model.CertificateData; +import com.netscape.cms.servlet.csadmin.CMSRestClient; import com.netscape.cms.servlet.key.KeyResource; import com.netscape.cms.servlet.key.KeysResource; import com.netscape.cms.servlet.key.model.KeyData; @@ -43,129 +25,7 @@ import com.netscape.cms.servlet.request.model.KeyRequestInfos; import com.netscape.cms.servlet.request.model.RecoveryRequestData; import com.netscape.cmsutil.util.Utils; -public class DRMRestClient { - - // Callback to approve or deny returned SSL server certs - // Right now, simply approve the cert. - // ToDO: Look into taking this JSS http client code and move it into - // its own class to be used by possible future clients. - private class ServerCertApprovalCB implements SSLCertificateApprovalCallback { - - public boolean approve(org.mozilla.jss.crypto.X509Certificate servercert, - SSLCertificateApprovalCallback.ValidityStatus status) { - - //For now lets just accept the server cert. This is a test tool, being - // pointed at a well know kra instance. - - if (servercert != null) { - System.out.println("Peer cert details: " + - "\n subject: " + servercert.getSubjectDN().toString() + - "\n issuer: " + servercert.getIssuerDN().toString() + - "\n serial: " + servercert.getSerialNumber().toString() - ); - } - - SSLCertificateApprovalCallback.ValidityItem item; - - Enumeration<?> errors = status.getReasons(); - int i = 0; - while (errors.hasMoreElements()) { - i++; - item = (SSLCertificateApprovalCallback.ValidityItem) errors.nextElement(); - System.out.println("item " + i + - " reason=" + item.getReason() + - " depth=" + item.getDepth()); - - int reason = item.getReason(); - - if (reason == - SSLCertificateApprovalCallback.ValidityStatus.UNTRUSTED_ISSUER || - reason == SSLCertificateApprovalCallback.ValidityStatus.BAD_CERT_DOMAIN) { - - //Allow these two since we haven't necessarily installed the CA cert for trust - // and we are choosing "localhost" as the host for this client. - - return true; - - } - } - - //For other errors return false - - return false; - } - } - - private class JSSProtocolSocketFactory implements SchemeSocketFactory, LayeredSchemeSocketFactory { - - @Override - public Socket createSocket(HttpParams params) - throws IOException { - - return null; - - } - - @Override - public Socket connectSocket(Socket sock, - InetSocketAddress remoteAddress, - InetSocketAddress localAddress, - HttpParams params) - throws IOException, - UnknownHostException, - ConnectTimeoutException { - - SSLSocket socket; - - String hostName = null; - int port = 0; - if (remoteAddress != null) { - hostName = remoteAddress.getHostName(); - port = remoteAddress.getPort(); - - } - - int localPort = 0; - InetAddress localAddr = null; - - if (localAddress != null) { - localPort = localAddress.getPort(); - localAddr = localAddress.getAddress(); - } - - if (sock == null) { - socket = new SSLSocket(InetAddress.getByName(hostName), - port, - localAddr, - localPort, - new ServerCertApprovalCB(), - null); - - } else { - socket = new SSLSocket(sock, hostName, new ServerCertApprovalCB(), null); - } - - if (socket != null && clientCertNickname != null) { - socket.setClientCertNickname(clientCertNickname); - } - - return socket; - } - - @Override - public boolean isSecure(Socket sock) { - //We only use this factory in the case of SSL Connections - return true; - } - - @Override - public Socket createLayeredSocket(Socket arg0, String arg1, int arg2, boolean arg3) throws IOException, - UnknownHostException { - //This method implementation is required to get SSL working. - return null; - } - - } +public class DRMRestClient extends CMSRestClient { private KeyResource keyClient; private KeysResource keysClient; @@ -173,34 +33,8 @@ public class DRMRestClient { private KeyRequestResource keyRequestClient; private SystemCertificateResource systemCertClient; - private String clientCertNickname = null; - public DRMRestClient(String baseUri, String clientCertNick) throws URISyntaxException { - - // For SSL we are assuming the caller has already intialized JSS and has - // a valid CryptoManager and CryptoToken - // optional clientCertNickname is provided for use if required. - - URI uri = new URI(baseUri); - - String protocol = uri.getScheme(); - int port = uri.getPort(); - - clientCertNickname = clientCertNick; - HttpClient httpclient = new DefaultHttpClient(); - if (protocol != null && protocol.equals("https")) { - - Scheme scheme = new Scheme("https", port, new JSSProtocolSocketFactory()); - - // Register for port 443 our SSLSocketFactory to the ConnectionManager - httpclient.getConnectionManager().getSchemeRegistry().register(scheme); - - } - - ClientExecutor executor = new ApacheHttpClient4Executor(httpclient); - - ResteasyProviderFactory providerFactory = ResteasyProviderFactory.getInstance(); - providerFactory.addClientErrorInterceptor(new DRMErrorInterceptor()); + super(baseUri,clientCertNick); systemCertClient = ProxyFactory.create(SystemCertificateResource.class, uri, executor, providerFactory); keyRequestsClient = ProxyFactory.create(KeyRequestsResource.class, uri, executor, providerFactory); |