2 files changed, 3 insertions, 212 deletions

diff --git a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMErrorInterceptor.java b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMErrorInterceptor.java
deleted file mode 100644
index 7572acef5..000000000
--- a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMErrorInterceptor.java
+++ /dev/null
@@ -1,43 +0,0 @@
-package com.netscape.cms.servlet.test;
-
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.MultivaluedMap;
-
-import org.jboss.resteasy.client.ClientResponse;
-import org.jboss.resteasy.client.core.ClientErrorInterceptor;
-
-import com.netscape.cms.servlet.base.CMSException;
-
-public class DRMErrorInterceptor implements ClientErrorInterceptor  {
-
-    public void handle(ClientResponse<?> response) {
-
-        // handle HTTP code 4xx and 5xx
-        int code = response.getResponseStatus().getStatusCode();
-        if (code < 400) return;
-
-        MultivaluedMap<String, String> headers = response.getHeaders();
-        String contentType = headers.getFirst("Content-Type");
-
-        // handle XML content only
-        if (!contentType.startsWith(MediaType.TEXT_XML)) return;
-
-        CMSException exception;
-
-        try {
-            // Requires RESTEasy 2.3.2
-            // https://issues.jboss.org/browse/RESTEASY-652
-            CMSException.Data data = response.getEntity(CMSException.Data.class);
-
-            Class<?> clazz = Class.forName(data.className);
-            exception = (CMSException) clazz.getConstructor(CMSException.Data.class).newInstance(data);
-
-        } catch (Exception e) {
-            e.printStackTrace();
-            return;
-        }
-
-        throw exception;
-    }
-
-}
diff --git a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java
index f346526d8..772612bf4 100644
--- a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java
+++ b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java
@@ -1,35 +1,17 @@
 package com.netscape.cms.servlet.test;
 
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.InetSocketAddress;
-import java.net.Socket;
-import java.net.URI;
 import java.net.URISyntaxException;
-import java.net.UnknownHostException;
 import java.util.Collection;
-import java.util.Enumeration;
 import java.util.Iterator;
 
-import org.apache.commons.httpclient.ConnectTimeoutException;
-import org.apache.http.client.HttpClient;
-import org.apache.http.conn.scheme.LayeredSchemeSocketFactory;
-import org.apache.http.conn.scheme.Scheme;
-import org.apache.http.conn.scheme.SchemeSocketFactory;
-import org.apache.http.impl.client.DefaultHttpClient;
-import org.apache.http.params.HttpParams;
-import org.jboss.resteasy.client.ClientExecutor;
 import org.jboss.resteasy.client.ClientResponse;
 import org.jboss.resteasy.client.ProxyFactory;
-import org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor;
-import org.jboss.resteasy.spi.ResteasyProviderFactory;
-import org.mozilla.jss.ssl.SSLCertificateApprovalCallback;
-import org.mozilla.jss.ssl.SSLSocket;
 
 import com.netscape.certsrv.dbs.keydb.KeyId;
 import com.netscape.certsrv.request.RequestId;
 import com.netscape.cms.servlet.admin.SystemCertificateResource;
 import com.netscape.cms.servlet.cert.model.CertificateData;
+import com.netscape.cms.servlet.csadmin.CMSRestClient;
 import com.netscape.cms.servlet.key.KeyResource;
 import com.netscape.cms.servlet.key.KeysResource;
 import com.netscape.cms.servlet.key.model.KeyData;
@@ -43,129 +25,7 @@ import com.netscape.cms.servlet.request.model.KeyRequestInfos;
 import com.netscape.cms.servlet.request.model.RecoveryRequestData;
 import com.netscape.cmsutil.util.Utils;
 
-public class DRMRestClient {
-
-    // Callback to approve or deny returned SSL server certs
-    // Right now, simply approve the cert.
-    // ToDO: Look into taking this JSS http client code and move it into
-    // its own class to be used by possible future clients.
-    private class ServerCertApprovalCB implements SSLCertificateApprovalCallback {
-
-        public boolean approve(org.mozilla.jss.crypto.X509Certificate servercert,
-                SSLCertificateApprovalCallback.ValidityStatus status) {
-
-            //For now lets just accept the server cert. This is a test tool, being
-            // pointed at a well know kra instance.
-
-            if (servercert != null) {
-                System.out.println("Peer cert details: " +
-                        "\n     subject: " + servercert.getSubjectDN().toString() +
-                        "\n     issuer:  " + servercert.getIssuerDN().toString() +
-                        "\n     serial:  " + servercert.getSerialNumber().toString()
-                        );
-            }
-
-            SSLCertificateApprovalCallback.ValidityItem item;
-
-            Enumeration<?> errors = status.getReasons();
-            int i = 0;
-            while (errors.hasMoreElements()) {
-                i++;
-                item = (SSLCertificateApprovalCallback.ValidityItem) errors.nextElement();
-                System.out.println("item " + i +
-                        " reason=" + item.getReason() +
-                        " depth=" + item.getDepth());
-
-                int reason = item.getReason();
-
-                if (reason ==
-                        SSLCertificateApprovalCallback.ValidityStatus.UNTRUSTED_ISSUER ||
-                        reason == SSLCertificateApprovalCallback.ValidityStatus.BAD_CERT_DOMAIN) {
-
-                    //Allow these two since we haven't necessarily installed the CA cert for trust
-                    // and we are choosing "localhost" as the host for this client.
-
-                    return true;
-
-                }
-            }
-
-            //For other errors return false
-
-            return false;
-        }
-    }
-
-    private class JSSProtocolSocketFactory implements SchemeSocketFactory, LayeredSchemeSocketFactory {
-
-        @Override
-        public Socket createSocket(HttpParams params)
-                throws IOException {
-
-            return null;
-
-        }
-
-        @Override
-        public Socket connectSocket(Socket sock,
-                InetSocketAddress remoteAddress,
-                InetSocketAddress localAddress,
-                HttpParams params)
-                throws IOException,
-                UnknownHostException,
-                ConnectTimeoutException {
-
-            SSLSocket socket;
-
-            String hostName = null;
-            int port = 0;
-            if (remoteAddress != null) {
-                hostName = remoteAddress.getHostName();
-                port = remoteAddress.getPort();
-
-            }
-
-            int localPort = 0;
-            InetAddress localAddr = null;
-
-            if (localAddress != null) {
-                localPort = localAddress.getPort();
-                localAddr = localAddress.getAddress();
-            }
-
-            if (sock == null) {
-                socket = new SSLSocket(InetAddress.getByName(hostName),
-                        port,
-                        localAddr,
-                        localPort,
-                        new ServerCertApprovalCB(),
-                        null);
-
-            } else {
-                socket = new SSLSocket(sock, hostName, new ServerCertApprovalCB(), null);
-            }
-
-            if (socket != null && clientCertNickname != null) {
-                socket.setClientCertNickname(clientCertNickname);
-            }
-
-            return socket;
-        }
-
-        @Override
-        public boolean isSecure(Socket sock) {
-            //We only use this factory in the case of SSL Connections
-            return true;
-        }
-
-        @Override
-        public Socket createLayeredSocket(Socket arg0, String arg1, int arg2, boolean arg3) throws IOException,
-                UnknownHostException {
-            //This method implementation is required to get SSL working.
-            return null;
-        }
-
-    }
+public class DRMRestClient  extends CMSRestClient {
 
     private KeyResource keyClient;
     private KeysResource keysClient;
@@ -173,34 +33,8 @@ public class DRMRestClient {
     private KeyRequestResource keyRequestClient;
     private SystemCertificateResource systemCertClient;
 
-    private String clientCertNickname = null;
-
     public DRMRestClient(String baseUri, String clientCertNick) throws URISyntaxException {
-
-        // For SSL we are assuming the caller has already intialized JSS and has
-        // a valid CryptoManager and CryptoToken
-        // optional clientCertNickname is provided for use if required.
-
-        URI uri = new URI(baseUri);
-
-        String protocol = uri.getScheme();
-        int port = uri.getPort();
-
-        clientCertNickname = clientCertNick;
-        HttpClient httpclient = new DefaultHttpClient();
-        if (protocol != null && protocol.equals("https")) {
-
-            Scheme scheme = new Scheme("https", port, new JSSProtocolSocketFactory());
-
-            // Register for port 443 our SSLSocketFactory to the ConnectionManager
-            httpclient.getConnectionManager().getSchemeRegistry().register(scheme);
-
-        }
-
-        ClientExecutor executor = new ApacheHttpClient4Executor(httpclient);
-
-        ResteasyProviderFactory providerFactory = ResteasyProviderFactory.getInstance();
-        providerFactory.addClientErrorInterceptor(new DRMErrorInterceptor());
+        super(baseUri,clientCertNick);
 
         systemCertClient = ProxyFactory.create(SystemCertificateResource.class, uri, executor, providerFactory);
         keyRequestsClient = ProxyFactory.create(KeyRequestsResource.class, uri, executor, providerFactory);