Examples with SniSslEngineFactory com.datastax.oss.driver.internal.core.ssl.SniSslEngineFactory used on opensource projects

Example 1 with SniSslEngineFactory

use of com.datastax.oss.driver.internal.core.ssl.SniSslEngineFactory in project java-driver by datastax.

the class CloudConfigFactory method createCloudConfig.

/**
 * Creates a {@link CloudConfig} with information fetched from the specified {@link InputStream}.
 *
 * <p>The stream must contain a valid secure connect bundle archive in ZIP format. Note that the
 * stream will be closed after a call to that method and cannot be used anymore.
 *
 * @param cloudConfig the stream to read the Cloud configuration from; cannot be null.
 * @throws IOException If the Cloud configuration cannot be read.
 * @throws GeneralSecurityException If the Cloud SSL context cannot be created.
 */
@NonNull
public CloudConfig createCloudConfig(@NonNull InputStream cloudConfig) throws IOException, GeneralSecurityException {
    Objects.requireNonNull(cloudConfig, "cloudConfig cannot be null");
    JsonNode configJson = null;
    ByteArrayOutputStream keyStoreOutputStream = null;
    ByteArrayOutputStream trustStoreOutputStream = null;
    ObjectMapper mapper = new ObjectMapper().configure(JsonParser.Feature.AUTO_CLOSE_SOURCE, false);
    try (ZipInputStream zipInputStream = new ZipInputStream(cloudConfig)) {
        ZipEntry entry;
        while ((entry = zipInputStream.getNextEntry()) != null) {
            String fileName = entry.getName();
            switch(fileName) {
                case "config.json":
                    configJson = mapper.readTree(zipInputStream);
                    break;
                case "identity.jks":
                    keyStoreOutputStream = new ByteArrayOutputStream();
                    ByteStreams.copy(zipInputStream, keyStoreOutputStream);
                    break;
                case "trustStore.jks":
                    trustStoreOutputStream = new ByteArrayOutputStream();
                    ByteStreams.copy(zipInputStream, trustStoreOutputStream);
                    break;
            }
        }
    }
    if (configJson == null) {
        throw new IllegalStateException("Invalid bundle: missing file config.json");
    }
    if (keyStoreOutputStream == null) {
        throw new IllegalStateException("Invalid bundle: missing file identity.jks");
    }
    if (trustStoreOutputStream == null) {
        throw new IllegalStateException("Invalid bundle: missing file trustStore.jks");
    }
    char[] keyStorePassword = getKeyStorePassword(configJson);
    char[] trustStorePassword = getTrustStorePassword(configJson);
    ByteArrayInputStream keyStoreInputStream = new ByteArrayInputStream(keyStoreOutputStream.toByteArray());
    ByteArrayInputStream trustStoreInputStream = new ByteArrayInputStream(trustStoreOutputStream.toByteArray());
    SSLContext sslContext = createSslContext(keyStoreInputStream, keyStorePassword, trustStoreInputStream, trustStorePassword);
    URL metadataServiceUrl = getMetadataServiceUrl(configJson);
    JsonNode proxyMetadataJson;
    try (BufferedReader proxyMetadata = fetchProxyMetadata(metadataServiceUrl, sslContext)) {
        proxyMetadataJson = mapper.readTree(proxyMetadata);
    }
    InetSocketAddress sniProxyAddress = getSniProxyAddress(proxyMetadataJson);
    List<EndPoint> endPoints = getEndPoints(proxyMetadataJson, sniProxyAddress);
    String localDatacenter = getLocalDatacenter(proxyMetadataJson);
    SniSslEngineFactory sslEngineFactory = new SniSslEngineFactory(sslContext);
    validateIfBundleContainsUsernamePassword(configJson);
    return new CloudConfig(sniProxyAddress, endPoints, localDatacenter, sslEngineFactory);
}