Examples with SSLContextParameters - org.apache.camel.util.jsse.SSLContextParameters

Example 46 with SSLContextParameters

use of org.apache.camel.util.jsse.SSLContextParameters in project camel by apache.

the class FileToFtpsImplicitTLSWithoutClientAuthAndSSLContextParametersTest method createRegistry.

@Override
protected JndiRegistry createRegistry() throws Exception {
    KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setResource("server.jks");
    ksp.setPassword("password");
    TrustManagersParameters tmp = new TrustManagersParameters();
    tmp.setKeyStore(ksp);
    SSLContextParameters sslContextParameters = new SSLContextParameters();
    sslContextParameters.setSecureSocketProtocol("TLS");
    sslContextParameters.setTrustManagers(tmp);
    JndiRegistry registry = super.createRegistry();
    registry.bind("sslContextParameters", sslContextParameters);
    return registry;
}

Also used : JndiRegistry(org.apache.camel.impl.JndiRegistry) TrustManagersParameters(org.apache.camel.util.jsse.TrustManagersParameters) KeyStoreParameters(org.apache.camel.util.jsse.KeyStoreParameters) SSLContextParameters(org.apache.camel.util.jsse.SSLContextParameters)

Example 47 with SSLContextParameters

use of org.apache.camel.util.jsse.SSLContextParameters in project camel by apache.

the class AbstractSSLContextParametersFactoryBean method createInstance.

@Override
protected SSLContextParameters createInstance() throws Exception {
    SSLContextParameters newInstance = new SSLContextParameters();
    if (getKeyManagers() != null) {
        getKeyManagers().setCamelContext(getCamelContext());
        newInstance.setKeyManagers(getKeyManagers().getObject());
    }
    if (getTrustManagers() != null) {
        getTrustManagers().setCamelContext(getCamelContext());
        newInstance.setTrustManagers(getTrustManagers().getObject());
    }
    if (getSecureRandom() != null) {
        getSecureRandom().setCamelContext(getCamelContext());
        newInstance.setSecureRandom(getSecureRandom().getObject());
    }
    if (getClientParameters() != null) {
        getClientParameters().setCamelContext(getCamelContext());
        newInstance.setClientParameters(getClientParameters().getObject());
    }
    if (getServerParameters() != null) {
        getServerParameters().setCamelContext(getCamelContext());
        newInstance.setServerParameters(getServerParameters().getObject());
    }
    newInstance.setProvider(provider);
    newInstance.setSecureSocketProtocol(secureSocketProtocol);
    newInstance.setCertAlias(certAlias);
    newInstance.setCamelContext(getCamelContext());
    return newInstance;
}

Also used : SSLContextParameters(org.apache.camel.util.jsse.SSLContextParameters)

Example 48 with SSLContextParameters

use of org.apache.camel.util.jsse.SSLContextParameters in project camel by apache.

the class BoxConnectionHelper method createStandardAuthenticatedConnection.

public static BoxAPIConnection createStandardAuthenticatedConnection(BoxConfiguration configuration) {
    // Create web client for first leg of OAuth2
    //
    final WebClient webClient = new WebClient();
    final WebClientOptions options = webClient.getOptions();
    options.setRedirectEnabled(true);
    options.setJavaScriptEnabled(false);
    options.setThrowExceptionOnFailingStatusCode(true);
    options.setThrowExceptionOnScriptError(true);
    options.setPrintContentOnFailingStatusCode(LOG.isDebugEnabled());
    try {
        // use default SSP to create supported non-SSL protocols list
        final SSLContext sslContext = new SSLContextParameters().createSSLContext(null);
        options.setSSLClientProtocols(sslContext.createSSLEngine().getEnabledProtocols());
    } catch (GeneralSecurityException e) {
        throw ObjectHelper.wrapRuntimeCamelException(e);
    } catch (IOException e) {
        throw ObjectHelper.wrapRuntimeCamelException(e);
    } finally {
        if (webClient != null) {
            webClient.close();
        }
    }
    // disable default gzip compression, as htmlunit does not negotiate
    // pages sent with no compression
    new WebConnectionWrapper(webClient) {

        @Override
        public WebResponse getResponse(WebRequest request) throws IOException {
            request.setAdditionalHeader(HttpHeaders.ACCEPT_ENCODING, "identity");
            return super.getResponse(request);
        }
    };
    // add HTTP proxy if set
    final Map<String, Object> httpParams = configuration.getHttpParams();
    if (httpParams != null && httpParams.get("http.route.default-proxy") != null) {
        final HttpHost proxyHost = (HttpHost) httpParams.get("http.route.default-proxy");
        final Boolean socksProxy = (Boolean) httpParams.get("http.route.socks-proxy");
        final ProxyConfig proxyConfig = new ProxyConfig(proxyHost.getHostName(), proxyHost.getPort(), socksProxy != null ? socksProxy : false);
        options.setProxyConfig(proxyConfig);
    }
    // authorize application on user's behalf
    try {
        // generate anti-forgery token to prevent/detect CSRF attack
        final String csrfToken = String.valueOf(new SecureRandom().nextLong());
        final HtmlPage authPage = webClient.getPage(authorizationUrl(configuration.getClientId(), csrfToken));
        // look for <div role="error_message">
        final HtmlDivision div = authPage.getFirstByXPath("//div[contains(concat(' ', @class, ' '), ' error_message ')]");
        if (div != null) {
            final String errorMessage = div.getTextContent().replaceAll("\\s+", " ").replaceAll(" Show Error Details", ":").trim();
            throw new IllegalArgumentException("Error authorizing application: " + errorMessage);
        }
        // submit login credentials
        final HtmlForm loginForm = authPage.getFormByName("login_form");
        final HtmlTextInput login = loginForm.getInputByName("login");
        login.setText(configuration.getUserName());
        final HtmlPasswordInput password = loginForm.getInputByName("password");
        password.setText(configuration.getUserPassword());
        final HtmlSubmitInput submitInput = loginForm.getInputByName("login_submit");
        // submit consent
        final HtmlPage consentPage = submitInput.click();
        final HtmlForm consentForm = consentPage.getFormByName("consent_form");
        final HtmlButton consentAccept = consentForm.getButtonByName("consent_accept");
        // disable redirect to avoid loading redirect URL
        webClient.getOptions().setRedirectEnabled(false);
        // validate CSRF and get authorization code
        String redirectQuery;
        try {
            final Page redirectPage = consentAccept.click();
            redirectQuery = redirectPage.getUrl().getQuery();
        } catch (FailingHttpStatusCodeException e) {
            // escalate non redirect errors
            if (e.getStatusCode() != HttpStatus.SC_MOVED_TEMPORARILY) {
                throw e;
            }
            final String location = e.getResponse().getResponseHeaderValue("Location");
            redirectQuery = new URL(location).getQuery();
        }
        final Map<String, String> params = new HashMap<String, String>();
        final Matcher matcher = QUERY_PARAM_PATTERN.matcher(redirectQuery);
        while (matcher.find()) {
            params.put(matcher.group(1), matcher.group(2));
        }
        final String state = params.get("state");
        if (!csrfToken.equals(state)) {
            throw new SecurityException("Invalid CSRF code!");
        } else {
            // get authorization code
            final String authorizationCode = params.get("code");
            return new BoxAPIConnection(configuration.getClientId(), configuration.getClientSecret(), authorizationCode);
        }
    } catch (BoxAPIException e) {
        throw new RuntimeCamelException(String.format("Box API connection failed: API returned the error code %d\n\n%s", e.getResponseCode(), e.getResponse()), e);
    } catch (Exception e) {
        throw new RuntimeCamelException(String.format("Box API connection failed: %s", e.getMessage()), e);
    }
}

Also used : WebClientOptions(com.gargoylesoftware.htmlunit.WebClientOptions) HtmlTextInput(com.gargoylesoftware.htmlunit.html.HtmlTextInput) HtmlPage(com.gargoylesoftware.htmlunit.html.HtmlPage) HashMap(java.util.HashMap) Matcher(java.util.regex.Matcher) HtmlPasswordInput(com.gargoylesoftware.htmlunit.html.HtmlPasswordInput) HtmlPage(com.gargoylesoftware.htmlunit.html.HtmlPage) Page(com.gargoylesoftware.htmlunit.Page) HtmlDivision(com.gargoylesoftware.htmlunit.html.HtmlDivision) BoxAPIException(com.box.sdk.BoxAPIException) URL(java.net.URL) WebRequest(com.gargoylesoftware.htmlunit.WebRequest) HtmlForm(com.gargoylesoftware.htmlunit.html.HtmlForm) HtmlSubmitInput(com.gargoylesoftware.htmlunit.html.HtmlSubmitInput) HttpHost(org.apache.http.HttpHost) FailingHttpStatusCodeException(com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException) GeneralSecurityException(java.security.GeneralSecurityException) BoxAPIConnection(com.box.sdk.BoxAPIConnection) SecureRandom(java.security.SecureRandom) GeneralSecurityException(java.security.GeneralSecurityException) SSLContext(javax.net.ssl.SSLContext) IOException(java.io.IOException) ProxyConfig(com.gargoylesoftware.htmlunit.ProxyConfig) WebClient(com.gargoylesoftware.htmlunit.WebClient) BoxAPIException(com.box.sdk.BoxAPIException) GeneralSecurityException(java.security.GeneralSecurityException) FailingHttpStatusCodeException(com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException) RuntimeCamelException(org.apache.camel.RuntimeCamelException) IOException(java.io.IOException) SSLContextParameters(org.apache.camel.util.jsse.SSLContextParameters) HtmlButton(com.gargoylesoftware.htmlunit.html.HtmlButton) RuntimeCamelException(org.apache.camel.RuntimeCamelException) WebConnectionWrapper(com.gargoylesoftware.htmlunit.util.WebConnectionWrapper)

Example 49 with SSLContextParameters

use of org.apache.camel.util.jsse.SSLContextParameters in project camel by apache.

the class WssProducerTest method defineSSLContextClientParameters.

private static SSLContextParameters defineSSLContextClientParameters() {
    KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setResource("jsse/localhost.ks");
    ksp.setPassword(PW);
    TrustManagersParameters tmp = new TrustManagersParameters();
    tmp.setKeyStore(ksp);
    SSLContextParameters sslContextParameters = new SSLContextParameters();
    sslContextParameters.setTrustManagers(tmp);
    return sslContextParameters;
}

Also used : TrustManagersParameters(org.apache.camel.util.jsse.TrustManagersParameters) KeyStoreParameters(org.apache.camel.util.jsse.KeyStoreParameters) SSLContextParameters(org.apache.camel.util.jsse.SSLContextParameters)

Example 50 with SSLContextParameters

use of org.apache.camel.util.jsse.SSLContextParameters in project camel by apache.

the class ApnsUtils method clientContext.

public static SSLContextParameters clientContext() throws Exception {
    final KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setResource(ClassLoader.getSystemResource(FixedCertificates.CLIENT_STORE).toString());
    ksp.setType("PKCS12");
    final KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setKeyStore(ksp);
    kmp.setKeyPassword(FixedCertificates.CLIENT_PASSWORD);
    kmp.setAlgorithm(getAlgorithm());
    final SSLContextParameters contextParameters = new SSLContextParameters();
    contextParameters.setKeyManagers(kmp);
    contextParameters.setTrustManagers(new TrustManagersParameters() {

        @Override
        public TrustManager[] createTrustManagers() throws GeneralSecurityException, IOException {
            return new TrustManager[] { new X509TrustManager() {

                public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                }

                public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                }

                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            } };
        }
    });
    return contextParameters;
}

Also used : KeyManagersParameters(org.apache.camel.util.jsse.KeyManagersParameters) X509TrustManager(javax.net.ssl.X509TrustManager) GeneralSecurityException(java.security.GeneralSecurityException) TrustManagersParameters(org.apache.camel.util.jsse.TrustManagersParameters) KeyStoreParameters(org.apache.camel.util.jsse.KeyStoreParameters) CertificateException(java.security.cert.CertificateException) IOException(java.io.IOException) X509Certificate(java.security.cert.X509Certificate) SSLContextParameters(org.apache.camel.util.jsse.SSLContextParameters)

Aggregations

SSLContextParameters (org.apache.camel.util.jsse.SSLContextParameters)59 KeyStoreParameters (org.apache.camel.util.jsse.KeyStoreParameters)35 KeyManagersParameters (org.apache.camel.util.jsse.KeyManagersParameters)28 TrustManagersParameters (org.apache.camel.util.jsse.TrustManagersParameters)27 JndiRegistry (org.apache.camel.impl.JndiRegistry)19 SslContextFactory (org.eclipse.jetty.util.ssl.SslContextFactory)8 IOException (java.io.IOException)7 GeneralSecurityException (java.security.GeneralSecurityException)7 SSLContextServerParameters (org.apache.camel.util.jsse.SSLContextServerParameters)7 RouteBuilder (org.apache.camel.builder.RouteBuilder)6 SSLContext (javax.net.ssl.SSLContext)5 Test (org.junit.Test)4 URI (java.net.URI)3 SalesforceException (org.apache.camel.component.salesforce.api.SalesforceException)3 SalesforceSession (org.apache.camel.component.salesforce.internal.SalesforceSession)3 HttpClient (org.eclipse.jetty.client.HttpClient)3 JdkSslContext (io.netty.handler.ssl.JdkSslContext)2 URISyntaxException (java.net.URISyntaxException)2 CertificateException (java.security.cert.CertificateException)2 X509Certificate (java.security.cert.X509Certificate)2