fixed ignore TLS verification for demo setup

2024-06-03 13:49:39 +02:00 · 2024-06-03 13:49:39 +02:00 · a90f358bd5
commit a90f358bd5
parent 908665ddcc
2 changed files with 23 additions and 4 deletions
--- a/src/main/java/ch/ethz/seb/sebserver/ClientHttpRequestFactoryService.java
+++ b/src/main/java/ch/ethz/seb/sebserver/ClientHttpRequestFactoryService.java
@ -122,9 +122,14 @@ public class ClientHttpRequestFactoryService {
                log.debug("Initialize ClientHttpRequestFactory with proxy: {}", proxy);
            }

+            final SSLContext sslContext = org.apache.http.ssl.SSLContexts
+                    .custom()
+                    .loadTrustMaterial(null, new TrustAllStrategy())
+                    .build();
+
            final HttpComponentsClientHttpRequestFactory factory =
                    new HttpComponentsClientHttpRequestFactory();
-            factory.setHttpClient(this.createProxiedClient(proxy, null));
+            factory.setHttpClient(this.createProxiedClient(proxy, sslContext));
            factory.setBufferRequestBody(false);
            factory.setConnectionRequestTimeout(this.connectionRequestTimeout);
            factory.setConnectTimeout(this.connectTimeout);
@ -133,8 +138,14 @@ public class ClientHttpRequestFactoryService {

        } else {

-            final HttpComponentsClientHttpRequestFactory devClientHttpRequestFactory =
-                    new HttpComponentsClientHttpRequestFactory();
+            final SSLContext sslContext = org.apache.http.ssl.SSLContexts
+                    .custom()
+                    .loadTrustMaterial(null, new TrustAllStrategy())
+                    .build();
+            final HttpClient client = HttpClients.custom()
+                    .setSSLContext(sslContext)
+                    .build();
+            final HttpComponentsClientHttpRequestFactory devClientHttpRequestFactory = new HttpComponentsClientHttpRequestFactory(client);

            devClientHttpRequestFactory.setBufferRequestBody(false);
            devClientHttpRequestFactory.setConnectionRequestTimeout(this.connectionRequestTimeout);
@ -163,7 +174,7 @@ public class ClientHttpRequestFactoryService {
        final String truststoreFilePath = this.environment
                .getProperty("server.ssl.trust-store", "");

-        SSLContext sslContext;
+        final SSLContext sslContext;
        if (StringUtils.isBlank(truststoreFilePath)) {

            if (log.isDebugEnabled()) {
@ -263,6 +274,8 @@ public class ClientHttpRequestFactoryService {

        if (sslContext != null) {
            clientBuilder.setSSLContext(sslContext);
+        } else {
+
        }

        return clientBuilder.build();
--- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/moodle/MoodleRestTemplateFactoryImpl.java
+++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/moodle/MoodleRestTemplateFactoryImpl.java
@ -8,6 +8,8 @@

 package ch.ethz.seb.sebserver.webservice.servicelayer.lms.impl.moodle;

+import javax.net.ssl.SSLContext;
+import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
@ -21,6 +23,10 @@ import java.util.function.Function;
 import java.util.stream.Collectors;

 import org.apache.commons.lang3.StringUtils;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.ssl.TrustStrategy;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpEntity;