skip SSL on ES request at indexer-core, NEED TO REMOVE before merge to master

5f7eacb9 · Alan Braz · 8a24f165 · 5f7eacb9
Commit 5f7eacb9 authored 5 years ago by Alan Braz
--- a/indexer-core/src/main/java/org/opengroup/osdu/indexer/util/ElasticClientHandler.java
+++ b/indexer-core/src/main/java/org/opengroup/osdu/indexer/util/ElasticClientHandler.java
@@ -14,21 +14,30 @@

 package org.opengroup.osdu.indexer.util;

+import java.security.SecureRandom;
+import java.security.cert.X509Certificate;
+import java.util.Base64;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
 import org.apache.http.Header;
 import org.apache.http.HttpHost;
 import org.apache.http.HttpStatus;
+import org.apache.http.conn.ssl.SSLSocketFactory;
+import org.apache.http.impl.nio.client.HttpAsyncClientBuilder;
 import org.apache.http.message.BasicHeader;
 import org.elasticsearch.client.RestClient;
 import org.elasticsearch.client.RestClientBuilder;
+import org.elasticsearch.client.RestClientBuilder.HttpClientConfigCallback;
 import org.elasticsearch.client.RestHighLevelClient;
 import org.opengroup.osdu.core.common.model.http.AppException;
-import org.opengroup.osdu.core.common.model.search.ClusterSettings;
 import org.opengroup.osdu.core.common.model.indexer.IElasticSettingService;
+import org.opengroup.osdu.core.common.model.search.ClusterSettings;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;

-import java.util.Base64;
-
 @Component
 public class ElasticClientHandler {

@@ -85,8 +94,35 @@ public class ElasticClientHandler {
                    new BasicHeader("xpack.security.transport.ssl.enabled", tls),
                    new BasicHeader("Authorization", basicAuthenticationHeaderVal),
            };
+            
+            SSLContext sslContext = SSLContext.getInstance("SSL");
+            // set up a TrustManager that trusts everything
+            sslContext.init(null, new TrustManager[] { new X509TrustManager() {
+	            public X509Certificate[] getAcceptedIssuers() {
+	           		System.out.println("getAcceptedIssuers =============");
+	           		return null;
+	            }
+
+	            public void checkClientTrusted(X509Certificate[] certs, String authType) {
+	           		System.out.println("checkClientTrusted =============");
+	            }
+
+	            public void checkServerTrusted(X509Certificate[] certs, String authType) {
+	           		System.out.println("checkServerTrusted =============");
+	            }
+            } }, new SecureRandom());

-            builder.setDefaultHeaders(defaultHeaders);
+            builder.setHttpClientConfigCallback(new HttpClientConfigCallback() {
+                @Override
+                public HttpAsyncClientBuilder customizeHttpClient(
+                        HttpAsyncClientBuilder httpClientBuilder) {
+                    return httpClientBuilder
+                    		.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
+                    		.setSSLContext(sslContext);
+                }
+            }).setDefaultHeaders(defaultHeaders);
+            
+            //builder.setDefaultHeaders(defaultHeaders);
            return new RestHighLevelClient(builder);
        } catch (AppException e) {
            throw e;
@@ -99,4 +135,4 @@ public class ElasticClientHandler {
                    e);
        }
    }
-}
\ No newline at end of file
+}