From e6b87e652dfadf5b70b11abecb4f1045724edb71 Mon Sep 17 00:00:00 2001
From: Stanislav Riabokon <stanislav_riabokon@epam.com>
Date: Fri, 25 Sep 2020 13:16:47 +0000
Subject: [PATCH] Update ElasticClientHandler.java
---
.../indexer/util/ElasticClientHandler.java | 304 +++++++++---------
1 file changed, 152 insertions(+), 152 deletions(-)
diff --git a/indexer-core/src/main/java/org/opengroup/osdu/indexer/util/ElasticClientHandler.java b/indexer-core/src/main/java/org/opengroup/osdu/indexer/util/ElasticClientHandler.java
index 1d46ee471..17bcd85fb 100644
--- a/indexer-core/src/main/java/org/opengroup/osdu/indexer/util/ElasticClientHandler.java
+++ b/indexer-core/src/main/java/org/opengroup/osdu/indexer/util/ElasticClientHandler.java
@@ -1,153 +1,153 @@
-package org.opengroup.osdu.indexer.util;
-
-import java.security.KeyManagementException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.util.Base64;
-import java.util.Objects;
-import javax.net.ssl.SSLContext;
-import lombok.extern.java.Log;
-import org.apache.http.Header;
-import org.apache.http.HttpHost;
-import org.apache.http.HttpStatus;
-import org.apache.http.conn.ssl.NoopHostnameVerifier;
-import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
-import org.apache.http.impl.nio.client.HttpAsyncClientBuilder;
-import org.apache.http.message.BasicHeader;
-import org.apache.http.ssl.SSLContextBuilder;
-import org.elasticsearch.client.RestClient;
-import org.elasticsearch.client.RestClientBuilder;
-import org.elasticsearch.client.RestHighLevelClient;
-import org.opengroup.osdu.core.common.model.http.AppException;
-import org.opengroup.osdu.core.common.model.indexer.IElasticSettingService;
-import org.opengroup.osdu.core.common.model.search.ClusterSettings;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.stereotype.Component;
-
-@Component
-@Log
-public class ElasticClientHandler {
-
- // Elastic cluster Rest client settings
- private static final int CLOUD_REST_CLIENT_PORT = 9243;
- private static final int REST_CLIENT_CONNECT_TIMEOUT = 60000;
- private static final int REST_CLIENT_SOCKET_TIMEOUT = 60000;
- private static final int REST_CLIENT_RETRY_TIMEOUT = 60000;
-
- @Value("#{new Boolean('${security.https.certificate.trust:false}')}")
- private Boolean isSecurityHttpsCertificateTrust;
-
- @Autowired
- private IElasticSettingService elasticSettingService;
-
- public RestHighLevelClient createRestClient() {
- return getCloudRestClient(elasticSettingService.getElasticClusterInformation());
- }
-
- // TODO: Remove this temporary implementation when ECE CCS is utilized
- public RestHighLevelClient createRestClient(final ClusterSettings clusterSettings) {
- return getCloudRestClient(clusterSettings);
- }
-
- private RestHighLevelClient getCloudRestClient(final ClusterSettings clusterSettings) {
-
- String cluster = null;
- String host = null;
- int port = CLOUD_REST_CLIENT_PORT;
- String protocolScheme = "https";
- String tls = "true";
-
- try {
- cluster = clusterSettings.getHost();
- host = clusterSettings.getHost();
- port = clusterSettings.getPort();
- if (!clusterSettings.isHttps()) {
- protocolScheme = "http";
- }
-
- if (!clusterSettings.isTls()) {
- tls = "false";
- }
- String basicEncoded = Base64
- .getEncoder().encodeToString(clusterSettings.getUserNameAndPassword().getBytes());
- String basicAuthenticationHeaderVal = String.format("Basic %s", basicEncoded);
-
- RestClientBuilder builder = createClientBuilder(host, basicAuthenticationHeaderVal, port,
- protocolScheme, tls);
-
- return new RestHighLevelClient(builder);
- } catch (AppException e) {
- throw e;
- } catch (Exception e) {
- throw new AppException(
- HttpStatus.SC_INTERNAL_SERVER_ERROR,
- "search client error",
- "error creating search client",
- String
- .format("Elastic client connection params, cluster: %s, host: %s, port: %s", cluster,
- host, port),
- e);
- }
- }
-
- public RestClientBuilder createClientBuilder(String host, String basicAuthenticationHeaderVal,
- int port, String protocolScheme, String tls) {
- RestClientBuilder builder = RestClient.builder(new HttpHost(host, port, protocolScheme));
- builder.setRequestConfigCallback(
- requestConfigBuilder -> requestConfigBuilder.setConnectTimeout(REST_CLIENT_CONNECT_TIMEOUT)
- .setSocketTimeout(REST_CLIENT_SOCKET_TIMEOUT));
- builder.setMaxRetryTimeoutMillis(REST_CLIENT_RETRY_TIMEOUT);
-
- Header[] defaultHeaders = new Header[]{
- new BasicHeader("client.transport.nodes_sampler_interval", "30s"),
- new BasicHeader("client.transport.ping_timeout", "30s"),
- new BasicHeader("client.transport.sniff", "false"),
- new BasicHeader("request.headers.X-Found-Cluster", host),
- new BasicHeader("cluster.name", host),
- new BasicHeader("xpack.security.transport.ssl.enabled", tls),
- new BasicHeader("Authorization", basicAuthenticationHeaderVal),
- };
- log.info(String.format(
- "Elastic client connection uses protocolScheme = %s with a flag "
- + "'security.https.certificate.trust' = %s",
- protocolScheme, isSecurityHttpsCertificateTrust));
- if ("https".equals(protocolScheme) && isSecurityHttpsCertificateTrust) {
- log.warning("Elastic client connection uses TrustSelfSignedStrategy()");
- SSLContext sslContext = createSSLContext();
- builder.setHttpClientConfigCallback(httpClientBuilder ->
- {
- HttpAsyncClientBuilder httpAsyncClientBuilder = httpClientBuilder.setSSLContext(sslContext)
- .setSSLHostnameVerifier(
- NoopHostnameVerifier.INSTANCE);
- return httpAsyncClientBuilder;
- });
- }
-
- builder.setDefaultHeaders(defaultHeaders);
- return builder;
- }
-
- private SSLContext createSSLContext() {
- SSLContextBuilder sslContextBuilder = new SSLContextBuilder();
- try {
- sslContextBuilder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
- return sslContextBuilder.build();
- } catch (NoSuchAlgorithmException e) {
- log.severe(e.getMessage());
- } catch (KeyStoreException e) {
- log.severe(e.getMessage());
- } catch (KeyManagementException e) {
- log.severe(e.getMessage());
- }
- return null;
- }
-
- public Boolean isSecurityHttpsCertificateTrust() {
- return isSecurityHttpsCertificateTrust;
- }
-
- public void setSecurityHttpsCertificateTrust(Boolean isSecurityHttpsCertificateTrust) {
- this.isSecurityHttpsCertificateTrust = isSecurityHttpsCertificateTrust;
- }
+package org.opengroup.osdu.indexer.util;
+
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Base64;
+import java.util.Objects;
+import javax.net.ssl.SSLContext;
+import lombok.extern.java.Log;
+import org.apache.http.Header;
+import org.apache.http.HttpHost;
+import org.apache.http.HttpStatus;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
+import org.apache.http.impl.nio.client.HttpAsyncClientBuilder;
+import org.apache.http.message.BasicHeader;
+import org.apache.http.ssl.SSLContextBuilder;
+import org.elasticsearch.client.RestClient;
+import org.elasticsearch.client.RestClientBuilder;
+import org.elasticsearch.client.RestHighLevelClient;
+import org.opengroup.osdu.core.common.model.http.AppException;
+import org.opengroup.osdu.core.common.model.indexer.IElasticSettingService;
+import org.opengroup.osdu.core.common.model.search.ClusterSettings;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+@Component
+@Log
+public class ElasticClientHandler {
+
+ // Elastic cluster Rest client settings
+ private static final int CLOUD_REST_CLIENT_PORT = 9243;
+ private static final int REST_CLIENT_CONNECT_TIMEOUT = 60000;
+ private static final int REST_CLIENT_SOCKET_TIMEOUT = 60000;
+ private static final int REST_CLIENT_RETRY_TIMEOUT = 60000;
+
+ @Value("#{new Boolean('${security.https.certificate.trust}')}")
+ private Boolean isSecurityHttpsCertificateTrust;
+
+ @Autowired
+ private IElasticSettingService elasticSettingService;
+
+ public RestHighLevelClient createRestClient() {
+ return getCloudRestClient(elasticSettingService.getElasticClusterInformation());
+ }
+
+ // TODO: Remove this temporary implementation when ECE CCS is utilized
+ public RestHighLevelClient createRestClient(final ClusterSettings clusterSettings) {
+ return getCloudRestClient(clusterSettings);
+ }
+
+ private RestHighLevelClient getCloudRestClient(final ClusterSettings clusterSettings) {
+
+ String cluster = null;
+ String host = null;
+ int port = CLOUD_REST_CLIENT_PORT;
+ String protocolScheme = "https";
+ String tls = "true";
+
+ try {
+ cluster = clusterSettings.getHost();
+ host = clusterSettings.getHost();
+ port = clusterSettings.getPort();
+ if (!clusterSettings.isHttps()) {
+ protocolScheme = "http";
+ }
+
+ if (!clusterSettings.isTls()) {
+ tls = "false";
+ }
+ String basicEncoded = Base64
+ .getEncoder().encodeToString(clusterSettings.getUserNameAndPassword().getBytes());
+ String basicAuthenticationHeaderVal = String.format("Basic %s", basicEncoded);
+
+ RestClientBuilder builder = createClientBuilder(host, basicAuthenticationHeaderVal, port,
+ protocolScheme, tls);
+
+ return new RestHighLevelClient(builder);
+ } catch (AppException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new AppException(
+ HttpStatus.SC_INTERNAL_SERVER_ERROR,
+ "search client error",
+ "error creating search client",
+ String
+ .format("Elastic client connection params, cluster: %s, host: %s, port: %s", cluster,
+ host, port),
+ e);
+ }
+ }
+
+ public RestClientBuilder createClientBuilder(String host, String basicAuthenticationHeaderVal,
+ int port, String protocolScheme, String tls) {
+ RestClientBuilder builder = RestClient.builder(new HttpHost(host, port, protocolScheme));
+ builder.setRequestConfigCallback(
+ requestConfigBuilder -> requestConfigBuilder.setConnectTimeout(REST_CLIENT_CONNECT_TIMEOUT)
+ .setSocketTimeout(REST_CLIENT_SOCKET_TIMEOUT));
+ builder.setMaxRetryTimeoutMillis(REST_CLIENT_RETRY_TIMEOUT);
+
+ Header[] defaultHeaders = new Header[]{
+ new BasicHeader("client.transport.nodes_sampler_interval", "30s"),
+ new BasicHeader("client.transport.ping_timeout", "30s"),
+ new BasicHeader("client.transport.sniff", "false"),
+ new BasicHeader("request.headers.X-Found-Cluster", host),
+ new BasicHeader("cluster.name", host),
+ new BasicHeader("xpack.security.transport.ssl.enabled", tls),
+ new BasicHeader("Authorization", basicAuthenticationHeaderVal),
+ };
+ log.info(String.format(
+ "Elastic client connection uses protocolScheme = %s with a flag "
+ + "'security.https.certificate.trust' = %s",
+ protocolScheme, isSecurityHttpsCertificateTrust));
+ if ("https".equals(protocolScheme) && isSecurityHttpsCertificateTrust) {
+ log.warning("Elastic client connection uses TrustSelfSignedStrategy()");
+ SSLContext sslContext = createSSLContext();
+ builder.setHttpClientConfigCallback(httpClientBuilder ->
+ {
+ HttpAsyncClientBuilder httpAsyncClientBuilder = httpClientBuilder.setSSLContext(sslContext)
+ .setSSLHostnameVerifier(
+ NoopHostnameVerifier.INSTANCE);
+ return httpAsyncClientBuilder;
+ });
+ }
+
+ builder.setDefaultHeaders(defaultHeaders);
+ return builder;
+ }
+
+ private SSLContext createSSLContext() {
+ SSLContextBuilder sslContextBuilder = new SSLContextBuilder();
+ try {
+ sslContextBuilder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
+ return sslContextBuilder.build();
+ } catch (NoSuchAlgorithmException e) {
+ log.severe(e.getMessage());
+ } catch (KeyStoreException e) {
+ log.severe(e.getMessage());
+ } catch (KeyManagementException e) {
+ log.severe(e.getMessage());
+ }
+ return null;
+ }
+
+ public Boolean isSecurityHttpsCertificateTrust() {
+ return isSecurityHttpsCertificateTrust;
+ }
+
+ public void setSecurityHttpsCertificateTrust(Boolean isSecurityHttpsCertificateTrust) {
+ this.isSecurityHttpsCertificateTrust = isSecurityHttpsCertificateTrust;
+ }
}
\ No newline at end of file
--
GitLab