| commit | author | age | ||
| 565ee0 | 1 | /* |
| JM | 2 | * Copyright 2011 gitblit.com. |
| 3 | * | |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); | |
| 5 | * you may not use this file except in compliance with the License. | |
| 6 | * You may obtain a copy of the License at | |
| 7 | * | |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 | |
| 9 | * | |
| 10 | * Unless required by applicable law or agreed to in writing, software | |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, | |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| 13 | * See the License for the specific language governing permissions and | |
| 14 | * limitations under the License. | |
| 15 | */ | |
| 16 | package com.gitblit.utils; | |
| 17 | ||
| 18 | import java.io.IOException; | |
| 19 | import java.net.URL; | |
| 20 | import java.net.URLConnection; | |
| 21 | import java.security.SecureRandom; | |
| 22 | import java.security.cert.CertificateException; | |
| 23 | import java.security.cert.X509Certificate; | |
| 24 | ||
| 25 | import javax.net.ssl.HostnameVerifier; | |
| 26 | import javax.net.ssl.HttpsURLConnection; | |
| 27 | import javax.net.ssl.SSLContext; | |
| 28 | import javax.net.ssl.SSLSession; | |
| 29 | import javax.net.ssl.TrustManager; | |
| 30 | import javax.net.ssl.X509TrustManager; | |
| 31 | ||
| 32 | ||
| 33 | /** | |
| 34 | * Utility class for establishing HTTP/HTTPS connections. | |
| 35 | * | |
| 36 | * @author James Moger | |
| 37 | * | |
| 38 | */ | |
| 39 | public class ConnectionUtils { | |
| 40 | ||
| 41 | static final String CHARSET; | |
| 42 | ||
| 43 | private static final SSLContext SSL_CONTEXT; | |
| 44 | ||
| 45 | private static final DummyHostnameVerifier HOSTNAME_VERIFIER; | |
| 46 | ||
| 47 | static { | |
| 48 | SSLContext context = null; | |
| 49 | try { | |
| 50 | context = SSLContext.getInstance("SSL"); | |
| 51 | context.init(null, new TrustManager[] { new DummyTrustManager() }, new SecureRandom()); | |
| 52 | } catch (Throwable t) { | |
| 53 | t.printStackTrace(); | |
| 54 | } | |
| 55 | SSL_CONTEXT = context; | |
| 56 | HOSTNAME_VERIFIER = new DummyHostnameVerifier(); | |
| 57 | CHARSET = "UTF-8"; | |
| 58 | } | |
| 59 | ||
| 60 | public static void setAuthorization(URLConnection conn, String username, char[] password) { | |
| 61 | if (!StringUtils.isEmpty(username) && (password != null && password.length > 0)) { | |
| 62 | conn.setRequestProperty( | |
| 63 | "Authorization", | |
| 64 | "Basic " | |
| 65 | + Base64.encodeBytes((username + ":" + new String(password)).getBytes())); | |
| 66 | } | |
| 67 | } | |
| 68 | ||
| 69 | public static URLConnection openReadConnection(String url, String username, char[] password) | |
| 70 | throws IOException { | |
| 71 | URLConnection conn = openConnection(url, username, password); | |
| 72 | conn.setRequestProperty("Accept-Charset", ConnectionUtils.CHARSET); | |
| 73 | return conn; | |
| 74 | } | |
| 75 | ||
| 76 | public static URLConnection openConnection(String url, String username, char[] password) | |
| 77 | throws IOException { | |
| 78 | URL urlObject = new URL(url); | |
| 79 | URLConnection conn = urlObject.openConnection(); | |
| 80 | setAuthorization(conn, username, password); | |
| 81 | conn.setUseCaches(false); | |
| 82 | conn.setDoOutput(true); | |
| 83 | if (conn instanceof HttpsURLConnection) { | |
| 84 | HttpsURLConnection secureConn = (HttpsURLConnection) conn; | |
| 85 | secureConn.setSSLSocketFactory(SSL_CONTEXT.getSocketFactory()); | |
| 86 | secureConn.setHostnameVerifier(HOSTNAME_VERIFIER); | |
| 87 | } | |
| 88 | return conn; | |
| 89 | } | |
| 90 | ||
| 91 | /** | |
| 92 | * DummyTrustManager trusts all certificates. | |
| 93 | * | |
| 94 | * @author James Moger | |
| 95 | */ | |
| 96 | private static class DummyTrustManager implements X509TrustManager { | |
| 97 | ||
| 98 | @Override | |
| 99 | public void checkClientTrusted(X509Certificate[] certs, String authType) | |
| 100 | throws CertificateException { | |
| 101 | } | |
| 102 | ||
| 103 | @Override | |
| 104 | public void checkServerTrusted(X509Certificate[] certs, String authType) | |
| 105 | throws CertificateException { | |
| 106 | } | |
| 107 | ||
| 108 | @Override | |
| 109 | public X509Certificate[] getAcceptedIssuers() { | |
| 110 | return null; | |
| 111 | } | |
| 112 | } | |
| 113 | ||
| 114 | /** | |
| 115 | * Trusts all hostnames from a certificate, including self-signed certs. | |
| 116 | * | |
| 117 | * @author James Moger | |
| 118 | */ | |
| 119 | private static class DummyHostnameVerifier implements HostnameVerifier { | |
| 120 | @Override | |
| 121 | public boolean verify(String hostname, SSLSession session) { | |
| 122 | return true; | |
| 123 | } | |
| 124 | } | |
| 125 | } | |
