@NotNull static HttpClientBuilder getBuilder() { final HttpClientBuilder builder = HttpClients.custom().setSSLContext(CertificateManager.getInstance().getSslContext()). setMaxConnPerRoute(100000).setConnectionReuseStrategy(DefaultConnectionReuseStrategy.INSTANCE); final HttpConfigurable proxyConfigurable = HttpConfigurable.getInstance(); final List<Proxy> proxies = proxyConfigurable.getOnlyBySettingsSelector().select(URI.create(EduStepicNames.STEPIC_URL)); final InetSocketAddress address = proxies.size() > 0 ? (InetSocketAddress)proxies.get(0).address() : null; if (address != null) { builder.setProxy(new HttpHost(address.getHostName(), address.getPort())); } final ConfirmingTrustManager trustManager = CertificateManager.getInstance().getTrustManager(); try { SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[]{trustManager}, new SecureRandom()); builder.setSSLContext(sslContext); } catch (NoSuchAlgorithmException | KeyManagementException e) { LOG.error(e.getMessage()); } return builder; }
@Override public void actionPerformed(final AnActionEvent e) { try { CertificateManager manager = CertificateManager.getInstance(); List<X509Certificate> certificates = manager.getCustomTrustManager().getCertificates(); if (certificates.isEmpty()) { Messages.showInfoMessage(String.format("Key store '%s' is empty", manager.getCacertsPath()), "No Certificates Available"); } else { CertificateWarningDialog dialog = CertificateWarningDialog.createUntrustedCertificateWarning(certificates.get(0)); LOG.debug("Accepted: " + dialog.showAndGet()); } } catch (Exception logged) { LOG.error(logged); } }
public <T> T asJson(Class<T> clazz) throws IOException, URISyntaxException { try (CloseableHttpClient client = HttpClientBuilder.create() .setDefaultRequestConfig(requestConfig) .setSslcontext(CertificateManager.getInstance().getSslContext()) .build()) { HttpRequestBase request = getHttpRequest(); CloseableHttpResponse response = client.execute(request); String content = CharStreams.toString(new InputStreamReader(response.getEntity().getContent())); try { if (StringUtils.isEmpty(content)) throw new Exception("Empty response recieved"); return new Gson().fromJson(content, clazz); } catch (Exception e) { throw new UnexpectedResponseException("Status: " + response.getStatusLine() + ", Response : " + content, e); } } }
public String contents(String href) { try { HttpRequestBase request = HttpRequestBuilder.get(href) .header(AUTHORIZATION, getAuthorizationHeader()) .request(); try (CloseableHttpClient client = HttpClientBuilder.create().setSslcontext(CertificateManager.getInstance().getSslContext()).build()) { CloseableHttpResponse response = client.execute(request); if (response.getStatusLine().getStatusCode() == HttpStatus.SC_NOT_FOUND) { return null; } else { return CharStreams.toString(new InputStreamReader(response.getEntity().getContent())); } } } catch (Exception e) { throw new RuntimeException(e); } }
@NotNull protected HttpClient getHttpClient() { HttpClientBuilder builder = HttpClients.custom() .setDefaultRequestConfig(createRequestConfig()) .setSslcontext(CertificateManager.getInstance().getSslContext()) // TODO: use custom one for additional certificate check //.setHostnameVerifier(SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER) .setHostnameVerifier((X509HostnameVerifier)CertificateManager.HOSTNAME_VERIFIER) .setDefaultCredentialsProvider(createCredentialsProvider()) .addInterceptorFirst(PREEMPTIVE_BASIC_AUTH) .addInterceptorLast(createRequestInterceptor()); return builder.build(); }
@NotNull private static CloseableHttpClient createClient(@NotNull GithubAuthData auth) { HttpClientBuilder builder = HttpClients.custom(); return builder .setDefaultRequestConfig(createRequestConfig(auth)) .setDefaultConnectionConfig(createConnectionConfig(auth)) .setDefaultCredentialsProvider(createCredentialsProvider(auth)) .setDefaultHeaders(createHeaders(auth)) .addInterceptorFirst(PREEMPTIVE_BASIC_AUTH) .setSslcontext(CertificateManager.getInstance().getSslContext()) .setHostnameVerifier((X509HostnameVerifier)CertificateManager.HOSTNAME_VERIFIER) .build(); }
private static boolean isAcceptedByIdea(@NotNull X509Certificate[] chain, String authType) { boolean result; try { CertificateManager.getInstance().getTrustManager().checkServerTrusted(chain, authType, false, false); result = true; } catch (CertificateException e) { LOG.debug(e); result = false; } return result; }
@NotNull private SSLContext createSslContext(@NotNull SVNURL url) { SSLContext result = CertificateManager.getSystemSslContext(); TrustManager trustManager = new CertificateTrustManager(this, url); try { result.init(CertificateManager.getDefaultKeyManagers(), new TrustManager[]{trustManager}, null); } catch (KeyManagementException e) { LOG.error(e); } return result; }
public String asString() throws IOException, URISyntaxException { try (CloseableHttpClient client = HttpClientBuilder.create() .setSslcontext(CertificateManager.getInstance().getSslContext()) .setDefaultRequestConfig(requestConfig) .build()) { HttpRequestBase request = getHttpRequest(); CloseableHttpResponse response = client.execute(request); return CharStreams.toString(new InputStreamReader(response.getEntity().getContent())); } }
@NotNull protected HttpClient getHttpClient() { HttpClientBuilder builder = HttpClients.custom().setDefaultRequestConfig(createRequestConfig()).setSslcontext(CertificateManager.getInstance().getSslContext()) // TODO: use custom one for additional certificate check //.setHostnameVerifier(SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER) .setHostnameVerifier((X509HostnameVerifier) CertificateManager.HOSTNAME_VERIFIER).setDefaultCredentialsProvider(createCredentialsProvider()).addInterceptorFirst (PREEMPTIVE_BASIC_AUTH).addInterceptorLast(createRequestInterceptor()); return builder.build(); }
@Override public X509Certificate[] getAcceptedIssuers() { return CertificateManager.getInstance().getTrustManager().getAcceptedIssuers(); }
private static URLConnection openConnection(RequestBuilderImpl builder) throws IOException { String url = builder.myUrl; for (int i = 0; i < builder.myRedirectLimit; i++) { if (builder.myForceHttps && StringUtil.startsWith(url, "http:")) { url = "https:" + url.substring(5); } if (url.startsWith("https:") && ApplicationManager.getApplication() != null) { CertificateManager.getInstance(); } URLConnection connection; if (!builder.myUseProxy) { connection = new URL(url).openConnection(Proxy.NO_PROXY); } else if (ApplicationManager.getApplication() == null) { connection = new URL(url).openConnection(); } else { connection = HttpConfigurable.getInstance().openConnection(url); } connection.setConnectTimeout(builder.myConnectTimeout); connection.setReadTimeout(builder.myTimeout); if (builder.myUserAgent != null) { connection.setRequestProperty("User-Agent", builder.myUserAgent); } if (builder.myHostnameVerifier != null && connection instanceof HttpsURLConnection) { ((HttpsURLConnection)connection).setHostnameVerifier(builder.myHostnameVerifier); } if (builder.myGzip) { connection.setRequestProperty("Accept-Encoding", "gzip"); } if (builder.myAccept != null) { connection.setRequestProperty("Accept", builder.myAccept); } connection.setUseCaches(false); if (builder.myTuner != null) { builder.myTuner.tune(connection); } if (connection instanceof HttpURLConnection) { int responseCode = ((HttpURLConnection)connection).getResponseCode(); if (responseCode < 200 || responseCode >= 300 && responseCode != HttpURLConnection.HTTP_NOT_MODIFIED) { ((HttpURLConnection)connection).disconnect(); if (responseCode == HttpURLConnection.HTTP_MOVED_PERM || responseCode == HttpURLConnection.HTTP_MOVED_TEMP) { url = connection.getHeaderField("Location"); if (url != null) { continue; } } String message = IdeBundle.message("error.connection.failed.with.http.code.N", responseCode); throw new HttpStatusException(message, responseCode, StringUtil.notNullize(url, "Empty URL")); } } return connection; } throw new IOException(IdeBundle.message("error.connection.failed.redirects")); }
