def getAccessToken(self, softwareStatementId) :
try:
sslContext = self.getSslContext()
httpClient = HttpClients.custom().setSSLContext(sslContext).build()
headers = { "Content-type" : "application/x-www-form-urlencoded" }
httpService = CdiUtil.bean(HttpService)
jwt = self.getEncodedJWTForToken(softwareStatementId, self.clientScopes, self.tokenUrl , self.keyId, self.signingKey )
http_service_response = httpService.executePost(httpClient, self.tokenUrl, None, headers , self.buildPostDataFortoken(jwt,softwareStatementId))
http_response = http_service_response.getHttpResponse()
except:
print "Client Registration. getAccessToken", sys.exc_info()[1]
return None
try:
if not httpService.isResponseStastusCodeOk(http_response):
print "Cert. Client Registration. getAccessToken. Get invalid response from server: ", str(http_response.getStatusLine().getStatusCode())
httpService.consume(http_response)
return None
response_bytes = httpService.getResponseContent(http_response)
response_string = httpService.convertEntityToString(response_bytes)
httpService.consume(http_response)
finally:
http_service_response.closeConnection()
if response_string == None:
print "Client Registration. getAccessToken. Got empty response from validation server"
return None
response = json.loads(response_string)
print "response access token: "+ response["access_token"]
return response["access_token"]
def create_http_client(self):
builder = SSLContextBuilder()
builder.loadTrustMaterial(None, TrustAllStrategy())
tls_versions = ["TLSv1", "TLSv1.1", "TLSv1.2"]
socketfactory = SSLConnectionSocketFactory(builder.build(), tls_versions, None, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
# print 'DEBUG: Created custom HttpClient to trust all certs\n'
return HttpClients.custom().setSSLSocketFactory(socketfactory).build()
class ContextRouterClient:
httpClient = None
def __init__(self, host, port):
self.uri_create = 'http://%s:%s/context/create' % (host, port)
self.uri_createBatch = 'http://%s:%s/context/createBatch' % (host,
port)
self.uri_delete = 'http://%s:%s/context/delete' % (host, port)
self.uri_ping = 'http://%s:%s/context/ping' % (host, port)
cm = PoolingHttpClientConnectionManager()
# Increase max total connection to 200
cm.setMaxTotal(200)
# Increase default max connection per route to 20
try:
routerhost = HttpHost(host, port)
except Exception, ex:
logger.error(
'ContextRouterClient error - [host=%s][port=%d], exception=%s'
% (host, port, ex))
raise Exception(
'ContextRouterClient error - [host=%s][port=%d], exception=%s'
% (host, port, ex))
cm.setMaxPerRoute(HttpRoute(routerhost), 100)
self.__class__.httpClient = HttpClients.custom().setConnectionManager(
cm).build()
def execute_request(self, request):
client = None
response = None
try:
sslContext = SSLContextBuilder.create().loadTrustMaterial(
TrustSelfSignedStrategy()).build()
allowAllHosts = NoopHostnameVerifier()
connectionFactory = SSLConnectionSocketFactory(
sslContext, allowAllHosts)
client = HttpClients.custom().setSSLSocketFactory(
connectionFactory).build()
response = client.execute(request)
status = response.getStatusLine().getStatusCode()
entity = response.getEntity()
result = EntityUtils.toString(entity, "UTF-8") if entity else None
headers = response.getAllHeaders()
EntityUtils.consume(entity)
return HttpResponse(status, result, headers)
finally:
if response:
response.close()
if client:
client.close()
def verifyRoles(self, accessToken, softwareStatementId) :
header = { "Authorization": "Bearer " + accessToken }
try:
sslContext = self.getSslContext()
httpClient = HttpClients.custom().setSSLContext(sslContext).build()
httpService = CdiUtil.bean(HttpService)
http_service_response = httpService.executeGet(httpClient, self.tppUrl+"?filter="+ URLEncoder.encode(self.buildFilter(softwareStatementId)) + "&attributes=totalResults", header )
http_response = http_service_response.getHttpResponse()
except:
print "Client Registration. verification. Exception: ", sys.exc_info()[1]
return False
try:
if not httpService.isResponseStastusCodeOk(http_response):
print "Client Registration. verification. Got invalid response from validation server: ", str(http_response.getStatusLine().getStatusCode())
httpService.consume(http_response)
return False
response_bytes = httpService.getResponseContent(http_response)
response_string = httpService.convertEntityToString(response_bytes)
httpService.consume(http_response)
finally:
http_service_response.closeConnection()
if response_string == None:
print "Client Registration. verification. Got empty response from location server"
return False
response = json.loads(response_string)
if int(response['totalResults']) <= 0 :
print "Client Registration. verification. No matches found: '%s'" % response['totalResults']
return False
return True
def get_ntlm_client(self):
request_config = RequestConfig.custom().setTargetPreferredAuthSchemes(
Arrays.asList(AuthSchemes.NTLM)).build()
httpclient = HttpClients.custom().setDefaultRequestConfig(
request_config).build()
return httpclient