Use ResteasyClientBuilder to configure ignoreCertificateErrors
This commit is contained in:
parent
37a9456884
commit
99bde6fe1e
|
@ -17,16 +17,7 @@ import hudson.security.ACL;
|
|||
import jenkins.model.Jenkins;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.http.conn.ClientConnectionManager;
|
||||
import org.apache.http.conn.scheme.PlainSocketFactory;
|
||||
import org.apache.http.conn.scheme.Scheme;
|
||||
import org.apache.http.conn.scheme.SchemeRegistry;
|
||||
import org.apache.http.conn.ssl.SSLSocketFactory;
|
||||
import org.apache.http.conn.ssl.TrustStrategy;
|
||||
import org.apache.http.impl.client.DefaultHttpClient;
|
||||
import org.apache.http.impl.conn.BasicClientConnectionManager;
|
||||
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
|
||||
import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.jenkinsci.plugins.plaincredentials.StringCredentials;
|
||||
|
||||
|
@ -41,9 +32,6 @@ import javax.ws.rs.ext.RuntimeDelegate;
|
|||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.security.GeneralSecurityException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
@ -61,8 +49,12 @@ public class GitLabClientBuilder {
|
|||
private static final String PRIVATE_TOKEN = "PRIVATE-TOKEN";
|
||||
|
||||
public static GitLabApi buildClient(String gitlabHostUrl, final String gitlabApiTokenId, boolean ignoreCertificateErrors) {
|
||||
return new ResteasyClientBuilder()
|
||||
.httpEngine(new ApacheHttpClient4Engine(createHttpClient(ignoreCertificateErrors)))
|
||||
ResteasyClientBuilder builder = new ResteasyClientBuilder();
|
||||
if (ignoreCertificateErrors) {
|
||||
builder.hostnameVerification(ResteasyClientBuilder.HostnameVerificationPolicy.ANY);
|
||||
builder.disableTrustManager();
|
||||
}
|
||||
return builder
|
||||
.register(new JacksonJsonProvider())
|
||||
.register(new JacksonConfig())
|
||||
.register(new ApiHeaderTokenFilter(getApiToken(gitlabApiTokenId))).build().target(gitlabHostUrl)
|
||||
|
@ -88,32 +80,6 @@ public class GitLabClientBuilder {
|
|||
return credentials == null ? null : credentials.getSecret().getPlainText();
|
||||
}
|
||||
|
||||
private static DefaultHttpClient createHttpClient(boolean ignoreCertificateErrors) {
|
||||
ClientConnectionManager connectionManager;
|
||||
if (ignoreCertificateErrors) {
|
||||
connectionManager = new BasicClientConnectionManager(createSchemeRegistry());
|
||||
} else {
|
||||
connectionManager = new BasicClientConnectionManager();
|
||||
}
|
||||
return new DefaultHttpClient(connectionManager, new DefaultHttpClient().getParams());
|
||||
}
|
||||
|
||||
private static SchemeRegistry createSchemeRegistry() {
|
||||
SchemeRegistry registry = new SchemeRegistry();
|
||||
registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory()));
|
||||
try {
|
||||
SSLSocketFactory factory = new SSLSocketFactory(new TrustStrategy() {
|
||||
public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
|
||||
return true;
|
||||
}
|
||||
}, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
|
||||
registry.register(new Scheme("https", 10443, factory));
|
||||
} catch (GeneralSecurityException e) {
|
||||
LOGGER.log(Level.SEVERE, "Failed to set ignoreCertificateErrors", e);
|
||||
}
|
||||
return registry;
|
||||
}
|
||||
|
||||
private static class ApiHeaderTokenFilter implements ClientRequestFilter {
|
||||
private final String gitlabApiToken;
|
||||
|
||||
|
|
Loading…
Reference in New Issue