Kotlin (Java) CCP REST Call Example - Thanks @JimmyJamCABD

main.kt

package org

import java.io.FileInputStream
import java.io.InputStream
import java.net.URL
import java.net.http.HttpClient
import java.net.http.HttpRequest
import java.net.http.HttpResponse.BodyHandlers
import java.security.KeyStore
import java.security.KeyStoreException
import java.security.SecureRandom
import java.security.cert.X509Certificate
import java.time.Duration
import javax.net.ssl.*


/**
 * A wrapper for the CCP using only native JAVA Libraries. Creates the client used to make the REST calls to AAM API
 *
 * Handles the SSL Authentication and the querying of the CCP
 *
 * @param url BaseUrl of of the AAM Instance (Required)
 * @param pathToKeyStore path to to the keystore (Supported: pkcs12)
 * @param passw password to the keystore
 * @param storeType type of keystore (Supported: pkcs12)
 * @constructor Creates the HTTPS Client with the keystore (if provided).
 */
class CentralCredentialProvider(url: String, pathToKeyStore: String = "", passw: String = "", storeType: String = ""){

    private val keyStorePath = pathToKeyStore
    private val password = passw
    private val baseAddress: URL
    private val keyStoreType = storeType
    private lateinit var client: HttpClient

    init {
        buildClient()
        baseAddress = URL(url)
    }
    /**
     * Builds the client for the Object. Both when keystore is provided and not
     */
    private fun buildClient(){
        
        // if a keystore is not specified
        if (keyStorePath.isEmpty()){
            val sslContext: SSLContext = SSLContext.getInstance("TLS")
            sslContext.init(null, getTrustAllCert(), SecureRandom())
            client = HttpClient.newBuilder()
                .connectTimeout(Duration.ofSeconds(10))
                .sslContext(sslContext)
                .build()
            return
        }

        val ks = KeyStore.getInstance(keyStoreType)
        // val ks = loadKeyStore(keyStoreType,keyStorePath,"","")
        val kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm())

        val sslContext = SSLContext.getInstance("SSL")

        ks.load(FileInputStream(keyStorePath), password.toCharArray())
        kmf.init(ks, password.toCharArray())

        System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol")
        System.setProperty("javax.net.ssl.keyStoreType", keyStoreType)
        System.setProperty("javax.net.ssl.keyStore", keyStorePath)
        System.setProperty("javax.net.ssl.keyStorePassword", password)

        sslContext.init(kmf.keyManagers, getTrustAllCert(), null)

        client = HttpClient.newBuilder()
            .connectTimeout(Duration.ofSeconds(10))
            .sslContext(sslContext)
            .build()
    }

    /**
     *
     * Load a key store of the provided type. Not used at the moment
     *
     * @param type type of keystore
     * @param path path to the keystore
     * @param password password to keystore
     * @param provider This class represents a "provider" for the Java Security API,
     * where a provider implements some or all parts of Java Security. Services that
     * a provider may implement include
     */
    private fun loadKeyStore( type : String, path : String, password : String = "", provider : String = ""): KeyStore {

        val keyStore:KeyStore = if (provider.isEmpty()) {
            KeyStore.getInstance(type)
        } else {
            try {
                KeyStore.getInstance(type, provider)
            } catch (e: KeyStoreException) {
                println("Keystore of type: $type is not supported for provider: $provider. Trying out other providers...")
                KeyStore.getInstance(type)
            }
        }

        val inputStream: InputStream
        try{
            inputStream =  FileInputStream(path)
            keyStore.load(inputStream, password.toCharArray())
        }catch (e: Exception) {
            println("ERROR")
        }
        return keyStore
    }

    private fun getTrustAllCert(): Array<TrustManager> {
        return arrayOf(object : X509TrustManager {
            override fun getAcceptedIssuers(): Array<X509Certificate>? = null
            override fun checkClientTrusted(certs: Array<X509Certificate>, authType: String) {}
            override fun checkServerTrusted(certs: Array<X509Certificate>, authType: String) {}
        })
    }

    /**
     *
     * Queries the CCP with provided parameters
     *
     * @param appID name of the application registered wih the PVWA (Required)
     * @param safe safe where the object resides (Required)
     * @param queryParams a map of the query parameters. accepted values are:
     *      Folder
     *      Object
     *      UserName
     *      Address
     *      Database
     *      PolicyID
     *      Reason
     *      Connection Timeout
     */
    fun getObjectString(appID: String, safe: String, queryParams: Map<String,String> ): String{

        val queryString = StringBuilder()
        queryString.append("/AIMWebService/api/Accounts?AppID=$appID&Safe=$safe")

        queryParams.forEach { (k, v) ->
            queryString.append("&").append(k).append("=").append(v)
        }

        val url = URL(baseAddress, queryString.toString())
        val request = HttpRequest.newBuilder()
            .uri(url.toURI())
            .build()
        val response = client.send(request, BodyHandlers.ofString())

        return response.body()
    }

}

/**
 *
 * To call the Wrapper with keystore:
 * val ccp = CentralCredentialProvider(url, pathToKeyStore, Password , type)
 *
 * without keystore
 * val ccp = CentralCredentialProvider(url)
 *
 * val res = ccp.getObjectString(appId, safeName, mapOf("QueryParam" to "value"))
 *
 */

fun main() {
    println("Hello World!")
    
}