Skip to content

Instantly share code, notes, and snippets.

@infamousjoeg
Created December 6, 2021 14:23
Show Gist options
  • Save infamousjoeg/33414212615021b27a5047bfcfbdf13c to your computer and use it in GitHub Desktop.
Save infamousjoeg/33414212615021b27a5047bfcfbdf13c to your computer and use it in GitHub Desktop.
Kotlin (Java) CCP REST Call Example - Thanks @JimmyJamCABD
package org
import java.io.FileInputStream
import java.io.InputStream
import java.net.URL
import java.net.http.HttpClient
import java.net.http.HttpRequest
import java.net.http.HttpResponse.BodyHandlers
import java.security.KeyStore
import java.security.KeyStoreException
import java.security.SecureRandom
import java.security.cert.X509Certificate
import java.time.Duration
import javax.net.ssl.*
/**
* A wrapper for the CCP using only native JAVA Libraries. Creates the client used to make the REST calls to AAM API
*
* Handles the SSL Authentication and the querying of the CCP
*
* @param url BaseUrl of of the AAM Instance (Required)
* @param pathToKeyStore path to to the keystore (Supported: pkcs12)
* @param passw password to the keystore
* @param storeType type of keystore (Supported: pkcs12)
* @constructor Creates the HTTPS Client with the keystore (if provided).
*/
class CentralCredentialProvider(url: String, pathToKeyStore: String = "", passw: String = "", storeType: String = ""){
private val keyStorePath = pathToKeyStore
private val password = passw
private val baseAddress: URL
private val keyStoreType = storeType
private lateinit var client: HttpClient
init {
buildClient()
baseAddress = URL(url)
}
/**
* Builds the client for the Object. Both when keystore is provided and not
*/
private fun buildClient(){
// if a keystore is not specified
if (keyStorePath.isEmpty()){
val sslContext: SSLContext = SSLContext.getInstance("TLS")
sslContext.init(null, getTrustAllCert(), SecureRandom())
client = HttpClient.newBuilder()
.connectTimeout(Duration.ofSeconds(10))
.sslContext(sslContext)
.build()
return
}
val ks = KeyStore.getInstance(keyStoreType)
// val ks = loadKeyStore(keyStoreType,keyStorePath,"","")
val kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm())
val sslContext = SSLContext.getInstance("SSL")
ks.load(FileInputStream(keyStorePath), password.toCharArray())
kmf.init(ks, password.toCharArray())
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol")
System.setProperty("javax.net.ssl.keyStoreType", keyStoreType)
System.setProperty("javax.net.ssl.keyStore", keyStorePath)
System.setProperty("javax.net.ssl.keyStorePassword", password)
sslContext.init(kmf.keyManagers, getTrustAllCert(), null)
client = HttpClient.newBuilder()
.connectTimeout(Duration.ofSeconds(10))
.sslContext(sslContext)
.build()
}
/**
*
* Load a key store of the provided type. Not used at the moment
*
* @param type type of keystore
* @param path path to the keystore
* @param password password to keystore
* @param provider This class represents a "provider" for the Java Security API,
* where a provider implements some or all parts of Java Security. Services that
* a provider may implement include
*/
private fun loadKeyStore( type : String, path : String, password : String = "", provider : String = ""): KeyStore {
val keyStore:KeyStore = if (provider.isEmpty()) {
KeyStore.getInstance(type)
} else {
try {
KeyStore.getInstance(type, provider)
} catch (e: KeyStoreException) {
println("Keystore of type: $type is not supported for provider: $provider. Trying out other providers...")
KeyStore.getInstance(type)
}
}
val inputStream: InputStream
try{
inputStream = FileInputStream(path)
keyStore.load(inputStream, password.toCharArray())
}catch (e: Exception) {
println("ERROR")
}
return keyStore
}
private fun getTrustAllCert(): Array<TrustManager> {
return arrayOf(object : X509TrustManager {
override fun getAcceptedIssuers(): Array<X509Certificate>? = null
override fun checkClientTrusted(certs: Array<X509Certificate>, authType: String) {}
override fun checkServerTrusted(certs: Array<X509Certificate>, authType: String) {}
})
}
/**
*
* Queries the CCP with provided parameters
*
* @param appID name of the application registered wih the PVWA (Required)
* @param safe safe where the object resides (Required)
* @param queryParams a map of the query parameters. accepted values are:
* Folder
* Object
* UserName
* Address
* Database
* PolicyID
* Reason
* Connection Timeout
*/
fun getObjectString(appID: String, safe: String, queryParams: Map<String,String> ): String{
val queryString = StringBuilder()
queryString.append("/AIMWebService/api/Accounts?AppID=$appID&Safe=$safe")
queryParams.forEach { (k, v) ->
queryString.append("&").append(k).append("=").append(v)
}
val url = URL(baseAddress, queryString.toString())
val request = HttpRequest.newBuilder()
.uri(url.toURI())
.build()
val response = client.send(request, BodyHandlers.ofString())
return response.body()
}
}
/**
*
* To call the Wrapper with keystore:
* val ccp = CentralCredentialProvider(url, pathToKeyStore, Password , type)
*
* without keystore
* val ccp = CentralCredentialProvider(url)
*
* val res = ccp.getObjectString(appId, safeName, mapOf("QueryParam" to "value"))
*
*/
fun main() {
println("Hello World!")
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment