loafle/openapi-generator-original
3
0
Fork 1
mirror of https://github.com/OpenAPITools/openapi-generator.git synced 2025-12-10 01:06:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

okhttp-gson: fix SSL settings with okhttp3 (#4226)

Browse Source 
The old code used to work with older okhttp (< 3), but will throw
NullPointerExceptions with okhttp3.
This commit is contained in:
Fabio Kung
2019-10-24 03:15:10 -07:00
committed by William Cheng
parent 652b0f5bf6
commit c3666e9350
3 changed files with 90 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
modules/openapi-generator/src/main/resources/Java/libraries/okhttp-gson/ApiClient.mustache vendored
View File

@@ -4,6 +4,7 @@ package {{invokerPackage}};
import okhttp3.*; import okhttp3.*;
import okhttp3.internal.http.HttpMethod; import okhttp3.internal.http.HttpMethod;
import okhttp3.internal.tls.OkHostnameVerifier;
import okhttp3.logging.HttpLoggingInterceptor; import okhttp3.logging.HttpLoggingInterceptor;
import okhttp3.logging.HttpLoggingInterceptor.Level; import okhttp3.logging.HttpLoggingInterceptor.Level;
import okio.BufferedSink; import okio.BufferedSink;
@@ -1340,8 +1341,8 @@ public class ApiClient {
*/ */
private void applySslSettings() { private void applySslSettings() {
try { try {
TrustManager[] trustManagers = null; TrustManager[] trustManagers;
HostnameVerifier hostnameVerifier = null; HostnameVerifier hostnameVerifier;
if (!verifyingSsl) { if (!verifyingSsl) {
trustManagers = new TrustManager[]{ trustManagers = new TrustManager[]{
new X509TrustManager() { new X509TrustManager() {
@@ -1359,40 +1360,42 @@ public class ApiClient {
} }
} }
}; };
SSLContext sslContext = SSLContext.getInstance("TLS");
hostnameVerifier = new HostnameVerifier() { hostnameVerifier = new HostnameVerifier() {
@Override @Override
public boolean verify(String hostname, SSLSession session) { public boolean verify(String hostname, SSLSession session) {
return true; return true;
} }
}; };
} else if (sslCaCert != null) {
char[] password = null; // Any password will work.
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(sslCaCert);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
KeyStore caKeyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = "ca" + Integer.toString(index++);
caKeyStore.setCertificateEntry(certificateAlias, certificate);
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(caKeyStore);
trustManagers = trustManagerFactory.getTrustManagers();
}
if (keyManagers != null || trustManagers != null) {
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, new SecureRandom());
httpClient = httpClient.newBuilder().sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagers[0]).build();
} else { } else {
httpClient = httpClient.newBuilder().sslSocketFactory(null, (X509TrustManager) trustManagers[0]).build(); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
if (sslCaCert == null) {
trustManagerFactory.init((KeyStore) null);
} else {
char[] password = null; // Any password will work.
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(sslCaCert);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
KeyStore caKeyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = "ca" + Integer.toString(index++);
caKeyStore.setCertificateEntry(certificateAlias, certificate);
}
trustManagerFactory.init(caKeyStore);
}
trustManagers = trustManagerFactory.getTrustManagers();
hostnameVerifier = OkHostnameVerifier.INSTANCE;
} }
httpClient = httpClient.newBuilder().hostnameVerifier(hostnameVerifier).build(); SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, new SecureRandom());
httpClient = httpClient.newBuilder()
.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagers[0])
.hostnameVerifier(hostnameVerifier)
.build();
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
throw new RuntimeException(e); throw new RuntimeException(e);
} }

57
samples/client/petstore/java/okhttp-gson-parcelableModel/src/main/java/org/openapitools/client/ApiClient.java
View File

@@ -15,6 +15,7 @@ package org.openapitools.client;
import okhttp3.*; import okhttp3.*;
import okhttp3.internal.http.HttpMethod; import okhttp3.internal.http.HttpMethod;
import okhttp3.internal.tls.OkHostnameVerifier;
import okhttp3.logging.HttpLoggingInterceptor; import okhttp3.logging.HttpLoggingInterceptor;
import okhttp3.logging.HttpLoggingInterceptor.Level; import okhttp3.logging.HttpLoggingInterceptor.Level;
import okio.BufferedSink; import okio.BufferedSink;
@@ -1305,8 +1306,8 @@ public class ApiClient {
*/ */
private void applySslSettings() { private void applySslSettings() {
try { try {
TrustManager[] trustManagers = null; TrustManager[] trustManagers;
HostnameVerifier hostnameVerifier = null; HostnameVerifier hostnameVerifier;
if (!verifyingSsl) { if (!verifyingSsl) {
trustManagers = new TrustManager[]{ trustManagers = new TrustManager[]{
new X509TrustManager() { new X509TrustManager() {
@@ -1324,40 +1325,42 @@ public class ApiClient {
} }
} }
}; };
SSLContext sslContext = SSLContext.getInstance("TLS");
hostnameVerifier = new HostnameVerifier() { hostnameVerifier = new HostnameVerifier() {
@Override @Override
public boolean verify(String hostname, SSLSession session) { public boolean verify(String hostname, SSLSession session) {
return true; return true;
} }
}; };
} else if (sslCaCert != null) {
char[] password = null; // Any password will work.
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(sslCaCert);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
KeyStore caKeyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = "ca" + Integer.toString(index++);
caKeyStore.setCertificateEntry(certificateAlias, certificate);
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(caKeyStore);
trustManagers = trustManagerFactory.getTrustManagers();
}
if (keyManagers != null || trustManagers != null) {
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, new SecureRandom());
httpClient = httpClient.newBuilder().sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagers[0]).build();
} else { } else {
httpClient = httpClient.newBuilder().sslSocketFactory(null, (X509TrustManager) trustManagers[0]).build(); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
if (sslCaCert == null) {
trustManagerFactory.init((KeyStore) null);
} else {
char[] password = null; // Any password will work.
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(sslCaCert);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
KeyStore caKeyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = "ca" + Integer.toString(index++);
caKeyStore.setCertificateEntry(certificateAlias, certificate);
}
trustManagerFactory.init(caKeyStore);
}
trustManagers = trustManagerFactory.getTrustManagers();
hostnameVerifier = OkHostnameVerifier.INSTANCE;
} }
httpClient = httpClient.newBuilder().hostnameVerifier(hostnameVerifier).build(); SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, new SecureRandom());
httpClient = httpClient.newBuilder()
.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagers[0])
.hostnameVerifier(hostnameVerifier)
.build();
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
throw new RuntimeException(e); throw new RuntimeException(e);
} }

57
samples/client/petstore/java/okhttp-gson/src/main/java/org/openapitools/client/ApiClient.java
View File

@@ -15,6 +15,7 @@ package org.openapitools.client;
import okhttp3.*; import okhttp3.*;
import okhttp3.internal.http.HttpMethod; import okhttp3.internal.http.HttpMethod;
import okhttp3.internal.tls.OkHostnameVerifier;
import okhttp3.logging.HttpLoggingInterceptor; import okhttp3.logging.HttpLoggingInterceptor;
import okhttp3.logging.HttpLoggingInterceptor.Level; import okhttp3.logging.HttpLoggingInterceptor.Level;
import okio.BufferedSink; import okio.BufferedSink;
@@ -1305,8 +1306,8 @@ public class ApiClient {
*/ */
private void applySslSettings() { private void applySslSettings() {
try { try {
TrustManager[] trustManagers = null; TrustManager[] trustManagers;
HostnameVerifier hostnameVerifier = null; HostnameVerifier hostnameVerifier;
if (!verifyingSsl) { if (!verifyingSsl) {
trustManagers = new TrustManager[]{ trustManagers = new TrustManager[]{
new X509TrustManager() { new X509TrustManager() {
@@ -1324,40 +1325,42 @@ public class ApiClient {
} }
} }
}; };
SSLContext sslContext = SSLContext.getInstance("TLS");
hostnameVerifier = new HostnameVerifier() { hostnameVerifier = new HostnameVerifier() {
@Override @Override
public boolean verify(String hostname, SSLSession session) { public boolean verify(String hostname, SSLSession session) {
return true; return true;
} }
}; };
} else if (sslCaCert != null) {
char[] password = null; // Any password will work.
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(sslCaCert);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
KeyStore caKeyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = "ca" + Integer.toString(index++);
caKeyStore.setCertificateEntry(certificateAlias, certificate);
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(caKeyStore);
trustManagers = trustManagerFactory.getTrustManagers();
}
if (keyManagers != null || trustManagers != null) {
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, new SecureRandom());
httpClient = httpClient.newBuilder().sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagers[0]).build();
} else { } else {
httpClient = httpClient.newBuilder().sslSocketFactory(null, (X509TrustManager) trustManagers[0]).build(); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
if (sslCaCert == null) {
trustManagerFactory.init((KeyStore) null);
} else {
char[] password = null; // Any password will work.
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(sslCaCert);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
KeyStore caKeyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = "ca" + Integer.toString(index++);
caKeyStore.setCertificateEntry(certificateAlias, certificate);
}
trustManagerFactory.init(caKeyStore);
}
trustManagers = trustManagerFactory.getTrustManagers();
hostnameVerifier = OkHostnameVerifier.INSTANCE;
} }
httpClient = httpClient.newBuilder().hostnameVerifier(hostnameVerifier).build(); SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, new SecureRandom());
httpClient = httpClient.newBuilder()
.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagers[0])
.hostnameVerifier(hostnameVerifier)
.build();
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
throw new RuntimeException(e); throw new RuntimeException(e);
} }