+ OAuth related changes

snavinch · snavinch · commit 5806d5565113 · 2021-01-05T15:30:45.000+05:30
diff --git a/generator/cybersource-java-template/libraries/okhttp-gson/ApiClient.mustache b/generator/cybersource-java-template/libraries/okhttp-gson/ApiClient.mustache
@@ -12,19 +12,14 @@
 
 package Invokers;
 
-import java.io.File;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.UnsupportedEncodingException;
+import java.io.*;
 import java.lang.reflect.Type;
 import java.net.HttpRetryException;
 import java.net.InetSocketAddress;
 import java.net.Proxy;
 import java.net.URLConnection;
 import java.net.URLEncoder;
-import java.security.GeneralSecurityException;
-import java.security.KeyStore;
-import java.security.SecureRandom;
+import java.security.*;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
@@ -45,13 +40,8 @@ import java.util.TimeZone;
 import java.util.concurrent.TimeUnit;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
-import javax.net.ssl.HostnameVerifier;
-import javax.net.ssl.KeyManager;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLSession;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-import javax.net.ssl.X509TrustManager;
+import javax.net.ssl.*;
+import com.google.gson.Gson;
 import org.apache.logging.log4j.Logger;
 import com.cybersource.authsdk.core.Authorization;
 import com.cybersource.authsdk.core.ConfigException;
@@ -84,6 +74,7 @@ import okhttp3.logging.HttpLoggingInterceptor;
 import okhttp3.logging.HttpLoggingInterceptor.Level;
 import okio.BufferedSink;
 import okio.Okio;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import utilities.interceptors.RetryInterceptor;
 import utilities.listeners.NetworkEventListener;
 import utilities.telemetry.RequestTransactionMetrics;
@@ -1298,6 +1289,11 @@ public class ApiClient {
 			ProgressRequestBody.ProgressRequestListener progressRequestListener) throws ApiException {
 		callAuthenticationHeader(method, path, body, queryParams);
 
+		if(merchantConfig.getEnableClientCert())
+		{
+			addClientCertToKeyStore();
+		}
+
 		if (acceptHeader != null && !acceptHeader.isEmpty()) {
 			String defaultAcceptHeader = "," + headerParams.get("Accept");
 			defaultAcceptHeader = acceptHeader + defaultAcceptHeader.replace("," + acceptHeader, "");
@@ -1359,7 +1355,7 @@ public class ApiClient {
 
 			merchantConfig.setRequestHost(merchantConfig.getRequestHost().trim());
 
-			if (isMerchantDetails) {
+			if (isMerchantDetails && !merchantConfig.getAuthenticationType().equalsIgnoreCase(GlobalLabelParameters.NOAUTH)) {
 				String token = authorization.getToken(merchantConfig);
 				if (merchantConfig.getAuthenticationType().equalsIgnoreCase(GlobalLabelParameters.HTTP)) {
 
@@ -1380,10 +1376,11 @@ public class ApiClient {
 					token = "Bearer " + token;
 					addDefaultHeader("Authorization", token);
 				}
-
-				// if (merchantConfig.getSolutionId() != null && !merchantConfig.getSolutionId().isEmpty()) {
-					// addDefaultHeader("v-c-solution-id", merchantConfig.getSolutionId());
-				// }
+				else if(merchantConfig.getAuthenticationType().equalsIgnoreCase(GlobalLabelParameters.OAUTH))
+				{
+					token = "Bearer " + token;
+					addDefaultHeader("Authorization", token);
+				}
 			}
 
 			if (versionInfo != null && !versionInfo.isEmpty()) {
@@ -1439,6 +1436,11 @@ public class ApiClient {
 		if (!HttpMethod.permitsRequestBody(method)) {
 			reqBody = null;
 		} else if ("application/x-www-form-urlencoded".equals(contentType)) {
+			// Convert request body to json to url encoded
+			Gson gson = new Gson();
+			String jsonString = json.serialize(body);
+			formParams = gson.fromJson(jsonString, HashMap.class);
+			while (formParams.values().remove(null));
 			reqBody = buildRequestBodyFormEncoding(formParams);
 		} else if ("multipart/form-data".equals(contentType)) {
 			reqBody = buildRequestBodyMultipart(formParams);
@@ -1550,7 +1552,7 @@ public class ApiClient {
 	public RequestBody buildRequestBodyFormEncoding(Map<String, Object> formParams) {
 		FormBody.Builder formBuilder = new FormBody.Builder();
 		for (Entry<String, Object> param : formParams.entrySet()) {
-			formBuilder.add(param.getKey(), parameterToString(param.getValue()));
+			formBuilder.addEncoded(param.getKey(), parameterToString(param.getValue()));
 		}
 		return formBuilder.build();
 	}
@@ -1626,6 +1628,48 @@ public class ApiClient {
 		}
 	}
 
+	/**
+	 *  Adding Client Cert (.p12) to KeyStore, Trust all site
+	 */
+	private void addClientCertToKeyStore() {
+		try {
+
+			// Create a trust manager that does not validate certificate chains
+			final TrustManager[] trustAllCerts = new TrustManager[] {
+					new X509TrustManager() {
+						@Override
+						public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
+						}
+
+						@Override
+						public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
+						}
+
+						@Override
+						public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+							return new java.security.cert.X509Certificate[]{};
+						}
+					}
+			};
+
+			KeyStore merchantKeyStore = KeyStore.getInstance("PKCS12", new BouncyCastleProvider());
+			FileInputStream file = new FileInputStream(new File(merchantConfig.getClientCertDirectory(), merchantConfig.getClientCertFile()));
+			merchantKeyStore.load(file,	merchantConfig.getClientCertPassword().toCharArray());
+
+			KeyManagerFactory keyManagerFactory =
+					KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+			keyManagerFactory.init(merchantKeyStore, new char[] {});
+
+			SSLContext sslContext = SSLContext.getInstance("TLS");
+			sslContext.init(keyManagerFactory.getKeyManagers(), trustAllCerts, new SecureRandom());
+			httpClient = httpClient.newBuilder().sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustAllCerts[0]).build();
+
+		}
+		catch (IOException | CertificateException | NoSuchAlgorithmException | KeyStoreException | KeyManagementException | UnrecoverableKeyException ex) {
+
+		}
+	}
+
 	/**
 	 * Apply SSL related settings to httpClient according to the current values
 	 * of verifyingSsl and sslCaCert.
