BAEL-8591 updated code for mTLS calls with Java Client, added tests

Author: amijkum

core-java-modules/core-java-httpclient/src/main/java/com/baeldung/mtls/calls/HostNameVerifierBuilder.java

@@ -0,0 +1,12 @@
+package com.baeldung.mtls.calls;
+
+import javax.net.ssl.HostnameVerifier;
+
+public class HostNameVerifierBuilder {
+
+    static HostnameVerifier allHostsValid = (hostname, session) -> true;
+
+    public static HostnameVerifier getAllHostsValid() {
+        return allHostsValid;
+    }
+}

core-java-modules/core-java-httpclient/src/main/java/com/baeldung/mtls/httpclient/SslContextBuilder.java renamed to core-java-modules/core-java-httpclient/src/main/java/com/baeldung/mtls/calls/SslContextBuilder.java

@@ -1,4 +1,4 @@
-package com.baeldung.mtls.httpclient;
+package com.baeldung.mtls.calls;
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
@@ -35,8 +35,8 @@ public static SSLContext buildSslContext()
         final Properties props = System.getProperties();
         props.setProperty("jdk.internal.httpclient.disableHostnameVerification", Boolean.TRUE.toString());
 
-        String privateKeyPath = "/etc/certs/client.key.pkcs8";
-        String publicKeyPath = "/etc/certs/client.crt";
+        String privateKeyPath = "src/main/resources/keys/client.key.pkcs8";
+        String publicKeyPath = "src/main/resources/keys/client.crt";
 
         final byte[] publicData = Files.readAllBytes(Path.of(publicKeyPath));
         final byte[] privateData = Files.readAllBytes(Path.of(privateKeyPath));

core-java-modules/core-java-httpclient/src/main/resources/keys/client.crt

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID8zCCAdugAwIBAgIBATANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDDA8qLnlv
+dXIuaG9zdG5hbWUwHhcNMjUwNzA3MTY0NTMzWhcNMjYwNzA3MTY0NTMzWjAcMRow
+GAYDVQQDDBEqLmNsaWVudC5ob3N0bmFtZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKavVV7T7MEWY2pVUSWzIGfaVqSEBgKmdUJWnNGHwZrBX/XjJ9LN
+srBAOjT/mJ4ccoMTKY8agDmF7z0nz8fQSr5D4JQ6C1yBbjKL04BwLSrNIRPIzWrb
+F4ztADOrrh1l3YaRYbwMWkFZjcoRX9zXYooMbZPrgBSskQ8hdnrIMtc04+FvFhyP
+5hEtqvR9I8qGjxGx/wXAYA539Owh9T3Xl0vVroxtv2eFNYIIg7BV1yHrX1RalEbx
+5mzfeM7o/IJRvj/73jVhdvu2csUM4J20NxSx1B9XoFZI8Y0JPOR4bo3j7zZXE0iH
+ib6/pWYxdZknWDsm7qHTLZJNEFPNk/W2/0UCAwEAAaNCMEAwHQYDVR0OBBYEFOkk
+ZcxKbJpkiG0Mr5ce/6ykH9rGMB8GA1UdIwQYMBaAFARhDN6rdEw0ylzmwgVRXUbO
+BNmJMA0GCSqGSIb3DQEBCwUAA4ICAQAGPhAPinkHWHfSiQRChtxEAnTPVavsuC6X
+UyGGpWHz7OD475SbzYnuaTN+O/2HUoP3qyVWH8igSOLBY1vpUXthkSHBltH21Gog
+NFW4Z4/8NBlvM25BiBA/hGANFu5MvWuB9gNfHryWSZHFf0fyOd7ITIY2pDUHkqlc
+e5pAkjGAlvATGeF8PcMzYDAF6DamtJVZtqha/ssAGPlDggbr55LqtKos9TphYGsN
+LOnWv+f81TB8euLUTJpFg4i+t5QGmQ1UWv2N1U4TEo5fpRb+y6E/vorUH4qpDKOn
+31mvjxkgW05Jf21GKQU5LtYIfR3ZVa7UlWkdr9x763pzNUB0q8ioPQ2jQ3bzrJEO
+El3dhiWCUAXGxljKWeuUwkdws3D4mOru6hVwE7vE31ZD3mnO52uOtwd6sKeGg7zj
+OgTu06/KSbYEVsZ1yic8CWVSR2Sn+4HtXo7cEuBCnWJIkqRNGoFTbKULaSWLN+Lh
+wzTIcBA6E5SoHXY0T80EsVQAq2LV7bymDklHeBWUMr47guUUyBsoZg36njA7geT5
+T8dIeyClWHZNwqa8kxbQt6WAY21qqUyovsn0js26Ni8sr3iv+akXZkeJGopgYV4g
+BNMow0BNLsKLRhDM0gkIqlOwHMRIYwsdNkrSk4mnZoxlGIotVb4JCAazxss5rJR2
+IVboXKO91g==
+-----END CERTIFICATE-----

core-java-modules/core-java-httpclient/src/main/resources/keys/client.key.pkcs8

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCmr1Ve0+zBFmNq
+VVElsyBn2lakhAYCpnVCVpzRh8GawV/14yfSzbKwQDo0/5ieHHKDEymPGoA5he89
+J8/H0Eq+Q+CUOgtcgW4yi9OAcC0qzSETyM1q2xeM7QAzq64dZd2GkWG8DFpBWY3K
+EV/c12KKDG2T64AUrJEPIXZ6yDLXNOPhbxYcj+YRLar0fSPKho8Rsf8FwGAOd/Ts
+IfU915dL1a6Mbb9nhTWCCIOwVdch619UWpRG8eZs33jO6PyCUb4/+941YXb7tnLF
+DOCdtDcUsdQfV6BWSPGNCTzkeG6N4+82VxNIh4m+v6VmMXWZJ1g7Ju6h0y2STRBT
+zZP1tv9FAgMBAAECggEAC5oBjaeff3MA+Wo1yzN0CnZyeGHuDyop2DOyF41k5tIV
+zUYBxBToHodh5cVyiHK/b6saRekYyqgtViratfQj96k+zOJbXxVtJ5x+3J4yLpv3
+dOqRjaHxOjBWxsHozQgFirO8wzty3sCOc2WRMAxXwfcKe3S1Rfsa35w7JGGh1EOv
+ygOACa+9iLsT8iAVGtmaFybp3wNFS+MYibe/v7qhM1MLktGJH8tZIzYr87iLP7uF
+6WZve1/QCvNwyvKsdSYIvNzaVYJTuWacTVKaANmEci5TYtQzFVQScX9PdrdNtQdu
+2pxtbI0Y8oT04KXQ0Bsnejc5ckE/pzgIzB17lF+O0QKBgQDhIZ48YxaRWN1JEsii
+zvzcEz3hMKBzZ//oFB0/tb4AFuIrMaeoVZf0jH571KWO9BV+ExxCBIROr7twdIxk
+OfwCGN4034+hJlBxrBSf8lN3jYHV6t1xBniz1PkoUjUI+RzjoPY9T0hsYUv76vcZ
+2uqgCCXlu2Ssj+MPRkeH2laXyQKBgQC9iizU1NiHgwxL7TVf9Wiz7wxC/UWe9/32
+EZyFS83GIJffLXowQA997qWa/NtbcP+Dpdm6vbYbW6FBRE7EH6zQgLWZtollmuaR
+cmCXzSmB84P5wz8fF0o8HZnjzMiM4Dm8pUXlNj/05QUGBT+4YG5pKKqR5RLj3rXE
+i4eUaDMhnQKBgQClZ2OwjkSIaTe7dld+doEE2AZAqs9XuvMjeZO7uTVtL2LfxU2e
+ubQ48fgD1soEa4RW6od6YYMrpKUcDCURhiCHEepAAniuN04nFfzZPtrgHVFk73fe
+kJih1zlvzGY2v3/gJeSESvm01w9SeOEvV83F4famALYIqnZyRHpNb7brMQKBgQCp
+bBp4wC0wrEZQlB9SwBWwSOyH8MbLu1bKHqHvUHwGLtoyRv9io9B1O93R9VXKne33
+6kb+MlfWiohQw9M4YiviUDqDxPN53AVfW4LWDjCdFWQR3KHOk83qgHcvdbyKmF9j
+rcQVh/GRYSmlYQm9MI1g+FXHhaDmCQwnPKWbVazmzQKBgHV3r3ahlszePYHQmQLr
+4eJM7Kj3Y0SydM3402TLH8DG4CeuOkO+/ZhHAE3AgAzQptOqbZ25/RS+7O6N+Wa1
+Lo6kbrSgoqQgqzyHrp3PcWeJ1n/mef0QxbV/fKWWfdzFRtA2oTwXteW3Dzmu7A84
+65QBcsuKKf34GJfvwl8eQT/O
+-----END PRIVATE KEY-----

core-java-modules/core-java-httpclient/src/main/java/com/baeldung/mtls/httpclient/HttpClientExample.java renamed to core-java-modules/core-java-httpclient/src/test/java/com/baeldung/mtls/calls/MutualTLSCallWithHttpClientLiveTest.java

@@ -1,4 +1,4 @@
-package com.baeldung.mtls.httpclient;
+package com.baeldung.mtls.calls;
 
 import java.io.IOException;
 import java.net.URI;
@@ -14,10 +14,14 @@
 
 import javax.net.ssl.SSLContext;
 
-public class HttpClientExample {
+import org.assertj.core.api.Assertions;
+import org.junit.Test;
 
-    public static void main(String[] args)
-        throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, InvalidKeySpecException,
+public class MutualTLSCallWithHttpClientLiveTest {
+
+    @Test
+    public void whenWeExecuteMutualTLSCallToNginxServerWithHttpClient_thenItShouldReturnStatusOK()
+        throws UnrecoverableKeyException, CertificateException, IOException, InvalidKeySpecException, NoSuchAlgorithmException, KeyStoreException,
                KeyManagementException {
         SSLContext sslContext = SslContextBuilder.buildSslContext();
         HttpClient client = HttpClient.newBuilder()
@@ -31,7 +35,10 @@ public static void main(String[] args)
 
         HttpResponse<String> response = client.sendAsync(exactRequest, HttpResponse.BodyHandlers.ofString())
             .join();
-
+        Assertions.assertThat(response)
+            .isNotNull();
+        Assertions.assertThat(response.statusCode())
+            .isEqualTo(200);
     }
 
 }

core-java-modules/core-java-httpclient/src/main/java/com/baeldung/mtls/httpclient/HttpURLConnectionExample.java renamed to core-java-modules/core-java-httpclient/src/test/java/com/baeldung/mtls/calls/MutualTLSCallWithHttpURLConnectionLiveTest.java

@@ -1,4 +1,4 @@
-package com.baeldung.mtls.httpclient;
+package com.baeldung.mtls.calls;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -11,24 +11,26 @@
 import java.security.cert.CertificateException;
 import java.security.spec.InvalidKeySpecException;
 
-import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLContext;
 
-public class HttpURLConnectionExample {
+import org.assertj.core.api.Assertions;
+import org.junit.Test;
 
-    public static void main(String[] args)
-        throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, InvalidKeySpecException,
+public class MutualTLSCallWithHttpURLConnectionLiveTest {
+
+    @Test
+    public void whenWeExecuteMutualTLSCallToNginxServerWithHttpURLConnection_thenItShouldReturnNonNullResponse()
+        throws UnrecoverableKeyException, CertificateException, IOException, InvalidKeySpecException, NoSuchAlgorithmException, KeyStoreException,
                KeyManagementException {
         SSLContext sslContext = SslContextBuilder.buildSslContext();
-
-        HostnameVerifier allHostsValid = (hostname, session) -> true;
         HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL("https://127.0.0.1/ping").openConnection();
         httpsURLConnection.setSSLSocketFactory(sslContext.getSocketFactory());
-        httpsURLConnection.setHostnameVerifier(allHostsValid);
-
+        httpsURLConnection.setHostnameVerifier(HostNameVerifierBuilder.getAllHostsValid());
         InputStream inputStream = httpsURLConnection.getInputStream();
         String response = new String(inputStream.readAllBytes(), Charset.defaultCharset());
+        Assertions.assertThat(response)
+            .isNotNull();
     }
 
 }

core-java-modules/core-java-httpclient/src/test/java/com/baeldung/mtls/calls/SslContextBuilderUnitTest.java

@@ -0,0 +1,26 @@
+package com.baeldung.mtls.calls;
+
+import java.io.IOException;
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.security.spec.InvalidKeySpecException;
+
+import javax.net.ssl.SSLContext;
+
+import org.assertj.core.api.Assertions;
+import org.junit.Test;
+
+public class SslContextBuilderUnitTest {
+
+    @Test
+    public void whenPrivateAndPublicKeysAreGiven_thenAnSSLContextShouldBeCreated()
+        throws UnrecoverableKeyException, CertificateException, IOException, InvalidKeySpecException, NoSuchAlgorithmException, KeyStoreException,
+               KeyManagementException {
+        SSLContext sslContext = SslContextBuilder.buildSslContext();
+        Assertions.assertThat(sslContext)
+            .isNotNull();
+    }
+}