Skip to content

Commit bc724e2

Browse files
rjrudinrjrudin
authored
Merge pull request #1524 from marklogic/feature/ssl-tweak
Applying SSL context and trust manager to "/token" call
2 parents 98fcd23 + bfec3a0 commit bc724e2

File tree

2 files changed

+4
-3
lines changed

2 files changed

+4
-3
lines changed

marklogic-client-api/src/main/java/com/marklogic/client/impl/okhttp/MarkLogicCloudAuthenticationConfigurer.java

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -58,8 +58,9 @@ public void configureAuthentication(OkHttpClient.Builder clientBuilder, MarkLogi
5858
private Response callTokenEndpoint(MarkLogicCloudAuthContext securityContext) {
5959
final HttpUrl tokenUrl = buildTokenUrl(securityContext);
6060
OkHttpClient.Builder clientBuilder = OkHttpUtil.newClientBuilder();
61-
// Initial testing has shown that neither the OkHttp socket factory nor hostname verifier need to be configured
62-
// for the goal of invoking the token endpoint.
61+
// Current assumption is that the SSL config provided for connecting to MarkLogic should also be applicable
62+
// for connecting to MarkLogic Cloud's "/token" endpoint.
63+
OkHttpUtil.configureSocketFactory(clientBuilder, securityContext.getSSLContext(), securityContext.getTrustManager());
6364

6465
if (logger.isInfoEnabled()) {
6566
logger.info("Calling token endpoint at: " + tokenUrl);

marklogic-client-api/src/main/java/com/marklogic/client/impl/okhttp/OkHttpUtil.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -145,7 +145,7 @@ private static void configureHostnameVerifier(OkHttpClient.Builder clientBuilder
145145
* @param sslContext
146146
* @param trustManager
147147
*/
148-
private static void configureSocketFactory(OkHttpClient.Builder clientBuilder, SSLContext sslContext, X509TrustManager trustManager) {
148+
static void configureSocketFactory(OkHttpClient.Builder clientBuilder, SSLContext sslContext, X509TrustManager trustManager) {
149149
/**
150150
* Per https://square.github.io/okhttp/3.x/okhttp/okhttp3/OkHttpClient.Builder.html#sslSocketFactory-javax.net.ssl.SSLSocketFactory- ,
151151
* OkHttp requires a TrustManager to be specified so that it can build a clean certificate chain. If trustManager

0 commit comments

Comments
 (0)