Trust all certificates

Author: mechero

src/main/java/io/tpd/quboo/sonarplugin/dtos/UsersWrapper.java

@@ -5,7 +5,6 @@
 
 import java.util.ArrayList;
 import java.util.List;
-import java.util.stream.Collectors;
 
 public class UsersWrapper {
 
@@ -17,9 +16,7 @@ public UsersWrapper() {
 
   public void filterAndAddUsers(final Users users) {
     this.users.addAll(
-      users.getUsers().stream()
-        .filter(User::isActive)
-        .collect(Collectors.toList())
+      users.getUsers()
     );
   }
 

src/main/java/io/tpd/quboo/sonarplugin/hooks/QubooConnector.java

@@ -4,6 +4,7 @@
 import io.tpd.quboo.sonarplugin.QubooPlugin;
 import io.tpd.quboo.sonarplugin.dtos.IssuesWrapper;
 import io.tpd.quboo.sonarplugin.dtos.UsersWrapper;
+import io.tpd.quboo.sonarplugin.http.HttpClients;
 import io.tpd.quboo.sonarplugin.pojos.Issues;
 import io.tpd.quboo.sonarplugin.pojos.Paging;
 import io.tpd.quboo.sonarplugin.pojos.Users;
@@ -28,7 +29,7 @@ public class QubooConnector implements PostProjectAnalysisTask {
   private final OkHttpClient http;
 
   public QubooConnector(final Server server) {
-    this.http = new OkHttpClient();
+    this.http = HttpClients.getUnsafeOkHttpClient();
     this.server = server;
     this.mapper = new ObjectMapper();
   }
@@ -57,7 +58,7 @@ private void sendIssuesToQuboo(final IssuesWrapper allIssues, final String quboo
       .build();
     final Response response = http.newCall(request).execute();
     final String body = response.body().string();
-    log.info("Response " + body);
+    log.info("Response " + response.code() + " | " + body);
   }
 
   private IssuesWrapper getIssues() throws Exception {
@@ -86,7 +87,7 @@ private void sendUsersToQuboo(final UsersWrapper allUsers, final String qubooKey
       .build();
     final Response response = http.newCall(request).execute();
     final String body = response.body().string();
-    log.info("Response " + body);
+    log.info("Response " + response.code() + " | " + body);
   }
 
   private UsersWrapper getUsers() {

src/main/java/io/tpd/quboo/sonarplugin/http/HttpClients.java

@@ -0,0 +1,56 @@
+package io.tpd.quboo.sonarplugin.http;
+
+import okhttp3.OkHttpClient;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
+public class HttpClients {
+
+  private HttpClients() {
+  }
+
+  /**
+   * Even though Quboo uses a valid LetsEncrypt certificate, its CA might not be included by default in some
+   * Java distributions. For that reason we use a client that trusts all certificates.
+   *
+   * @return an OkHttpClient that trusts all certificates
+   */
+  public static OkHttpClient getUnsafeOkHttpClient() {
+    try {
+      // No-op trust manager
+      final TrustManager[] trustAllCerts = new TrustManager[]{
+        new X509TrustManager() {
+          @Override
+          public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {
+          }
+
+          @Override
+          public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {
+          }
+
+          @Override
+          public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+            return new java.security.cert.X509Certificate[]{};
+          }
+        }
+      };
+
+      // Install the all-trusting trust manager
+      final SSLContext sslContext = SSLContext.getInstance("SSL");
+      sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
+      // Create an ssl socket factory with our all-trusting manager
+      final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
+
+      OkHttpClient.Builder builder = new OkHttpClient.Builder();
+      builder.sslSocketFactory(sslSocketFactory, (X509TrustManager) trustAllCerts[0]);
+      builder.hostnameVerifier((hostname, session) -> true);
+
+      return builder.build();
+    } catch (Exception e) {
+      throw new RuntimeException(e);
+    }
+  }
+}