Adding option for ignoring certificate validation

Author: jdewinne

.travis.yml

@@ -7,7 +7,7 @@ deploy:
   provider: releases
   api_key:
     secure: HaLgQjTqegx0wexEexbBKB+D1DGwbiW7zQgLMpbA/d1PUQRLHMIZLNE8u1V5/4/qLSRqmp/VdLHwvSWbcc7dPrzNN09rwEb7HPLORkCvSHq6/pOgnJ1xIWU4CMjNewjxYS94AnQN+0+PFdFw7mqTuf6cz/IVCZxypCEzckziI220DLYBXBS9vNSko55979yhQv7U31vd/CJ63cp21qvemAcFncQr98FKq6JsbpMtOOjAqjvN/VPpnphhoV7DxbiKEMZ9ZePClg69HpZ+Q/o2qUm/BKd32ZmpZosTE27Gaj81TVnLeLfveeBRt0jTK4gisS5++t6AfK01DHGexT4hVgG34jkjQQX76imCMa+sd61Ixs2P4rVRl9zqJKFBlxoeOkdXhenLqDZL0c/jKYXXtIln6f24rnQ26t1L7zbdI2I0G+gS0aZfXAMSXoFioZCplydRkuuHrr/HOVmlBk7LF36cvXSbv2UVwATrNjOZs0Sd0fBxrOtnQ7l9g3vSufV59kHE/ic80Lrbn8Pphh3gRDsOrVGF/vHvz5Aho0kCxLwqoz6hajQ0kIVvfIz3kC2xITeFWYwYgUUupLUopj2GiIpOdcPhZJ/9Lr0+zr3cxW/l7orWwmuVT/Eo9JdyhX+GaYvRvNkU9x1A1VFF/R3AOc2eSDi+zmCASbqdA9vE/Zs=
-  file: build/libs/xlr-ucd-plugin-1.1.0.jar
+  file: build/libs/xlr-ucd-plugin-1.2.0.jar
   skip_cleanup: true
   on:
     tags: true

build.gradle

@@ -3,7 +3,7 @@ plugins {
     id "com.xebialabs.xlr.docker" version "1.2.1"
 }
 
-version='1.1.0'
+version='1.2.0'
 
 apply plugin: 'java'
 apply plugin: 'idea'

src/main/resources/synthetic.xml

@@ -10,6 +10,7 @@
 <synthetic xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.xebialabs.com/deployit/synthetic" xsi:schemaLocation="http://www.xebialabs.com/deployit/synthetic synthetic.xsd">
 
     <type type="ucd.Server" extends="configuration.HttpConnection">
+        <property name="disableSslVerification" required="true" kind="boolean" default="false" description="Disable SSL verification" />
     </type>
 
     <type type="ucd.Task" extends="xlrelease.PythonScript" virtual="true">
@@ -46,4 +47,4 @@
         <property name="requestStatus" category="output" label="Request Status" description="The request status" kind="string" />
         <property name="requestResult" category="output" label="Request Result" description="The request result" kind="string" />
     </type>
-</synthetic>
+</synthetic>

src/main/resources/ucd/ApplicationProcessRequest.py

@@ -7,7 +7,8 @@
 from ucd.UCDClientUtil import UCD_Client_Util
 
 
-ucd_client = UCD_Client_Util.create_ucd_client(server, username, password)
+verifySsl = not server['disableSslVerification']
+ucd_client = UCD_Client_Util.create_ucd_client(server, username, password, verifySsl)
 
 requestId = ucd_client.application_process_request(application, applicationProcess, environment, versions)
 

src/main/resources/ucd/ApplicationProcessRequestStatus.py

@@ -6,8 +6,8 @@
 import time, sys
 from ucd.UCDClientUtil import UCD_Client_Util
 
-
-ucd_client = UCD_Client_Util.create_ucd_client(server, username, password)
+verifySsl = not server['disableSslVerification']
+ucd_client = UCD_Client_Util.create_ucd_client(server, username, password, verifySsl)
 trial = 0
 request_status = None
 request_response = None

src/main/resources/ucd/HttpRequest.py

@@ -0,0 +1,190 @@
+import urllib
+
+from xlrelease import HttpResponse
+
+from java.lang import String
+
+from org.apache.commons.codec.binary import Base64
+from org.apache.http import HttpHost
+from org.apache.http.client.config import RequestConfig
+from org.apache.http.util import EntityUtils
+from org.apache.http.client.methods import HttpGet, HttpPost, HttpPut, HttpDelete
+from org.apache.http.entity import StringEntity
+from org.apache.http.impl.client import HttpClients
+from org.apache.http.conn.ssl import SSLContextBuilder, SSLConnectionSocketFactory, TrustStrategy
+
+class TrustAllStrategy(TrustStrategy):
+    def isTrusted(self, chain, authType):
+        return True
+
+class HttpRequest:
+    def __init__(self, username = None, password = None, verify = True):
+        """
+        Builds an HttpRequest
+
+        :param username: the username for basic authentication
+            (optional, no authentication will be used if empty)
+        :param password: an password
+            (optional)
+        """
+        self.username = username
+        self.password = password
+        self.verify   = verify
+
+    def doRequest(self, **options):
+        """
+        Performs an HTTP Request
+
+        :param options: A keyword arguments object with the following properties :
+            method: the HTTP method : 'GET', 'PUT', 'POST', 'DELETE'
+                (optional: GET will be used if empty)
+            context: the context url
+                (optional: the url on HttpConnection will be used if empty)
+            body: the body of the HTTP request for PUT & POST calls
+                (optional: an empty body will be used if empty)
+            contentType: the content type to use
+                (optional, no content type will be used if empty)
+            headers: a dictionary of headers key/values
+                (optional, no headers will be used if empty)
+        :return: an HttpResponse instance
+        """
+        request = self.buildRequest(
+            options.get('method', 'GET'),
+            options.get('context', ''),
+            options.get('body', ''),
+            options.get('contentType', None),
+            options.get('headers', None))
+
+        return self.executeRequest(request)
+
+
+    def get(self, context, **options):
+        """
+        Performs an Http GET Request
+
+        :param context: the context url
+        :param options: the options keyword argument described in doRequest()
+        :return: an HttpResponse instance
+        """
+        options['method'] = 'GET'
+        options['context'] = context
+        return self.doRequest(**options)
+
+
+    def put(self, context, body, **options):
+        """
+        Performs an Http PUT Request
+
+        :param context: the context url
+        :param body: the body of the HTTP request
+        :param options: the options keyword argument described in doRequest()
+        :return: an HttpResponse instance
+        """
+        options['method'] = 'PUT'
+        options['context'] = context
+        options['body'] = body
+        return self.doRequest(**options)
+
+
+    def post(self, context, body, **options):
+        """
+        Performs an Http POST Request
+
+        :param context: the context url
+        :param body: the body of the HTTP request
+        :param options: the options keyword argument described in doRequest()
+        :return: an HttpResponse instance
+        """
+        options['method'] = 'POST'
+        options['context'] = context
+        options['body'] = body
+        return self.doRequest(**options)
+
+
+    def delete(self, context, **options):
+        """
+        Performs an Http DELETE Request
+
+        :param context: the context url
+        :param options: the options keyword argument described in doRequest()
+        :return: an HttpResponse instance
+        """
+        options['method'] = 'DELETE'
+        options['context'] = context
+        return self.doRequest(**options)
+
+
+    def buildRequest(self, method, context, body, contentType, headers):
+
+        method = method.upper()
+
+        if method == 'GET':
+            request = HttpGet(context)
+        elif method == 'POST':
+            request = HttpPost(context)
+            request.setEntity(StringEntity(body))
+        elif method == 'PUT':
+            request = HttpPut(context)
+            request.setEntity(StringEntity(body))
+        elif method == 'DELETE':
+            request = HttpDelete(context)
+        else:
+            raise Exception('Unsupported method: ' + method)
+
+        request.addHeader('Content-Type', contentType)
+        request.addHeader('Accept', contentType)
+        self.setCredentials(request)
+        self.setHeaders(request, headers)
+
+        return request
+
+
+    def setCredentials(self, request):
+        if self.username:
+            username = self.username
+            password = self.password
+        else:
+            return
+
+        encoding = Base64.encodeBase64String(String(username + ':' + password).getBytes())
+        request.addHeader('Authorization', 'Basic ' + encoding)
+
+
+    def setHeaders(self, request, headers):
+        if headers:
+            for key in headers:
+                request.setHeader(key, headers[key])
+
+
+    def executeRequest(self, request):
+        client = None
+        response = None
+        try:
+            if (self.verify):
+                client = HttpClients.createDefault()
+            else:
+                client = self.createHttpClient()
+
+            response = client.execute(request)
+            status = response.getStatusLine().getStatusCode()
+            entity = response.getEntity()
+            result = EntityUtils.toString(entity, "UTF-8") if entity else None
+            headers = response.getAllHeaders()
+            EntityUtils.consume(entity)
+
+            return HttpResponse.HttpResponse(status, result, headers)
+        finally:
+            if response:
+                response.close()
+            if client:
+                client.close()
+
+    
+    def createHttpClient(self):
+        builder = SSLContextBuilder()
+        builder.loadTrustMaterial(None, TrustAllStrategy())
+      
+        tlsVersions = ["TLSv1", "TLSv1.1", "TLSv1.2"]
+        socketfactory = SSLConnectionSocketFactory(builder.build(), tlsVersions, None, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
+        # print 'DEBUG: Created custom HttpClient to trust all certs\n'
+        return HttpClients.custom().setSSLSocketFactory(socketfactory).build()

src/main/resources/ucd/ListSystemConfiguration.py

@@ -6,8 +6,8 @@
 
 from ucd.UCDClientUtil import UCD_Client_Util
 
-
-ucd_client = UCD_Client_Util.create_ucd_client(server, username, password)
+verifySsl = not server['disableSslVerification']
+ucd_client = UCD_Client_Util.create_ucd_client(server, username, password, verifySsl)
 
 systemConfiguration = ucd_client.list_system_configuration()
 

src/main/resources/ucd/UCDClient.py

@@ -5,15 +5,15 @@
 #
 
 import json
-from xlrelease.HttpRequest import HttpRequest
+from ucd.HttpRequest import HttpRequest
 
 class UCD_Client(object):
-    def __init__(self, http_connection, username=None, password=None):
-        self.http_request = HttpRequest(http_connection, username, password)
+    def __init__(self, http_connection, username=None, password=None, verify = True):
+        self.http_request = HttpRequest(http_connection, username, password, verify)
 
     @staticmethod
-    def create_client(http_connection, username=None, password=None):
-        return UCD_Client(http_connection, username, password)
+    def create_client(http_connection, username=None, password=None, verify = True):
+        return UCD_Client(http_connection, username, password, verify)
 
     def list_system_configuration(self):
         system_configuration_endpoint = "/cli/systemConfiguration"

src/main/resources/ucd/UCDClientUtil.py

@@ -10,6 +10,6 @@
 class UCD_Client_Util(object):
 
     @staticmethod
-    def create_ucd_client(container, username, password):
-        client = UCD_Client.create_client(container, username, password)
-        return client
+    def create_ucd_client(container, username, password, verifySsl):
+        client = UCD_Client.create_client(container, username, password, verifySsl)
+        return client