new httpclient

Author: grada84

build.xml

@@ -1,7 +1,7 @@
 <project name="mvn-caller-pai-auth-ws-client" default="build" basedir=".">
 
 	<property name="maven.executable" value="${maven.home}/bin/mvn" />
-	<property name="jarName" value="pai-auth-ws-client-1.2.0.jar" />
+	<property name="jarName" value="pai-auth-ws-client-1.4.0.jar" />
 
 	<target name="build" description="build" depends="copy"> </target>
 

pom.xml

@@ -4,7 +4,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.github.LACNIC</groupId>
 	<artifactId>pai-auth-ws-client</artifactId>
-	<version>1.3.0</version>
+	<version>1.4.0</version>
 	<name>PAI Authentication Client</name>
 	<description>Client for handling authentication requests and managing access
 		to the PAI services.</description>
@@ -32,11 +32,15 @@
 		</dependency>
 
 		<dependency>
-			<groupId>org.apache.httpcomponents</groupId>
-			<artifactId>httpclient</artifactId>
-			<version>4.5.14</version>
+			<groupId>org.apache.httpcomponents.client5</groupId>
+			<artifactId>httpclient5</artifactId>
+			<version>5.4.4</version>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.httpcomponents.core5</groupId>
+			<artifactId>httpcore5</artifactId>
+			<version>5.3.4</version>
 		</dependency>
-
 		<dependency>
 			<groupId>com.fasterxml.jackson.core</groupId>
 			<artifactId>jackson-core</artifactId>
@@ -97,8 +101,14 @@
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-api</artifactId>
-			<version>1.7.36</version> 
+			<version>2.0.16</version>
 		</dependency>
+		
+<!--		<dependency>-->
+<!--			<groupId>org.apache.logging.log4j</groupId>-->
+<!--			<artifactId>log4j-core</artifactId>-->
+<!--			<version>2.24.1</version>-->
+<!--		</dependency>-->
 	</dependencies>
 
 	<build>

src/main/java/net/lacnic/portal/auth/client/MySSLSocketFactory.java

@@ -1,57 +1,24 @@
 package net.lacnic.portal.auth.client;
 
-import java.security.KeyStore;
+import javax.net.ssl.SSLContext;
 
-import org.apache.http.HttpVersion;
-import org.apache.http.client.HttpClient;
-import org.apache.http.client.params.ClientPNames;
-import org.apache.http.conn.ClientConnectionManager;
-import org.apache.http.conn.scheme.PlainSocketFactory;
-import org.apache.http.conn.scheme.Scheme;
-import org.apache.http.conn.scheme.SchemeRegistry;
-import org.apache.http.conn.ssl.SSLSocketFactory;
-import org.apache.http.impl.client.DefaultHttpClient;
-import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
-import org.apache.http.params.BasicHttpParams;
-import org.apache.http.params.CoreConnectionPNames;
-import org.apache.http.params.HttpParams;
-import org.apache.http.params.HttpProtocolParams;
-import org.apache.http.protocol.HTTP;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
+import org.apache.hc.client5.http.impl.classic.HttpClients;
+import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
+import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
+import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
+import org.apache.hc.client5.http.ssl.TrustAllStrategy;
+import org.apache.hc.core5.ssl.SSLContextBuilder;
 
-@SuppressWarnings("deprecation")
 public class PortalHttpClient {
-	private static final Logger logger = LoggerFactory.getLogger(PortalHttpClient.class);
 
-	public static HttpClient getNewHttpClient() {
-		try {
-			KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
-			trustStore.load(null, null);
+	public static CloseableHttpClient createInsecureClient() throws Exception {
+		// Confía en todos los certificados
+		SSLContext sslContext = SSLContextBuilder.create().loadTrustMaterial(null, TrustAllStrategy.INSTANCE).build();
 
-			MySSLSocketFactory sf = new MySSLSocketFactory(trustStore);
-			sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+		// Crea el socket factory ignorando validación del hostname
+		SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1.2", "TLSv1.3" }, null, NoopHostnameVerifier.INSTANCE);
 
-			HttpParams params = new BasicHttpParams();
-			HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
-			HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
-
-			SchemeRegistry registry = new SchemeRegistry();
-			registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
-			registry.register(new Scheme("https", sf, 443));
-
-			ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
-			try (DefaultHttpClient httpClient = new DefaultHttpClient(ccm, params)) {
-				int timeout = 40; // seconds
-				HttpParams httpParams = httpClient.getParams();
-				httpParams.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, timeout * 1000);
-				httpParams.setParameter(CoreConnectionPNames.SO_TIMEOUT, timeout * 1000);
-				httpParams.setParameter(ClientPNames.CONN_MANAGER_TIMEOUT, (long) timeout * 1000);
-				return httpClient;
-			}
-		} catch (Exception e) {
-			logger.error("An error occurred: {}", e.getMessage(), e);
-			return new DefaultHttpClient();
-		}
+		return HttpClients.custom().setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create().setSSLSocketFactory(sslSocketFactory).build()).build();
 	}
-}
+}

src/main/java/net/lacnic/portal/auth/client/PortalHttpClient.java

@@ -9,9 +9,9 @@
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.TimeUnit;
 
-import org.apache.http.HttpResponse;
-import org.apache.http.client.HttpClient;
-import org.apache.http.client.methods.HttpGet;
+import org.apache.hc.client5.http.classic.methods.HttpGet;
+import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
+import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -109,15 +109,14 @@ public static String readUrl(String urlString, String username, String password)
 	}
 
 	private static String readUrl(String urlString, String username, String password, String totp) {
-		try {
-			HttpClient client = PortalHttpClient.getNewHttpClient();
+		try (CloseableHttpClient client = PortalHttpClient.createInsecureClient()) {
 			HttpGet request = new HttpGet(urlString);
 			request.setHeader(PORTAL_APIKEY, getAuthToken());
 			request.setHeader(PORTAL_USUARIO, username);
 			request.setHeader(PORTAL_PASS, password);
 			request.setHeader(PORTAL_TOTP, totp);
 
-			HttpResponse response = client.execute(request);
+			CloseableHttpResponse response = client.execute(request);
 			StringBuilder result = new StringBuilder();
 
 			BufferedReader rd = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
@@ -136,15 +135,14 @@ private static String readUrl(String urlString, String username, String password
 	}
 
 	private static String readUrlToken(String urlString, String token) {
-		try {
+		try (CloseableHttpClient client = PortalHttpClient.createInsecureClient()) {
 			if (!token.startsWith("Bearer")) {
 				token = "Bearer " + token;
 			}
-			HttpClient client = PortalHttpClient.getNewHttpClient();
 			HttpGet request = new HttpGet(urlString);
 			request.setHeader(PORTAL_AUTHORIZATION, token);
 
-			HttpResponse response = client.execute(request);
+			CloseableHttpResponse response = client.execute(request);
 			StringBuilder result = new StringBuilder();
 
 			BufferedReader rd = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));

src/main/java/net/lacnic/portal/auth/client/PortalWSClient.java

@@ -0,0 +1,25 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<jboss-deployment-structure>
+	<ear-subdeployments-isolated>false</ear-subdeployments-isolated>
+	<deployment>
+		<dependencies>
+			<module name="org.apache.httpcomponents5" />
+<!-- 			<module name="org.slf4j" /> -->
+			<!-- <module name="org.jboss.ejb-client" /> -->
+			<!-- <module name="org.apache.velocity" /> -->
+			<!-- <module name="org.joda.time" /> -->
+			<!-- <module name="org.apache.commons.validator" /> -->
+			<!-- <module name="org.apache.poi" /> -->
+			<!-- <module name="org.apache.poi-ooxml" /> -->
+			<!-- <module name="org.bouncycastle" /> -->
+			<!-- <module name="com.itextpdf" /> -->
+			<!-- <module name="com.javadocx" /> -->
+
+			<module name="jakarta.enterprise.api" export="true" />
+			<module name="jakarta.inject.api" export="true" />
+			<module name="jakarta.ejb.api" export="true" />
+			<module name="jakarta.transaction.api" export="true" />
+		</dependencies>
+	</deployment>
+
+</jboss-deployment-structure>