CAMEL-11696: Use standard SSL parameters class

components/camel-thrift/src/main/docs/thrift-component.adoc

@@ -28,7 +28,16 @@ thrift://service[?options]
 ### Endpoint Options
 
 // component options: START
-The Thrift component has no options.
+The Thrift component supports 2 options which are listed below.
+
+
+
+[width="100%",cols="2,5,^1,2",options="header"]
+|===
+| Name | Description | Default | Type
+| *useGlobalSslContext Parameters* (security) | Determine if the thrift component is using global SSL context parameters | false | boolean
+| *resolveProperty Placeholders* (advanced) | Whether the component should resolve property placeholders on itself when starting. Only properties which are of String type can use property placeholders. | true | boolean
+|===
 // component options: END
 
 // endpoint options: START
@@ -50,7 +59,7 @@ with the following path and query parameters:
 | *service* | *Required* Fully qualified service name from the thrift descriptor file (package dot service definition name) |  | String
 |===
 
-==== Query Parameters (22 parameters):
+==== Query Parameters (12 parameters):
 
 [width="100%",cols="2,5,^1,2",options="header"]
 |===
@@ -65,18 +74,8 @@ with the following path and query parameters:
 | *exchangePattern* (consumer) | Sets the exchange pattern when the consumer creates an exchange. |  | ExchangePattern
 | *method* (producer) | The Thrift invoked method name |  | String
 | *synchronous* (advanced) | Sets whether synchronous processing should be strictly used or Camel is allowed to use asynchronous processing (if supported). | false | boolean
-| *cipherSuites* (security) | Cipher suites array |  | String[]
-| *keyManagerType* (security) | Key store manager type |  | String
-| *keyStorePassword* (security) | Key store password |  | String
-| *keyStorePath* (security) | Path to the key store file |  | String
-| *keyStoreType* (security) | Key store type | JKS | String
 | *negotiationType* (security) | Security negotiation type | PLAINTEXT | ThriftNegotiationType
-| *requireClientAuth* (security) | Set if client authentication is required | false | boolean
-| *securityProtocol* (security) | Security negotiation protocol | TLS | String
-| *trustManagerType* (security) | Trust store manager type |  | String
-| *trustPassword* (security) | Trust store password |  | String
-| *trustStorePath* (security) | Path to the trust store file |  | String
-| *trustStoreType* (security) | Trust store type | JKS | String
+| *sslParameters* (security) | Configuration parameters for SSL/TLS security negotiation |  | SSLContextParameters
 |===
 // endpoint options: END
 

components/camel-thrift/src/main/java/org/apache/camel/component/thrift/ThriftComponent.java

@@ -20,17 +20,29 @@
 import java.util.Map;
 
 import org.apache.camel.Endpoint;
+import org.apache.camel.SSLContextParametersAware;
 import org.apache.camel.impl.DefaultComponent;
+import org.apache.camel.spi.Metadata;
+import org.apache.camel.util.jsse.SSLContextParameters;
 
 /**
  * Represents the component that manages {@link ThriftEndpoint}.
  */
-public class ThriftComponent extends DefaultComponent {
+public class ThriftComponent extends DefaultComponent implements SSLContextParametersAware {
+
+    @Metadata(label = "security", defaultValue = "false")
+    private boolean useGlobalSslContextParameters;
 
     protected Endpoint createEndpoint(String uri, String remaining, Map<String, Object> parameters) throws Exception {
         ThriftConfiguration config = new ThriftConfiguration();
 
         config = parseConfiguration(config, uri, parameters);
+        SSLContextParameters sslParameters = config.getSslParameters();
+        if (config.getNegotiationType() == ThriftNegotiationType.SSL && sslParameters == null) {
+            sslParameters = retrieveGlobalSslContextParameters();
+            config.setSslParameters(sslParameters);
+        }
+
         setProperties(config, parameters);
 
         Endpoint endpoint = new ThriftEndpoint(uri, this, config);
@@ -46,4 +58,17 @@ protected ThriftConfiguration parseConfiguration(ThriftConfiguration configurati
         configuration.parseURI(new URI(remaining), parameters, this);
         return configuration;
     }
+
+    /**
+     * Determine if the thrift component is using global SSL context parameters
+     */
+    @Override
+    public boolean isUseGlobalSslContextParameters() {
+        return useGlobalSslContextParameters;
+    }
+
+    @Override
+    public void setUseGlobalSslContextParameters(boolean useGlobalSslContextParameters) {
+        this.useGlobalSslContextParameters = useGlobalSslContextParameters;
+    }
 }

components/camel-thrift/src/main/java/org/apache/camel/component/thrift/ThriftConfiguration.java

@@ -23,6 +23,7 @@
 import org.apache.camel.spi.UriParam;
 import org.apache.camel.spi.UriParams;
 import org.apache.camel.spi.UriPath;
+import org.apache.camel.util.jsse.SSLContextParameters;
 
 @UriParams
 public class ThriftConfiguration {
@@ -48,7 +49,7 @@ public class ThriftConfiguration {
     private ThriftNegotiationType negotiationType = ThriftNegotiationType.PLAINTEXT;
 
     @UriParam(label = "security")
-    private ThriftSSLConfiguration sslConfiguration;
+    private SSLContextParameters sslParameters;
 
     @UriParam(defaultValue = "NONE")
     private ThriftCompressionType compressionType = ThriftCompressionType.NONE;
@@ -110,12 +111,12 @@ public void setNegotiationType(ThriftNegotiationType negotiationType) {
     /**
      * Configuration parameters for SSL/TLS security negotiation
      */
-    public ThriftSSLConfiguration getSslConfiguration() {
-        return sslConfiguration;
+    public SSLContextParameters getSslParameters() {
+        return sslParameters;
     }
 
-    public void setSslConfiguration(ThriftSSLConfiguration sslConfiguration) {
-        this.sslConfiguration = sslConfiguration;
+    public void setSslParameters(SSLContextParameters sslParameters) {
+        this.sslParameters = sslParameters;
     }
 
     /**

components/camel-thrift/src/main/java/org/apache/camel/component/thrift/ThriftConsumer.java

@@ -32,6 +32,7 @@
 import org.apache.camel.component.thrift.server.ThriftThreadPoolServer;
 import org.apache.camel.impl.DefaultConsumer;
 import org.apache.camel.util.ObjectHelper;
+import org.apache.camel.util.jsse.SSLContextParameters;
 import org.apache.thrift.TProcessor;
 import org.apache.thrift.server.TServer;
 import org.apache.thrift.transport.TNonblockingServerSocket;
@@ -116,22 +117,26 @@ protected void initializeServer() throws TTransportException {
         }
 
         if (configuration.getNegotiationType() == ThriftNegotiationType.SSL && endpoint.isSynchronous()) {
-            ThriftSSLConfiguration sslConfiguration = configuration.getSslConfiguration();
-            if (sslConfiguration == null) {
-                throw new IllegalArgumentException("SSL Configuration must be initialized if negotiation type is set to " + configuration.getNegotiationType());
+            SSLContextParameters sslParameters = configuration.getSslParameters();
+            if (sslParameters == null) {
+                throw new IllegalArgumentException("SSL parameters must be initialized if negotiation type is set to " + configuration.getNegotiationType());
             }
 
-            ObjectHelper.notNull(sslConfiguration.getSecurityProtocol(), "Security protocol");
-            ObjectHelper.notNull(sslConfiguration.getKeyStorePath(), "Keystore path");
-            ObjectHelper.notNull(sslConfiguration.getKeyStorePassword(), "Keystore password");
-            ObjectHelper.notNull(sslConfiguration.getKeyManagerType(), "Key manager type");
-            ObjectHelper.notNull(sslConfiguration.getKeyStoreType(), "Key store type");
-
-            TSSLTransportFactory.TSSLTransportParameters sslParams = new TSSLTransportFactory.TSSLTransportParameters(sslConfiguration.getSecurityProtocol(),
-                                                                                                                      sslConfiguration.getCipherSuites());
-            sslParams.setKeyStore(sslConfiguration.getKeyStorePath(), sslConfiguration.getKeyStorePassword(), sslConfiguration.getKeyManagerType(),
-                                  sslConfiguration.getKeyStoreType());
-            sslParams.requireClientAuth(sslConfiguration.isRequireClientAuth());
+            ObjectHelper.notNull(sslParameters.getSecureSocketProtocol(), "Security protocol");
+            ObjectHelper.notNull(sslParameters.getKeyManagers().getKeyStore().getResource(), "Keystore path");
+            ObjectHelper.notNull(sslParameters.getKeyManagers().getKeyStore().getPassword(), "Keystore password");
+
+            TSSLTransportFactory.TSSLTransportParameters sslParams;
+            sslParams = new TSSLTransportFactory.TSSLTransportParameters(sslParameters.getSecureSocketProtocol(),
+                                                     sslParameters.getCipherSuites() == null ? null
+                                                     : sslParameters.getCipherSuites().getCipherSuite().stream().toArray(String[]::new));
+
+            if (ObjectHelper.isNotEmpty(sslParameters.getKeyManagers().getKeyStore().getProvider()) && ObjectHelper.isNotEmpty(sslParameters.getKeyManagers().getKeyStore().getType())) {
+                sslParams.setKeyStore(sslParameters.getKeyManagers().getKeyStore().getResource(), sslParameters.getKeyManagers().getKeyStore().getPassword(),
+                                      sslParameters.getKeyManagers().getKeyStore().getProvider(), sslParameters.getKeyManagers().getKeyStore().getType());
+            } else {
+                sslParams.setKeyStore(sslParameters.getKeyManagers().getKeyStore().getResource(), sslParameters.getKeyManagers().getKeyStore().getPassword());
+            }
 
             try {
                 syncServerTransport = TSSLTransportFactory.getServerSocket(configuration.getPort(), configuration.getClientTimeout(), InetAddress.getByName(configuration.getHost()),

components/camel-thrift/src/main/java/org/apache/camel/component/thrift/ThriftProducer.java

@@ -25,6 +25,7 @@
 import org.apache.camel.component.thrift.client.AsyncClientMethodCallback;
 import org.apache.camel.impl.DefaultProducer;
 import org.apache.camel.util.ObjectHelper;
+import org.apache.camel.util.jsse.SSLContextParameters;
 import org.apache.thrift.TException;
 import org.apache.thrift.transport.TNonblockingSocket;
 import org.apache.thrift.transport.TNonblockingTransport;
@@ -158,22 +159,29 @@ protected void initializeAsyncTransport() throws IOException, TTransportExceptio
 
     protected void initializeSslTransport() throws TTransportException {
         if (!ObjectHelper.isEmpty(configuration.getHost()) && !ObjectHelper.isEmpty(configuration.getPort())) {
-            ThriftSSLConfiguration sslConfiguration = configuration.getSslConfiguration();
-            if (sslConfiguration == null) {
-                throw new IllegalArgumentException("SSL Configuration must be initialized if negotiation type is set to " + configuration.getNegotiationType());
+            SSLContextParameters sslParameters = configuration.getSslParameters();
+            if (sslParameters == null) {
+                throw new IllegalArgumentException("SSL parameters must be initialized if negotiation type is set to " + configuration.getNegotiationType());
             }
 
-            ObjectHelper.notNull(sslConfiguration.getSecurityProtocol(), "Security protocol");
-            ObjectHelper.notNull(sslConfiguration.getTrustStorePath(), "Trust store path");
-            ObjectHelper.notNull(sslConfiguration.getTrustPassword(), "Trust store password");
-            ObjectHelper.notNull(sslConfiguration.getTrustManagerType(), "Trust manager type");
-            ObjectHelper.notNull(sslConfiguration.getTrustStoreType(), "Trust store type");
+            ObjectHelper.notNull(sslParameters.getSecureSocketProtocol(), "Security protocol");
+            ObjectHelper.notNull(sslParameters.getTrustManagers().getKeyStore().getResource(), "Trust store path");
+            ObjectHelper.notNull(sslParameters.getTrustManagers().getKeyStore().getPassword(), "Trust store password");
 
             LOG.info("Creating secured transport to the remote Thrift server {}:{}", configuration.getHost(), configuration.getPort());
 
-            TSSLTransportFactory.TSSLTransportParameters sslParams = new TSSLTransportFactory.TSSLTransportParameters(sslConfiguration.getSecurityProtocol(), sslConfiguration.getCipherSuites());
+            TSSLTransportFactory.TSSLTransportParameters sslParams;
+            sslParams = new TSSLTransportFactory.TSSLTransportParameters(sslParameters.getSecureSocketProtocol(),
+                                                                         sslParameters.getCipherSuites() == null ? null
+                                                                         : sslParameters.getCipherSuites().getCipherSuite().stream().toArray(String[]::new));
+
+            if (ObjectHelper.isNotEmpty(sslParameters.getTrustManagers().getProvider()) && ObjectHelper.isNotEmpty(sslParameters.getTrustManagers().getKeyStore().getType())) {
+                sslParams.setTrustStore(sslParameters.getTrustManagers().getKeyStore().getResource(), sslParameters.getTrustManagers().getKeyStore().getPassword(),
+                                        sslParameters.getTrustManagers().getProvider(), sslParameters.getTrustManagers().getKeyStore().getType());
+            } else {
+                sslParams.setTrustStore(sslParameters.getTrustManagers().getKeyStore().getResource(), sslParameters.getTrustManagers().getKeyStore().getPassword());
+            }
 
-            sslParams.setTrustStore(sslConfiguration.getTrustStorePath(), sslConfiguration.getTrustPassword(), sslConfiguration.getTrustManagerType(), sslConfiguration.getTrustStoreType());
             syncTransport = TSSLTransportFactory.getClientSocket(configuration.getHost(), configuration.getPort(), configuration.getClientTimeout(), sslParams);
         } else {
             throw new IllegalArgumentException("No connection properties (host, port) specified");