Skip to content

Commit

Permalink
fix(oauth2): Add SSL support
Browse files Browse the repository at this point in the history 
Closes gravitee-io/issues#563
  • Loading branch information
@brasseld @tcompiegne
brasseld authored and tcompiegne committed May 1, 2017
1 parent 737e4d2 commit d3ff40b
Showing 1 changed file with 19 additions and 12 deletions.
31 changes: 19 additions & 12 deletions src/main/java/io/gravitee/resource/oauth2/am/OAuth2AMResource.java
View file
Expand Up @@ -26,7 +26,6 @@
import io.vertx.core.http.HttpClient;
import io.vertx.core.http.HttpClientOptions;
import io.vertx.core.http.HttpClientRequest;
import io.vertx.core.http.HttpMethod;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

Expand Down Expand Up @@ -54,8 +53,24 @@ protected void doStart() throws Exception {
super.doStart();

logger.info("Starting an OAuth2 resource using Gravitee.io Access Management server at {}", configuration().getServerURL());
HttpClientOptions httpClientOptions = new HttpClientOptions();
httpClientOptions.setVerifyHost(false).setTrustAll(true);

URI introspectionUri = URI.create(configuration().getServerURL());

int authorizationServerPort = introspectionUri.getPort() != -1 ? introspectionUri.getPort() :
(HTTPS_SCHEME.equals(introspectionUri.getScheme()) ? 443 : 80);
String authorizationServerHost = introspectionUri.getHost();

HttpClientOptions httpClientOptions = new HttpClientOptions()
.setDefaultPort(authorizationServerPort)
.setDefaultHost(authorizationServerHost);

// Use SSL connection if authorization schema is set to HTTPS
if (HTTPS_SCHEME.equalsIgnoreCase(introspectionUri.getScheme())) {
httpClientOptions
.setSsl(true)
.setVerifyHost(false)
.setTrustAll(true);
}

httpClient = Vertx.vertx().createHttpClient(httpClientOptions);
}
Expand All @@ -72,10 +87,6 @@ protected void doStop() throws Exception {
@Override
public void introspect(String accessToken, Handler<OAuth2Response> responseHandler) {
OAuth2ResourceConfiguration configuration = configuration();
URI introspectionUri = URI.create(configuration.getServerURL());

final int port = introspectionUri.getPort() != -1 ? introspectionUri.getPort() :
(HTTPS_SCHEME.equals(introspectionUri.getScheme()) ? 443 : 80);

String introspectionEndpointURI = configuration.getServerURL() +
'/' +
Expand All @@ -85,11 +96,7 @@ public void introspect(String accessToken, Handler<OAuth2Response> responseHandl

logger.debug("Introspect access token by requesting {} [{}]", introspectionEndpointURI);

HttpClientRequest request = httpClient.request(
HttpMethod.POST,
port,
introspectionUri.getHost(),
introspectionEndpointURI);
HttpClientRequest request = httpClient.post(introspectionEndpointURI);

String authorizationValue = AUTHORIZATION_HEADER_BASIC_SCHEME +
Base64.getEncoder().encodeToString(
Expand Down

0 comments on commit d3ff40b

Please sign in to comment.