Merge pull request #84 from rchodava/ic/enable-ssl

Honour secure flag to create ssl context, and propagate it.
rchodava · Oct 12, 2016 · ff63844 · ff63844
2 parents 31de105 + 17fce8a
commit ff63844
Show file tree

Hide file tree

Showing 2 changed files with 58 additions and 13 deletions.
diff --git a/core/src/main/java/foundation/stack/datamill/http/Certificate.java b/core/src/main/java/foundation/stack/datamill/http/Certificate.java
@@ -0,0 +1,11 @@
+package foundation.stack.datamill.http;
+
+import java.io.File;
+
+/**
+ * @author Israel Colomer (israelcolomer@gmail.com)
+ */
+public interface Certificate {
+    File getCertificate();
+    File getPrivateKey();
+}
diff --git a/core/src/main/java/foundation/stack/datamill/http/Server.java b/core/src/main/java/foundation/stack/datamill/http/Server.java
@@ -1,5 +1,8 @@
 package foundation.stack.datamill.http;
 
+import foundation.stack.datamill.http.builder.RouteBuilder;
+import foundation.stack.datamill.http.impl.ClientToServerChannelInitializer;
+import foundation.stack.datamill.http.impl.RouteBuilderImpl;
 import io.netty.bootstrap.ServerBootstrap;
 import io.netty.buffer.PooledByteBufAllocator;
 import io.netty.channel.Channel;
@@ -11,15 +14,13 @@
 import io.netty.handler.ssl.SslContext;
 import io.netty.handler.ssl.SslContextBuilder;
 import io.netty.handler.ssl.util.SelfSignedCertificate;
-import foundation.stack.datamill.http.builder.RouteBuilder;
-import foundation.stack.datamill.http.impl.ClientToServerChannelInitializer;
-import foundation.stack.datamill.http.impl.RouteBuilderImpl;
 import io.netty.util.concurrent.DefaultThreadFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import rx.Observable;
 
 import javax.net.ssl.SSLException;
+import java.io.File;
 import java.security.cert.CertificateException;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
@@ -40,6 +41,8 @@ public class Server {
     private final ExecutorService threadPool;
     private final boolean daemon;
 
+    private final static Certificate defaultCertificate = new DefaultCertificate();
+
     public Server(Function<RouteBuilder, Route> routeConstructor) {
         this(routeConstructor, null);
     }
@@ -67,15 +70,15 @@ public Server(
             Executors.defaultThreadFactory());
     }
 
-    public Server listen(String host, int port, boolean secure) {
+    public Server listen(String host, int port, Certificate certificate) {
         SslContext sslContext = null;
-        try {
-            if (secure) {
-                SelfSignedCertificate certificate = new SelfSignedCertificate();
-                sslContext = SslContextBuilder.forServer(certificate.certificate(), certificate.privateKey()).build();
-            }
-        } catch (SSLException | CertificateException e) {
 
+        if (certificate != null) {
+            try {
+                sslContext = createSslContext(certificate);
+            } catch (SSLException e) {
+                logger.error("Could not create sslContext", e);
+            }
         }
 
         Route route = routeConstructor.apply(new RouteBuilderImpl());
@@ -92,7 +95,7 @@ public Server listen(String host, int port, boolean secure) {
                 .option(ChannelOption.SO_KEEPALIVE, true)
                 .option(ChannelOption.CONNECT_TIMEOUT_MILLIS, 15000)
                 .handler(new LoggingHandler())
-                .childHandler(new ClientToServerChannelInitializer(null, threadPool, route, errorResponseConstructor))
+                .childHandler(new ClientToServerChannelInitializer(sslContext, threadPool, route, errorResponseConstructor))
                 .childOption(ChannelOption.TCP_NODELAY, true)
                 .childOption(ChannelOption.ALLOCATOR, PooledByteBufAllocator.DEFAULT);
 
@@ -108,12 +111,16 @@ public Server listen(String host, int port, boolean secure) {
         return this;
     }
 
+    public Server listen(String host, int port, boolean secure) {
+        return secure ? listen(host, port, defaultCertificate) : listen(host, port, null);
+    }
+
     public Server listen(String host, int port) {
-        return listen(host, port, false);
+        return listen(host, port, null);
     }
 
     public Server listen(int port) {
-        return listen("localhost", port);
+        return listen("localhost", port, null);
     }
 
     public Server listen(int port, boolean secure) {
@@ -132,6 +139,33 @@ public void stop() {
         }
     }
 
+    private SslContext createSslContext(Certificate certificate) throws SSLException {
+        return SslContextBuilder.forServer(certificate.getCertificate(), certificate.getPrivateKey()).build();
+    }
+
+    private static class DefaultCertificate implements Certificate {
+
+        private SelfSignedCertificate certificate;
+
+        public DefaultCertificate() {
+            try {
+                certificate = new SelfSignedCertificate();
+            } catch (CertificateException e) {
+                logger.error("Could not create default certificate", e);
+            }
+        }
+
+        @Override
+        public File getCertificate() {
+            return certificate.certificate();
+        }
+
+        @Override
+        public File getPrivateKey() {
+            return certificate.privateKey();
+        }
+    }
+
     private static class DaemonThreadFactory implements ThreadFactory {
         private final ThreadFactory threadFactory;