-
Notifications
You must be signed in to change notification settings - Fork 6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't generate a java client from a secure (SSL) swagger definition #2186
Comments
Please share the entire command that you're using to generate the client. |
I tried various combinations, the difference is just tweaking the options -a and -Dhead: java -jar C:\swagger\swagger-codegen-cli.jar generate -l java -a "Authorization: Basic {xor}KD4sPjsyNjE=" -t C:\mytemplates\jaxrsClient" -i https://abc.com/wp/swagger.json -o C:\out java -jar C:\swagger\swagger-codegen-cli.jar generate -l java -a "Authorization: Basic {xor}KD4sPjsyNjE=" -t C:\mytemplates\jaxrsClient" -i https://abc.com/wp/swagger.json -o C:\out -Dhead=Authorization: Basic {xor}KD4sPjsyNjE=" I set -a because I think that is how RemoteURL and AuthParser works: conn.setRequestProperty(item.getKeyName(), item.getValue()); ie. conn.setRequestProperty("Authorization", "Basic " + encodedValue); |
It's a an SSL issue which means that there's a hostname verifier that returns false and the invokation fails. there's a work around by implementing a hostname verifier that returns true for localhost but it's fare to be a solution. the solution we adopted is to consider that the /swagger.json uri isn't https. |
here's what I used to disable private static void disableSSLVerification() {
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}};
SSLContext sc;
try {
sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HostnameVerifier allHostsValid = (hostname, session) -> true;
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
} catch (KeyManagementException | NoSuchAlgorithmException e) {
logger.error("[SSL] Error by passing hostname verifier", e);
}
} |
@jpuzzler thanks for sharing your solution. |
So we have to manually change the source code to disable the |
@wing328 Yeah, that works, thanks for the link ref! |
@wing328 is there anyway that we can stuff in the |
Please open a new issue so that the community can help you out. |
Sure! |
This doesn't work (anymore?)
Edit: The important difference here being the |
See related, #102 I am using v2.1.5.
I tried to configure -Dheader and -a but can't seem to get this to work.
I always get the message:
Server returned HTTP response code: 401 for URL
when I try to generate a java client.
The text was updated successfully, but these errors were encountered: