in src/main/java/com/aws/sap/sample/lambda/sap/oauth/SAPOAuthHandler.java [105:149]
private String getAccessToken(String scope,String nameid) throws ConfigurationException, NoSuchAlgorithmException, KeyManagementException, AccessTokenException {
logger.log("...Entering getAccessToken method");
String accessToken = null;
LocalSamlTokenFactory localSAMLTokenFactory = (LocalSamlTokenFactory) LocalSamlTokenFactory.getInstance(configProps,logger);
//Ignore SSL errors
logger.log("...Setting ignore SSL errors");
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}};
logger.log("...Allowing Self signed certs");
// Trust all certs - even self signed
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
logger.log("...Trusting the AWS NLB");
// Allow the cert CN be different than the NLB
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
new javax.net.ssl.HostnameVerifier(){
public boolean verify(String hostname,
javax.net.ssl.SSLSession sslSession) {
if (hostname.equals(PropertyHandler.getValue(configProps, PropertyHandler.CFG_AWS_NLB_HOST))) {
return true;
}
return false;
}
});
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
logger.log("...Calling OAuth2SAML2AccessToken(localSAMLTokenFactory)");
OAuth2SAML2AccessToken atf = new OAuth2SAML2AccessToken(localSAMLTokenFactory);
logger.log("...getting the access token");
accessToken = atf.getAccessToken(configProps, scope);
return accessToken;
}