private void buildTrustStore()

in gateway-provider-security-authc-remote/src/main/java/org/apache/knox/gateway/filter/RemoteAuthFilter.java [139:178]

• 37 lines of code
• 14 McCabe index (conditional complexity)

  private void buildTrustStore(FilterConfig filterConfig) throws ServletException {
    String truststorePath = filterConfig.getInitParameter(CONFIG_TRUSTSTORE_PATH);
    String truststorePassword = filterConfig.getInitParameter(CONFIG_TRUSTSTORE_PASSWORD);
    String truststoreType = filterConfig.getInitParameter(CONFIG_TRUSTSTORE_TYPE);
    if (truststoreType == null || truststoreType.isEmpty()) {
      truststoreType = DEFAULT_TRUSTSTORE_TYPE;
    }

    ServletContext context = filterConfig.getServletContext();
    if (context != null) {
      String topologyName = (String) context.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE);
      GatewayServices services = (GatewayServices) context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
      if (services != null) {
        try {
          final AliasService aliasService =  services.getService(ServiceType.ALIAS_SERVICE);
          if (truststorePath != null && !truststorePath.isEmpty()) {
            if (truststorePassword == null || truststorePassword.isEmpty()) {
              // let's check for an alias given the intent to specify a truststore path
              char[] passChars = aliasService.getPasswordFromAliasForCluster(topologyName,
                      CONFIG_TRUSTSTORE_PASSWORD, false);
              if (passChars != null) {
                truststorePassword = new String(passChars);
              }
              if (truststorePassword == null || truststorePassword.isEmpty()) {
                truststorePassword = new String(aliasService.getPasswordFromAliasForGateway(CONFIG_TRUSTSTORE_PASSWORD));
              }
            }
          }
          KeystoreService keystoreService = services.getService(ServiceType.KEYSTORE_SERVICE);
          trustStore = getTrustStore(truststorePath, truststoreType, truststorePassword, keystoreService);
        } catch (AliasServiceException | IOException e) {
          throw new ServletException("Error while initializing RemoteAuthProvider", e);
        }
      }
    }
    if (trustStore == null) {
      // truststore details were explicitly configured but there is no servlet context available for gateway services
      throw new ServletException(TRUSTSTORE_CONFIGURATION_CANNOT_BE_RESOLVED_INTO_A_VALID_TRUSTSTORE);
    }
  }