public static THttpClient getThriftHttpsClient()

in kyuubi-relocated-hive-metastore-client/src/main/java/org/apache/kyuubi/shaded/hive/metastore/utils/SecurityUtils.java [304:334]

• 30 lines of code
• 3 McCabe index (conditional complexity)

  public static THttpClient getThriftHttpsClient(
      String httpsUrl,
      String trustStorePath,
      String trustStorePasswd,
      String trustStoreAlgorithm,
      String trustStoreType,
      HttpClientBuilder underlyingHttpClientBuilder)
      throws TTransportException, IOException, KeyStoreException, NoSuchAlgorithmException,
          CertificateException, KeyManagementException {
    Objects.requireNonNull(underlyingHttpClientBuilder, "httpClientBuilder should not be null");
    if (trustStoreType == null || trustStoreType.isEmpty()) {
      trustStoreType = KeyStore.getDefaultType();
    }
    KeyStore sslTrustStore = KeyStore.getInstance(trustStoreType);
    try (FileInputStream fis = new FileInputStream(trustStorePath)) {
      sslTrustStore.load(fis, trustStorePasswd.toCharArray());
    }

    SSLContext sslContext =
        SSLContexts.custom()
            .setTrustManagerFactoryAlgorithm(trustStoreAlgorithm)
            .loadTrustMaterial(sslTrustStore, null)
            .build();
    SSLConnectionSocketFactory socketFactory =
        new SSLConnectionSocketFactory(sslContext, new DefaultHostnameVerifier(null));
    final Registry<ConnectionSocketFactory> registry =
        RegistryBuilder.<ConnectionSocketFactory>create().register("https", socketFactory).build();
    underlyingHttpClientBuilder.setConnectionManager(
        new BasicHttpClientConnectionManager(registry));
    return new THttpClient(httpsUrl, underlyingHttpClientBuilder.build());
  }