in src/main/java/co/elastic/support/rest/RestClient.java [128:231]
public static RestClient getClient(
String host,
int port,
String scheme,
String user,
String password,
String proxyHost,
int proxyPort,
String proxyUser,
String proxyPassword,
String pkiKeystore,
String pkiKeystorePass,
boolean bypassVerify,
Map<String, String> extraHeaders,
int connectionTimeout,
int connectionRequestTimeout,
int socketTimeout) {
try {
HttpClientBuilder clientBuilder = HttpClients.custom();
HttpHost httpHost = new HttpHost(host, port, scheme);
HttpHost httpProxyHost = null;
HttpClientContext context = HttpClientContext.create();
// Create AuthCache instance
AuthCache authCache = new BasicAuthCache();
// Generate BASIC scheme object and add it to the local auth cache
BasicScheme basicAuth = new BasicScheme();
clientBuilder.setDefaultRequestConfig(RequestConfig.custom()
.setCookieSpec(CookieSpecs.STANDARD)
.setConnectTimeout(connectionTimeout)
.setSocketTimeout(socketTimeout)
.setConnectionRequestTimeout(connectionRequestTimeout).build());
// If there's a proxy server, set it now.
if (StringUtils.isNotEmpty(proxyHost)) {
httpProxyHost = new HttpHost(proxyHost, proxyPort);
clientBuilder.setProxy(httpProxyHost);
basicAuth.processChallenge(new BasicHeader(AUTH.PROXY_AUTH, "BASIC realm=default"));
authCache.put(httpProxyHost, basicAuth);
} else {
authCache.put(httpHost, basicAuth);
}
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
// If authentication was supplied
if (StringUtils.isNotEmpty(user) && StringUtils.isEmpty(proxyUser)) {
context.setAuthCache(authCache);
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(user, password));
} else if (StringUtils.isNotEmpty(user) && StringUtils.isNotEmpty(proxyUser)) {
context.setAuthCache(authCache);
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(user, password));
credentialsProvider.setCredentials(
AuthScope.ANY,
new UsernamePasswordCredentials(proxyUser, proxyPassword));
} else if (StringUtils.isNotEmpty(proxyUser)) {
context.setAuthCache(authCache);
credentialsProvider.setCredentials(
AuthScope.ANY,
new UsernamePasswordCredentials(proxyUser, proxyPassword));
}
SSLContextBuilder sslContextBuilder = new SSLContextBuilder();
sslContextBuilder.loadTrustMaterial(new TrustAllStrategy());
if (StringUtils.isNotEmpty(pkiKeystore)) {
// If they are using a PKI auth set it up now
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(new FileInputStream(pkiKeystore), pkiKeystorePass.toCharArray());
sslContextBuilder.loadKeyMaterial(ks, pkiKeystorePass.toCharArray());
}
SSLContext sslCtx = sslContextBuilder.build();
SSLConnectionSocketFactory factory = null;
if (bypassVerify) {
factory = new SSLConnectionSocketFactory(sslCtx, NoopHostnameVerifier.INSTANCE);
} else {
factory = new SSLConnectionSocketFactory(sslCtx);
}
clientBuilder.setSSLSocketFactory(factory);
// We need to create a registry for socket factories
// for both http and https or pooling will not work.
Registry registry = RegistryBuilder.create()
.register("https", factory)
.register("http", PlainConnectionSocketFactory.getSocketFactory()).build();
PoolingHttpClientConnectionManager mgr = new PoolingHttpClientConnectionManager(registry);
mgr.setDefaultMaxPerRoute(defaultMaxPerRoute);
mgr.setMaxTotal(maxTotal);
clientBuilder.setConnectionManager(mgr);
CloseableHttpClient httpClient = clientBuilder.build();
RestClient restClient = new RestClient(httpClient, httpHost, context, extraHeaders);
return restClient;
} catch (Exception e) {
logger.error("Connection setup failed", e);
throw new RuntimeException("Error establishing http connection for: " + host, e);
}
}