Skip to content

Commit

Permalink
api: add MinioClient.ignoreCertCheck() method (#572)
Browse files Browse the repository at this point in the history
This patch fixes below
* ignoreCertCheck() enables MinioClient to ignore server certificate
  verification for HTTPS.
* Upgrade OkHttp and Okio libraries to the latest version.
  • Loading branch information
balamurugana authored and harshavardhana committed May 16, 2017
1 parent fee9bc9 commit d268683
Show file tree
Hide file tree
Showing 9 changed files with 92 additions and 39 deletions.
4 changes: 2 additions & 2 deletions api/src/main/java/io/minio/HttpResponse.java
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@

package io.minio;

import com.squareup.okhttp.Response;
import com.squareup.okhttp.ResponseBody;
import okhttp3.Response;
import okhttp3.ResponseBody;


/**
Expand Down
79 changes: 66 additions & 13 deletions api/src/main/java/io/minio/MinioClient.java
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,6 @@

import com.google.common.io.BaseEncoding;
import com.google.common.io.ByteStreams;
import com.squareup.okhttp.HttpUrl;
import com.squareup.okhttp.MediaType;
import com.squareup.okhttp.OkHttpClient;
import com.squareup.okhttp.Request;
import com.squareup.okhttp.RequestBody;
import com.squareup.okhttp.Response;

import io.minio.errors.ErrorResponseException;
import io.minio.errors.InsufficientDataException;
Expand Down Expand Up @@ -64,6 +58,13 @@
import io.minio.org.apache.commons.validator.routines.InetAddressValidator;
import io.minio.policy.PolicyType;
import io.minio.policy.BucketPolicy;

import okhttp3.HttpUrl;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okio.BufferedSink;
import okio.Okio;

Expand Down Expand Up @@ -92,8 +93,11 @@
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
Expand All @@ -103,6 +107,12 @@
import java.util.Scanner;
import java.util.concurrent.TimeUnit;
import java.util.logging.Logger;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
Expand Down Expand Up @@ -703,10 +713,53 @@ private void checkBucketName(String name) throws InvalidBucketNameException {
* @param readTimeout HTTP read timeout in milliseconds.
*/
public void setTimeout(long connectTimeout, long writeTimeout, long readTimeout) {
httpClient.setConnectTimeout(connectTimeout, TimeUnit.MILLISECONDS);
httpClient.setWriteTimeout(writeTimeout, TimeUnit.MILLISECONDS);
httpClient.setReadTimeout(readTimeout, TimeUnit.MILLISECONDS);
this.httpClient = this.httpClient.newBuilder()
.connectTimeout(connectTimeout, TimeUnit.MILLISECONDS)
.writeTimeout(writeTimeout, TimeUnit.MILLISECONDS)
.readTimeout(readTimeout, TimeUnit.MILLISECONDS)
.build();
}


/**
* Ignores check on server certificate for HTTPS connection.
*
* </p><b>Example:</b><br>
* <pre>{@code minioClient.ignoreCertCheck(); }</pre>
*
*/
public void ignoreCertCheck() throws NoSuchAlgorithmException, KeyManagementException {
final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}

@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}

@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[]{};
}
}
};

final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

this.httpClient = this.httpClient.newBuilder()
.sslSocketFactory(sslSocketFactory, (X509TrustManager)trustAllCerts[0])
.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
})
.build();
}


/**
* Creates Request object for given request parameters.
Expand Down Expand Up @@ -938,8 +991,8 @@ private HttpResponse execute(Method method, String region, String bucketName, St

if (this.traceStream != null) {
this.traceStream.println("---------START-HTTP---------");
String encodedPath = request.httpUrl().encodedPath();
String encodedQuery = request.httpUrl().encodedQuery();
String encodedPath = request.url().encodedPath();
String encodedQuery = request.url().encodedQuery();
if (encodedQuery != null) {
encodedPath += "?" + encodedQuery;
}
Expand Down Expand Up @@ -1037,7 +1090,7 @@ private HttpResponse execute(Method method, String region, String bucketName, St
+ "https://github.com/minio/minio-java/issues");
}

errorResponse = new ErrorResponse(ec, bucketName, objectName, request.httpUrl().encodedPath(),
errorResponse = new ErrorResponse(ec, bucketName, objectName, request.url().encodedPath(),
header.xamzRequestId(), header.xamzId2());
}

Expand Down Expand Up @@ -1317,7 +1370,7 @@ public String getObjectUrl(String bucketName, String objectName)
InternalException {
Request request = createRequest(Method.GET, bucketName, objectName, getRegion(bucketName),
null, null, null, null, 0);
HttpUrl url = request.httpUrl();
HttpUrl url = request.url();
return url.toString();
}

Expand Down
10 changes: 5 additions & 5 deletions api/src/main/java/io/minio/Signer.java
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@

import com.google.common.base.Joiner;
import com.google.common.io.BaseEncoding;
import com.squareup.okhttp.Headers;
import com.squareup.okhttp.HttpUrl;
import com.squareup.okhttp.Request;
import okhttp3.Headers;
import okhttp3.HttpUrl;
import okhttp3.Request;


/**
Expand Down Expand Up @@ -163,7 +163,7 @@ private void setCanonicalQueryString() {

private void setCanonicalRequest() throws NoSuchAlgorithmException {
setCanonicalHeaders();
this.url = this.request.httpUrl();
this.url = this.request.url();
setCanonicalQueryString();

// CanonicalRequest =
Expand Down Expand Up @@ -243,7 +243,7 @@ private void setPresignCanonicalRequest(int expires) throws NoSuchAlgorithmExcep
this.canonicalHeaders.put("host", this.request.headers().get("Host"));
this.signedHeaders = "host";

HttpUrl.Builder urlBuilder = this.request.httpUrl().newBuilder();
HttpUrl.Builder urlBuilder = this.request.url().newBuilder();
// order of queryparam addition is important ie has to be sorted.
urlBuilder.addEncodedQueryParameter(S3Escaper.encode("X-Amz-Algorithm"),
S3Escaper.encode("AWS4-HMAC-SHA256"));
Expand Down
6 changes: 3 additions & 3 deletions api/src/main/java/io/minio/errors/ErrorResponseException.java
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@

package io.minio.errors;

import com.squareup.okhttp.Request;
import com.squareup.okhttp.Response;
import okhttp3.Request;
import okhttp3.Response;

import io.minio.messages.ErrorResponse;

Expand Down Expand Up @@ -56,7 +56,7 @@ public String toString() {
+ errorResponse.getString() + "\n"
+ "request={"
+ "method=" + request.method() + ", "
+ "url=" + request.httpUrl() + ", "
+ "url=" + request.url() + ", "
+ "headers=" + request.headers().toString()
.replaceAll("Signature=([0-9a-f]+)", "Signature=*REDACTED*")
.replaceAll("Credential=([^/]+)", "Credential=*REDACTED*")
Expand Down
2 changes: 1 addition & 1 deletion api/src/main/java/io/minio/errors/NoResponseException.java
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

package io.minio.errors;

import com.squareup.okhttp.Request;
import okhttp3.Request;


/**
Expand Down
2 changes: 1 addition & 1 deletion api/src/main/java/io/minio/http/HeaderParser.java
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
import java.util.logging.Level;
import java.util.logging.Logger;

import com.squareup.okhttp.Headers;
import okhttp3.Headers;


/**
Expand Down
4 changes: 2 additions & 2 deletions api/src/test/java/io/minio/MinioClientTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -51,8 +51,8 @@
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.io.BaseEncoding;
import com.squareup.okhttp.mockwebserver.MockResponse;
import com.squareup.okhttp.mockwebserver.MockWebServer;
import okhttp3.mockwebserver.MockResponse;
import okhttp3.mockwebserver.MockWebServer;

import io.minio.errors.InvalidEncryptionMetadataException;
import io.minio.errors.ErrorResponseException;
Expand Down
8 changes: 4 additions & 4 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -46,16 +46,16 @@ subprojects {
dependencies {
compile "com.google.http-client:google-http-client-xml:1.20.0"
compile "com.google.guava:guava:18.0"
compile "com.squareup.okhttp:okhttp:2.7.5"
compile "com.squareup.okio:okio:1.6.0"
compile "com.squareup.okhttp3:okhttp:3.7.0"
compile "com.squareup.okio:okio:1.12.0"
compile "joda-time:joda-time:2.7"
compile "com.fasterxml.jackson.core:jackson-annotations:2.9.0.pr3"
compile "com.fasterxml.jackson.core:jackson-core:2.9.0.pr3"
compile "com.fasterxml.jackson.core:jackson-databind:2.9.0.pr3"
compile 'com.google.code.findbugs:annotations:3.0.1'
compile 'com.google.code.findbugs:jsr305:3.0.1'

testCompile "com.squareup.okhttp:mockwebserver:2.7.2"
testCompile "com.squareup.okhttp3:mockwebserver:3.7.0"
testCompile "junit:junit:4.12"
}

Expand Down Expand Up @@ -242,7 +242,7 @@ project(':examples') {

project(':functional') {
dependencies {
compile project(':api')
compile project(':api')
}

sourceSets {
Expand Down
16 changes: 8 additions & 8 deletions functional/FunctionalTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -29,12 +29,12 @@

import org.joda.time.DateTime;

import com.squareup.okhttp.OkHttpClient;
import com.squareup.okhttp.HttpUrl;
import com.squareup.okhttp.Request;
import com.squareup.okhttp.RequestBody;
import com.squareup.okhttp.MultipartBuilder;
import com.squareup.okhttp.Response;
import okhttp3.OkHttpClient;
import okhttp3.HttpUrl;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.MultipartBody;
import okhttp3.Response;
import com.google.common.io.ByteStreams;

import io.minio.*;
Expand Down Expand Up @@ -1097,8 +1097,8 @@ public static void presignedPostPolicy_test() throws Exception {
policy.setContentRange(1 * MB, 4 * MB);
Map<String, String> formData = client.presignedPostPolicy(policy);

MultipartBuilder multipartBuilder = new MultipartBuilder();
multipartBuilder.type(MultipartBuilder.FORM);
MultipartBody.Builder multipartBuilder = new MultipartBody.Builder();
multipartBuilder.setType(MultipartBody.FORM);
for (Map.Entry<String, String> entry : formData.entrySet()) {
multipartBuilder.addFormDataPart(entry.getKey(), entry.getValue());
}
Expand Down

0 comments on commit d268683

Please sign in to comment.