-- added method to return httClient with TLSv1.2 instance

Sapbasu15 · Sapbasu15 · commit 0a3f6fe673a5 · 2017-11-24T12:19:42.000+05:30
diff --git a/src/main/java/net/authorize/util/HttpClient.java b/src/main/java/net/authorize/util/HttpClient.java
@@ -7,19 +7,28 @@
 import java.io.UnsupportedEncodingException;
 import java.net.URI;
 import java.net.URLDecoder;
+import java.security.KeyStore;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
 
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManagerFactory;
+
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.http.HttpEntity;
 import org.apache.http.HttpHost;
 import org.apache.http.HttpResponse;
+import org.apache.http.client.config.RequestConfig;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.conn.params.ConnRoutePNames;
+import org.apache.http.conn.socket.LayeredConnectionSocketFactory;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
 import org.apache.http.entity.StringEntity;
 import org.apache.http.impl.client.DefaultHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.impl.client.LaxRedirectStrategy;
 import org.apache.http.params.CoreProtocolPNames;
 import org.apache.http.params.HttpConnectionParams;
 import org.apache.http.protocol.HTTP;
@@ -313,4 +322,41 @@ public static void setProxyIfRequested(DefaultHttpClient httpClient) {
 			httpClient.getParams().setParameter( ConnRoutePNames.DEFAULT_PROXY, proxyHttpHost);
 		}
 	}
+	
+	/**
+	 * @return returns an SSL context with TLSv1.2 protocol instance to be used in the call
+	 */
+	private static SSLContext getSSLContext() {
+		try {
+			final SSLContext sc = SSLContext.getInstance("TLSv1.2");
+			final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+			trustManagerFactory.init((KeyStore) null);
+			sc.init(null, trustManagerFactory.getTrustManagers(), new java.security.SecureRandom());
+			return sc;
+		}
+		catch (Exception e) {
+			e.printStackTrace();
+			return null;
+		}
+	}
+
+	/**
+	 * Returns a HTTPClient instance which enforce TLSv1.2 protocol for all the calls 
+	 * @return org.apache.http.client.HttpClient instance 
+	 * @throws Exception
+	 */
+	static org.apache.http.client.HttpClient getHttpsClient() throws Exception {
+		SSLContext sslcontext = getSSLContext();
+		try {
+			LayeredConnectionSocketFactory sslSocketFactory = new org.apache.http.conn.ssl.SSLConnectionSocketFactory(sslcontext, SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER);
+			RequestConfig requestConfig = RequestConfig.custom().setConnectTimeout(httpConnectionTimeout).build();
+			return HttpClients.custom()
+					.setSSLSocketFactory(sslSocketFactory)
+					.setDefaultRequestConfig(requestConfig)
+					.setRedirectStrategy(new LaxRedirectStrategy())
+					.build();
+		} catch (Exception e) {
+			return null;
+		}
+	}
 }
