]> git.argeo.org Git - lgpl/argeo-commons.git/blob - SpnegoHttpClient.java
projects / lgpl / argeo-commons.git / blob


21a32940bfed6294e85c4f6a10b1846f4fcb1665
[lgpl/argeo-commons.git] / SpnegoHttpClient.java
1 package org.argeo.cms.client;
2
3 import java.net.MalformedURLException;
4 import java.net.URL;
5 import java.net.http.HttpClient;
6 import java.net.http.HttpHeaders;
7 import java.net.http.HttpRequest;
8 import java.net.http.HttpResponse;
9 import java.net.http.HttpResponse.BodyHandler;
10 import java.net.http.HttpResponse.BodyHandlers;
11 import java.security.KeyManagementException;
12 import java.security.NoSuchAlgorithmException;
13 import java.security.cert.X509Certificate;
14
15 import javax.net.ssl.SSLContext;
16 import javax.net.ssl.TrustManager;
17 import javax.net.ssl.X509TrustManager;
18 import javax.security.auth.Subject;
19 import javax.security.auth.login.LoginContext;
20
21 import org.argeo.cms.auth.RemoteAuthUtils;
22 import org.argeo.util.http.HttpHeader;
23
24 public class SpnegoHttpClient {
25 public static void main(String[] args) throws MalformedURLException {
26 // String principal = System.getProperty("javax.security.auth.login.name");
27 if (args.length == 0) {
28 System.err.println("usage: java -Djavax.security.auth.login.name=<principal@REALM> "
29 + SpnegoHttpClient.class.getName() + " <url>");
30 System.exit(1);
31 return;
32 }
33 String url = args[0];
34 URL u = new URL(url);
35 String server = u.getHost();
36
37 URL jaasUrl = SpnegoHttpClient.class.getResource("jaas.cfg");
38 System.setProperty("java.security.auth.login.config", jaasUrl.toExternalForm());
39 try {
40 LoginContext lc = new LoginContext("SINGLE_USER");
41 lc.login();
42
43 // int responseCode = Subject.doAs(lc.getSubject(), new PrivilegedExceptionAction<Integer>() {
44 //
45 // public Integer run() throws Exception {
46
47 // InputStream ins = u.openConnection().getInputStream();
48 // BufferedReader reader = new BufferedReader(new InputStreamReader(ins));
49 // String str;
50 // while ((str = reader.readLine()) != null)
51 // System.out.println(str);
52 // return 666;
53
54 HttpClient httpClient = openHttpClient(lc.getSubject());
55 String token = RemoteAuthUtils.getGssToken(lc.getSubject(), "HTTP", server);
56
57 HttpRequest request = HttpRequest.newBuilder().uri(u.toURI()) //
58 .header(HttpHeader.AUTHORIZATION.getName(), HttpHeader.NEGOTIATE + " " + token) //
59 .build();
60 BodyHandler<String> bodyHandler = BodyHandlers.ofString();
61 HttpResponse<String> response = httpClient.send(request, bodyHandler);
62 System.out.println(response.body());
63 int responseCode = response.statusCode();
64 // return response.statusCode();
65 // }
66 // });
67 System.out.println("Reponse code: " + responseCode);
68 } catch (Exception e) {
69 e.printStackTrace();
70 }
71 }
72
73 private static HttpClient openHttpClient(Subject subject) {
74 HttpClient client = HttpClient.newBuilder() //
75 // .sslContext(insecureContext()) //
76 .version(HttpClient.Version.HTTP_1_1) //
77 .build();
78
79 return client;
80 }
81
82 static SSLContext insecureContext() {
83 TrustManager[] noopTrustManager = new TrustManager[] { new X509TrustManager() {
84 public void checkClientTrusted(X509Certificate[] xcs, String string) {
85 }
86
87 public void checkServerTrusted(X509Certificate[] xcs, String string) {
88 }
89
90 public X509Certificate[] getAcceptedIssuers() {
91 return null;
92 }
93 } };
94 try {
95 SSLContext sc = SSLContext.getInstance("ssl");
96 sc.init(null, noopTrustManager, null);
97 return sc;
98 } catch (KeyManagementException | NoSuchAlgorithmException e) {
99 throw new IllegalStateException("Cannot create insecure SSL context ", e);
100 }
101 }
102
103 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi