• Home
• com.oath.microservices
• micro-grizzly
• 1.1.1
• source code
• SSLConfigurationBuilder.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.oath.micro.server.servers.grizzly.SSLConfigurationBuilder Maven / Gradle / Ivy

package com.oath.micro.server.servers.grizzly;

import cyclops.control.Maybe;
import org.glassfish.grizzly.ssl.SSLContextConfigurator;
import org.glassfish.grizzly.ssl.SSLEngineConfigurator;

import com.oath.micro.server.config.SSLProperties;

public class SSLConfigurationBuilder {

	
	public SSLEngineConfigurator build(SSLProperties sslProperties) {
		
		SSLContextConfigurator sslContext = new SSLContextConfigurator();

        sslContext.setKeyStoreFile(sslProperties.getKeyStoreFile()); // contains server keypair
        sslContext.setKeyStorePass(sslProperties.getKeyStorePass());
        
        /**
         * trustStore stores public key or certificates from CA (Certificate Authorities) 
         * which is used to trust remote party or SSL connection. So should be optional
         */
        sslProperties.getTrustStoreFile().ifPresent(file->sslContext.setTrustStoreFile(file)); // contains client certificate
        sslProperties.getTrustStorePass().ifPresent(pass->sslContext.setTrustStorePass(pass));
        
        
        
        sslProperties.getKeyStoreType().ifPresent(type->sslContext.setKeyStoreType(type));
        sslProperties.getKeyStoreProvider().ifPresent(provider->sslContext.setKeyStoreProvider(provider));
		
        
        sslProperties.getTrustStoreType().ifPresent(type->sslContext.setTrustStoreType(type));
        sslProperties.getTrustStoreProvider().ifPresent(provider->sslContext.setTrustStoreProvider(provider));
		
		
		
		
		
        SSLEngineConfigurator sslConf = new SSLEngineConfigurator(sslContext).setClientMode(false);
        sslProperties.getClientAuth().filter(auth-> auth.toLowerCase().equals("want"))
									.ifPresent(auth->sslConf.setWantClientAuth(true));
        sslProperties.getClientAuth().filter(auth-> auth.toLowerCase().equals("need"))
							.ifPresent(auth->sslConf.setNeedClientAuth(true));
        Maybe.fromOptional(sslProperties.getCiphers()).peek(ciphers->sslConf.setEnabledCipherSuites(ciphers.split(",")))
        			.forEach(c-> sslConf.setCipherConfigured(true));
        Maybe.fromOptional(sslProperties.getProtocol()).peek(pr->sslConf.setEnabledProtocols(pr.split(",")))
        						.forEach(p->sslConf.setProtocolConfigured(true));
        
        
        return sslConf;
	}
}