EDGCOMMON-79. Introduce Ssl configuration utils to be used in dependa…

…nt edge modules that use Net server
folio-org · May 20, 2024 · e815cf2 · e815cf2
1 parent 5251bf4
commit e815cf2
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 43 deletions.
diff --git a/src/main/java/org/folio/edge/core/EdgeVerticleHttp.java b/src/main/java/org/folio/edge/core/EdgeVerticleHttp.java
@@ -1,28 +1,20 @@
 package org.folio.edge.core;
 
-import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEYSTORE_PASSWORD;
-import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEYSTORE_PATH;
-import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEYSTORE_PROVIDER;
-import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEYSTORE_TYPE;
-import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEY_ALIAS;
-import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEY_ALIAS_PASSWORD;
 import static org.folio.edge.core.Constants.SYS_PORT;
 import static org.folio.edge.core.Constants.SYS_RESPONSE_COMPRESSION;
-import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_SSL_ENABLED;
 import static org.folio.edge.core.Constants.TEXT_PLAIN;
 
-import com.amazonaws.util.StringUtils;
 import io.vertx.core.Future;
 import io.vertx.core.http.HttpServerOptions;
 import io.vertx.core.Promise;
 import io.vertx.core.http.HttpHeaders;
 import io.vertx.core.http.HttpServer;
-import io.vertx.core.net.KeyStoreOptions;
 import io.vertx.ext.web.Router;
 import io.vertx.ext.web.RoutingContext;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
+import org.folio.edge.core.utils.SslConfigurationUtil;
 
 /**
  * Verticle for edge module which starts a HTTP service.
@@ -45,7 +37,7 @@ public void start(Promise<Void> promise) {
       serverOptions.setCompressionSupported(isCompressionSupported);
 
       // initialize tls/ssl configuration for web server
-      configureSslIfEnabled(serverOptions);
+      SslConfigurationUtil.configureSslServerOptionsIfEnabled(config(), serverOptions);
 
       final HttpServer server = getVertx().createHttpServer(serverOptions);
 
@@ -65,37 +57,4 @@ protected void handleHealthCheck(RoutingContext ctx) {
       .putHeader(HttpHeaders.CONTENT_TYPE, TEXT_PLAIN)
       .end("\"OK\"");
   }
-
-  private void configureSslIfEnabled(HttpServerOptions serverOptions) {
-    final boolean isSslEnabled = config().getBoolean(SYS_HTTP_SERVER_SSL_ENABLED);
-    if (isSslEnabled) {
-      logger.info("Enabling Vertx Http Server with TLS/SSL configuration...");
-      serverOptions.setSsl(true);
-      String keystoreType = config().getString(SYS_HTTP_SERVER_KEYSTORE_TYPE);
-      if (StringUtils.isNullOrEmpty(keystoreType)) {
-        throw new IllegalStateException("'keystore_type' system param must be specified when ssl_enabled = true");
-      }
-      logger.info("Using {} keystore type for SSL/TLS", keystoreType);
-      String keystoreProvider = config().getString(SYS_HTTP_SERVER_KEYSTORE_PROVIDER);
-      logger.info("Using {} keystore provider for SSL/TLS", keystoreProvider);
-      String keystorePath = config().getString(SYS_HTTP_SERVER_KEYSTORE_PATH);
-      if (StringUtils.isNullOrEmpty(keystorePath)) {
-        throw new IllegalStateException("'keystore_path' system param must be specified when ssl_enabled = true");
-      }
-      String keystorePassword = config().getString(SYS_HTTP_SERVER_KEYSTORE_PASSWORD);
-      if (StringUtils.isNullOrEmpty(keystorePassword)) {
-        throw new IllegalStateException("'keystore_password' system param must be specified when ssl_enabled = true");
-      }
-      String keyAlias = config().getString(SYS_HTTP_SERVER_KEY_ALIAS);
-      String keyAliasPassword = config().getString(SYS_HTTP_SERVER_KEY_ALIAS_PASSWORD);
-
-      serverOptions.setKeyCertOptions(new KeyStoreOptions()
-        .setType(keystoreType)
-        .setProvider(keystoreProvider)
-        .setPath(keystorePath)
-        .setPassword(keystorePassword)
-        .setAlias(keyAlias)
-        .setAliasPassword(keyAliasPassword));
-    }
-  }
 }
diff --git a/src/main/java/org/folio/edge/core/utils/SslConfigurationUtil.java b/src/main/java/org/folio/edge/core/utils/SslConfigurationUtil.java
@@ -0,0 +1,53 @@
+package org.folio.edge.core.utils;
+
+import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEYSTORE_PASSWORD;
+import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEYSTORE_PATH;
+import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEYSTORE_PROVIDER;
+import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEYSTORE_TYPE;
+import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEY_ALIAS;
+import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_KEY_ALIAS_PASSWORD;
+import static org.folio.edge.core.Constants.SYS_HTTP_SERVER_SSL_ENABLED;
+
+import com.amazonaws.util.StringUtils;
+import io.vertx.core.json.JsonObject;
+import io.vertx.core.net.KeyStoreOptions;
+import io.vertx.core.net.NetServerOptions;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
+public class SslConfigurationUtil {
+  private static final Logger logger = LogManager.getLogger(SslConfigurationUtil.class);
+
+  public static void configureSslServerOptionsIfEnabled(JsonObject config, NetServerOptions serverOptions) {
+    final boolean isSslEnabled = config.getBoolean(SYS_HTTP_SERVER_SSL_ENABLED);
+    if (isSslEnabled) {
+      logger.info("Enabling Vertx Http Server with TLS/SSL configuration...");
+      serverOptions.setSsl(true);
+      String keystoreType = config.getString(SYS_HTTP_SERVER_KEYSTORE_TYPE);
+      if (StringUtils.isNullOrEmpty(keystoreType)) {
+        throw new IllegalStateException("'keystore_type' system param must be specified when ssl_enabled = true");
+      }
+      logger.info("Using {} keystore type for SSL/TLS", keystoreType);
+      String keystoreProvider = config.getString(SYS_HTTP_SERVER_KEYSTORE_PROVIDER);
+      logger.info("Using {} keystore provider for SSL/TLS", keystoreProvider);
+      String keystorePath = config.getString(SYS_HTTP_SERVER_KEYSTORE_PATH);
+      if (StringUtils.isNullOrEmpty(keystorePath)) {
+        throw new IllegalStateException("'keystore_path' system param must be specified when ssl_enabled = true");
+      }
+      String keystorePassword = config.getString(SYS_HTTP_SERVER_KEYSTORE_PASSWORD);
+      if (StringUtils.isNullOrEmpty(keystorePassword)) {
+        throw new IllegalStateException("'keystore_password' system param must be specified when ssl_enabled = true");
+      }
+      String keyAlias = config.getString(SYS_HTTP_SERVER_KEY_ALIAS);
+      String keyAliasPassword = config.getString(SYS_HTTP_SERVER_KEY_ALIAS_PASSWORD);
+
+      serverOptions.setKeyCertOptions(new KeyStoreOptions()
+        .setType(keystoreType)
+        .setProvider(keystoreProvider)
+        .setPath(keystorePath)
+        .setPassword(keystorePassword)
+        .setAlias(keyAlias)
+        .setAliasPassword(keyAliasPassword));
+    }
+  }
+}