I am trying to create DI for my api client. So I can access it all over the app without big problems.
I have implemented normal singleton but I would like to change it to hilt.
Problem is, My client class needs a baseURL to be set up dynamicly on startup of application.
private APIClient(String baseURL) {
Retrofit retrofit = new Retrofit.Builder().baseUrl(baseURL)
.client(getUnsafeOkHttpClient().build())
.addConverterFactory(GsonConverterFactory.create())
.build();
sessionApi = retrofit.create(ISessionApi.class);
}
Is there a way to do it? I can't find anything similar.
Whole code:
public class APIClient {
private static APIClient instance = null;
private static String baseURL;
private ISessionApi sessionApi;
private APIClient(String baseURL) {
Retrofit retrofit = new Retrofit.Builder().baseUrl(baseURL)
.client(getUnsafeOkHttpClient().build())
.addConverterFactory(GsonConverterFactory.create())
.build();
sessionApi = retrofit.create(ISessionApi.class);
}
public static synchronized APIClient getInstance() {
if (instance == null) {
instance = new APIClient(baseURL);
}
return instance;
}
public static synchronized APIClient getInstance(String baseURL) {
APIClient.baseURL=baseURL;
if (instance == null) {
instance = new APIClient(baseURL);
}
return instance;
}
public ISessionApi getSessionApi() {
return sessionApi;
}
public static OkHttpClient.Builder getUnsafeOkHttpClient() {
try {
// Create a trust manager that does not validate certificate chains
final TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
#Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
#Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
#Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
}
};
// Install the all-trusting trust manager
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
// Create an ssl socket factory with our all-trusting manager
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
OkHttpClient.Builder builder = new OkHttpClient.Builder();
builder.sslSocketFactory(sslSocketFactory, (X509TrustManager) trustAllCerts[0]);
builder.hostnameVerifier(new HostnameVerifier() {
#Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
return builder;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
I'm trying to get data from api
I did response model,and apiInterface ,ApiClient etc.
It's all good,and there are no code mistakes
,but the problem is that response body is empty.
In this example I decided to know the cause of the problem ,but i didn't know.
Api: http://api.serpstack.com/search?access_key=8cdb389dedab3a1b462de83a67921de2&query=+%22cart%22%20-intitle:%22profiles%22%20-inurl:%22dir/+%22+site:linkedin.com/in/+OR+site:linkedin.com/pub/
// Logcat : I/trace: []
//MainActivity :
public class MainActivity extends AppCompatActivity {
ApiClient apiClient;
#Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
apiClient = new ApiClient().getInstance(MainActivity.this);
Call<Response>call = apiClient.sNewsApi.getResultSearch("8cdb389dedab3a1b462de83a67921de2","+%22cart%22%20-intitle:%22profiles%22%20-inurl:%22dir/+%22+site:linkedin.com/in/+OR+site:linkedin.com/pub/");
call.enqueue(new Callback<Response>(){
#Override
public void onResponse(Call<Response> call, retrofit2.Response<Response> response) {
if(response.isSuccessful()){
Log.i("trace"," "+response.body().getOrganicResults());
}else {
Log.i("trace","Not");
}
}
#Override
public void onFailure(Call<Response> call, Throwable t) {
Log.i("trace","Not"+t.getMessage());
}
});
}
}
// ApiInterface :
public interface ApiInterface {
#GET("search")
Call<Response>getResultSearch(#Query("access_key") String access_key,#Query("query") String query);
}
// ApiClient :
public class ApiClient {
public static final String NEWS_API_URL ="http://api.serpstack.com/";
private static final Object LOCK = new Object();
public static ApiInterface sNewsApi;
public static ApiClient sInstance;
public ApiClient() {
}
public static ApiClient getInstance(Context context) {
if (sInstance == null || sNewsApi == null) {
synchronized (LOCK) {
Cache cache = new Cache(context.getApplicationContext().getCacheDir(), 5 * 1024 * 1024);
Interceptor networkInterceptor = new Interceptor() {
#Override
public Response intercept(Chain chain) throws IOException {
CacheControl cacheControl = new CacheControl.Builder()
.maxAge(1, TimeUnit.HOURS)
.maxStale(3, TimeUnit.DAYS)
.build();
return chain.proceed(chain.request())
.newBuilder()
.header("Cache-Control", cacheControl.toString())
.build();
}
};
// For logging
HttpLoggingInterceptor loggingInterceptor = new HttpLoggingInterceptor().setLevel(HttpLoggingInterceptor.Level.BODY);
// Building OkHttp client
OkHttpClient client = new OkHttpClient.Builder()
/// .cache(cache)
.addNetworkInterceptor(networkInterceptor)
.addInterceptor(loggingInterceptor)
.build();
// Configure GSON
Gson gson = new GsonBuilder().registerTypeAdapter(Date.class, new DateDeserializer()).create();
// Retrofit Builder
Retrofit.Builder builder = new Retrofit.Builder().
baseUrl(NEWS_API_URL).client(client).addConverterFactory(GsonConverterFactory.create(gson));
// Set NewsApi instance
sNewsApi = builder.build().create(ApiInterface.class);
sInstance = new ApiClient();
}
}
return sInstance;
}
}
// Response :
public class Response{
#SerializedName("request")
private Request request;
#SerializedName("pagination")
private Pagination pagination;
#SerializedName("organic_results")
private List<OrganicResultsItem> organicResults;
#SerializedName("search_information")
private SearchInformation searchInformation;
#SerializedName("search_parameters")
private SearchParameters searchParameters;
public Request getRequest(){
return request;
}
public Pagination getPagination(){
return pagination;
}
public List<OrganicResultsItem> getOrganicResults(){
return organicResults;
}
public SearchInformation getSearchInformation(){
return searchInformation;
}
public SearchParameters getSearchParameters(){
return searchParameters;
}
}
It's simple, just add this line:
System.out.println(response.body());
and this will show what you have in the response, make sure to put this inside
if (response.isSuccessful()) {
System.out.println(response.body());
Log.i("trace"," "+response.body().getOrganicResults());
} else {
Log.i("trace","Not");
}
I want to get the HttpResponse code and control the errors for display them to the user.
I have my static retrofit request:
public class NetworkClient {
//KEY: f663e4c56cc039c837109c82c78bbd69
public static Retrofit getRetrofit(){
Retrofit retrofit = new Retrofit.Builder()
.baseUrl("https://api.themoviedb.org/3/")
.addConverterFactory(GsonConverterFactory.create())
.addCallAdapterFactory(RxJava2CallAdapterFactory.create())
// .client(OkHttpClient())
.build();
return retrofit;
}
And observable who takes the request returns me an observable:
public Observer<Response> getObserver(){
Observer<Response> response = new Observer<Response>() {
#Override
public void onSubscribe(Disposable d) {
Log.d("test", "onSubscribe");
}
#Override
public void onNext(Response response) {
Log.d("test", "onNext");
fragmentInterface.showMovies(response);
}
#Override
public void onError(Throwable e) {
Log.d("test", "onError");
e.printStackTrace();
if(e instanceof HttpException){
int errorCode = ((HttpException) e).response().code();
}
}
#Override
public void onComplete() {
Log.d("test", "onComplete");
}
};
return response;
}
I see i can get the error from the onError, but i see i can have a class to get all type errors.
I am using retrofit in android to connect with server.
public class ApiClient {
public static final String BASE_URL = "https://example.com/";
private static Retrofit retrofit = null;
public static Retrofit getClient() {
if (retrofit==null) {
retrofit = new Retrofit.Builder()
.baseUrl(BASE_URL)
.addConverterFactory(GsonConverterFactory.create())
.build();
}
return retrofit;
}
}
This is my dev. server and I want to disable certificate check. How can I implement in this code?
ERROR: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
Use this class to get unsafe Retrofit instance. I have included imports to avoid confusion.
import java.security.cert.CertificateException;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import okhttp3.OkHttpClient;
import retrofit2.Retrofit;
import retrofit2.converter.gson.GsonConverterFactory;
import view.utils.AppConstants;
/**
* Created by Hitesh.Sahu on 11/23/2016.
*/
public class NetworkHandler {
public static Retrofit getRetrofit() {
return new Retrofit.Builder()
.baseUrl(AppConstants.BASE_URL)
.addConverterFactory(GsonConverterFactory.create())
.client(getUnsafeOkHttpClient())
.build();
}
private static OkHttpClient getUnsafeOkHttpClient() {
try {
// Create a trust manager that does not validate certificate chains
final TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
#Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
#Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
#Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
}
};
// Install the all-trusting trust manager
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
// Create an ssl socket factory with our all-trusting manager
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
OkHttpClient.Builder builder = new OkHttpClient.Builder();
builder.sslSocketFactory(sslSocketFactory);
builder.hostnameVerifier(new HostnameVerifier() {
#Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
OkHttpClient okHttpClient = builder.build();
return okHttpClient;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
And then simply use retrofit without ssl check like this
private void postFeedbackOnServer() {
MyApiEndpointInterface apiService =
NetworkHandler.getRetrofit().create(MyApiEndpointInterface.class);
Call<ResponseBE> call = apiService.submitFeedbackToServer(requestObject);
Log.e(TAG , "Request is" + new Gson().toJson(requestObject).toString() );
call.enqueue(new Callback<ResponseBE>() {
#Override
public void onResponse(Call<ResponseBE> call, Response<ResponseBE> response) {
int statusCode = response.code();
if (statusCode == HttpURLConnection.HTTP_OK) {
......
} else {
Toast.makeText(FeedbackActivity.this, "Failed to submit Data" + statusCode, Toast.LENGTH_SHORT).show();
}
}
#Override
public void onFailure(Call<ResponseBE> call, Throwable t) {
// Log error here since request failed
Toast.makeText(FeedbackActivity.this, "Failure" + t.getLocalizedMessage(), Toast.LENGTH_SHORT).show();
}
});
}
The syntax has changed a little since Hitesh Sahu's answer was posted. Now you can use lambdas for some of the methods, remove some throw clauses and chain builder method invocations.
private static OkHttpClient createOkHttpClient() {
try {
final TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
#Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {}
#Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {}
#Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
}
};
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
return new OkHttpClient.Builder()
.sslSocketFactory(sslContext.getSocketFactory())
.hostnameVerifier((hostname, session) -> true)
.build();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
In my case I solved like this with kotlin:
object Instance {
private const val BASE_URL: String = "https://base_url/"
val service: Service by lazy {
Retrofit
.Builder()
.baseUrl(BASE_URL)
.client(getUnsafeOkHttpClient())
.build().create(Service::class.java)
}
private fun getUnsafeOkHttpClient(): OkHttpClient? {
return try {
// Create a trust manager that does not validate certificate chains
val trustAllCerts = arrayOf<TrustManager>(
object : X509TrustManager {
#Throws(CertificateException::class)
override fun checkClientTrusted(
chain: Array<X509Certificate?>?,
authType: String?
) {
}
#Throws(CertificateException::class)
override fun checkServerTrusted(
chain: Array<X509Certificate?>?,
authType: String?
) {
}
override fun getAcceptedIssuers(): Array<X509Certificate?>? {
return arrayOf()
}
}
)
// Install the all-trusting trust manager
val sslContext = SSLContext.getInstance("SSL")
sslContext.init(null, trustAllCerts, SecureRandom())
// Create an ssl socket factory with our all-trusting manager
val sslSocketFactory = sslContext.socketFactory
val trustManagerFactory: TrustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
trustManagerFactory.init(null as KeyStore?)
val trustManagers: Array<TrustManager> =
trustManagerFactory.trustManagers
check(!(trustManagers.size != 1 || trustManagers[0] !is X509TrustManager)) {
"Unexpected default trust managers:" + trustManagers.contentToString()
}
val trustManager =
trustManagers[0] as X509TrustManager
val builder = OkHttpClient.Builder()
builder.sslSocketFactory(sslSocketFactory, trustManager)
builder.hostnameVerifier(HostnameVerifier { _, _ -> true })
builder.build()
} catch (e: Exception) {
throw RuntimeException(e)
}
}
}
IMO, you can read Google's documentation - Security with HTTPS and SSL.
About sample code to use Retrofit with your self-signed certificate, please try the following, hope it helps!
...
#Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
try{
OkHttpClient client = new OkHttpClient.Builder()
.sslSocketFactory(getSSLSocketFactory())
.hostnameVerifier(getHostnameVerifier())
.build();
Retrofit retrofit = new Retrofit.Builder()
.baseUrl(API_URL_BASE)
.addConverterFactory(GsonConverterFactory.create())
.client(client)
.build();
WebAPIService service = retrofit.create(WebAPIService.class);
Call<JsonObject> jsonObjectCall = service.getData(...);
...
} catch (Exception e) {
e.printStackTrace();
}
}
// for SSL...
// Read more at https://developer.android.com/training/articles/security-ssl.html#CommonHostnameProbs
private HostnameVerifier getHostnameVerifier() {
return new HostnameVerifier() {
#Override
public boolean verify(String hostname, SSLSession session) {
return true; // verify always returns true, which could cause insecure network traffic due to trusting TLS/SSL server certificates for wrong hostnames
//HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
//return hv.verify("localhost", session);
}
};
}
private TrustManager[] getWrappedTrustManagers(TrustManager[] trustManagers) {
final X509TrustManager originalTrustManager = (X509TrustManager) trustManagers[0];
return new TrustManager[]{
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return originalTrustManager.getAcceptedIssuers();
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
try {
if (certs != null && certs.length > 0){
certs[0].checkValidity();
} else {
originalTrustManager.checkClientTrusted(certs, authType);
}
} catch (CertificateException e) {
Log.w("checkClientTrusted", e.toString());
}
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
try {
if (certs != null && certs.length > 0){
certs[0].checkValidity();
} else {
originalTrustManager.checkServerTrusted(certs, authType);
}
} catch (CertificateException e) {
Log.w("checkServerTrusted", e.toString());
}
}
}
};
}
private SSLSocketFactory getSSLSocketFactory()
throws CertificateException, KeyStoreException, IOException,
NoSuchAlgorithmException, KeyManagementException {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream caInput = getResources().openRawResource(R.raw.your_cert); // File path: app\src\main\res\raw\your_cert.cer
Certificate ca = cf.generateCertificate(caInput);
caInput.close();
KeyStore keyStore = KeyStore.getInstance("BKS");
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers());
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, wrappedTrustManagers, null);
return sslContext.getSocketFactory();
}
...
I tried #whirlwin's solution on this page but that didn't work with java 9+. Some small changes resulted in this:
private static OkHttpClient createTrustingOkHttpClient() {
try {
X509TrustManager x509TrustManager = new X509TrustManager() {
#Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {}
#Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {}
#Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
};
final TrustManager[] trustAllCerts = new TrustManager[] {
x509TrustManager
};
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
return new OkHttpClient.Builder()
.sslSocketFactory(sslContext.getSocketFactory(), x509TrustManager)
.hostnameVerifier((hostname, session) -> true)
.build();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
And this worked for me as you can imagine. Happy days! Still, be careful when using this.
Adding code for doing same in Kotlin based on #Hitesh Sahu's answer :
fun getRetrofirApiService(currentBaseURL: String): YourAPIService{
val TIMEOUT = 2L
val logging = HttpLoggingInterceptor()
logging.setLevel(HttpLoggingInterceptor.Level.BODY)
val retrofit = Retrofit.Builder()
.baseUrl(currentBaseURL)
.addCallAdapterFactory(RxJava2CallAdapterFactory.create())
.addConverterFactory(NullOnEmptyConverterFactory())
.addConverterFactory(GsonConverterFactory.create())
.client(createOkHttpClient())
.build()
return retrofit.create(APIService::class.java)
}
Now create Http client for same as shown below :
private fun createOkHttpClient(): OkHttpClient {
return try {
val trustAllCerts: Array<TrustManager> = arrayOf(MyManager())
val sslContext = SSLContext.getInstance("SSL")
sslContext.init(null, trustAllCerts, SecureRandom())
val logging = HttpLoggingInterceptor()
logging.level = HttpLoggingInterceptor.Level.BODY
OkHttpClient.Builder()
.sslSocketFactory(sslContext.getSocketFactory())
.addInterceptor(logging)
.hostnameVerifier { hostname: String?, session: SSLSession? -> true }
.build()
} catch (e: Exception) {
throw RuntimeException(e)
}
}
MyManager class is as shown below :
class MyManager : X509TrustManager {
override fun checkServerTrusted(
p0: Array<out java.security.cert.X509Certificate>?,
p1: String?
) {
//allow all
}
override fun checkClientTrusted(
p0: Array<out java.security.cert.X509Certificate>?,
p1: String?
) {
//allow all
}
override fun getAcceptedIssuers(): Array<java.security.cert.X509Certificate> {
return arrayOf()
}
}
Imports for same are as shown below :
import okhttp3.MediaType
import okhttp3.OkHttpClient
import okhttp3.RequestBody
import okhttp3.logging.HttpLoggingInterceptor
import retrofit2.Retrofit
import retrofit2.adapter.rxjava2.Result
import retrofit2.adapter.rxjava2.RxJava2CallAdapterFactory
import retrofit2.converter.gson.GsonConverterFactory
import java.security.SecureRandom
import java.util.concurrent.TimeUnit
import javax.net.ssl.SSLContext
import javax.net.ssl.SSLSession
import javax.net.ssl.TrustManager
import javax.net.ssl.X509TrustManager
Implementation of such workaround in code, even for testing purposes is a bad practice.
You can:
Generate your CA.
Sign your certificate with CA.
Add your CA as trusted.
Some links that may be useful:
https://jamielinux.com/docs/openssl-certificate-authority/create-the-root-pair.html
http://wiki.cacert.org/FAQ/ImportRootCert
Camel http component does not close connections properly?
Having below route I have observed that connections are being created on the server, but not terminated.
After a while this is causing a problem
java.io.IOException: Too many open files
route:
from("seda:testSeda?concurrentConsumers=20")
.setHeader("Connection", constant("Close"))
.to("http://testServer/testFile.xml?authMethod=Basic&throwExceptionOnFailure=false&authUsername=user&authPassword=password")
.to("file://abc")
.end();
connections are in Close_Wait state any ideas?
I am using camel-http lib in version 2.14
You can override default HttpClient used by Apache Camel and define a custom Keep Alive Strategy.
https://howtodoinjava.com/spring-boot2/resttemplate/resttemplate-httpclient-java-config/
The code bellow resolved my issue in production:
#Configuration
public class AppConfiguration {
#Autowired
private PoolingHttpClientConnectionManager poolingConnectionManager;
#Autowired
private ConnectionKeepAliveStrategy connectionKeepAliveStrategy;
#Autowired
private SSLConnectionSocketFactory sslContext;
#Bean
CamelContextConfiguration contextConfiguration() {
return new CamelContextConfiguration() {
#Override
public void beforeApplicationStart(CamelContext context) {
HttpComponent httpComponent = context.getComponent("https4", HttpComponent.class);
httpComponent.setHttpClientConfigurer(new HttpClientConfigurer() {
#Override
public void configureHttpClient(HttpClientBuilder builder) {
builder.setSSLSocketFactory(sslContext);
RegistryBuilder.<ConnectionSocketFactory>create().register("https", sslContext).build();
builder.setConnectionManager(poolingConnectionManager);
builder.setKeepAliveStrategy(connectionKeepAliveStrategy);
}
});
}
#Override
public void afterApplicationStart(CamelContext arg0) {
}
};
}
}
#Configuration
public class HttpClientConfig {
private static final int DEFAULT_KEEP_ALIVE_TIME_MILLIS = 20 * 1000;
private static final int CLOSE_IDLE_CONNECTION_WAIT_TIME_SECS = 30;
#Value("${pathCertificado}")
private String pathCertificado;
private Logger logger = LoggerFactory.getLogger(HttpClientConfig.class);
#Bean
public PoolingHttpClientConnectionManager poolingConnectionManager() {
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager();
connectionManager.setMaxTotal(200);
connectionManager.setDefaultMaxPerRoute(20);
return connectionManager;
}
#Bean
public CloseableHttpClient httpClient() {
RequestConfig config = RequestConfig.custom().setConnectionRequestTimeout(5000).setConnectTimeout(5000)
.setSocketTimeout(15000).build();
return HttpClientBuilder.create().setSSLSocketFactory(this.getSSLContext())
.setConnectionManager(this.poolingConnectionManager()).setDefaultRequestConfig(config)
.setKeepAliveStrategy(this.connectionKeepAliveStrategy()).build();
}
#Bean
public ConnectionKeepAliveStrategy connectionKeepAliveStrategy() {
return new ConnectionKeepAliveStrategy() {
#Override
public long getKeepAliveDuration(HttpResponse response, HttpContext context) {
HeaderElementIterator it = new BasicHeaderElementIterator(
response.headerIterator(HTTP.CONN_KEEP_ALIVE));
while (it.hasNext()) {
HeaderElement he = it.nextElement();
String param = he.getName();
String value = he.getValue();
if (value != null && param.equalsIgnoreCase("timeout")) {
return Long.parseLong(value) * 1000;
}
}
return DEFAULT_KEEP_ALIVE_TIME_MILLIS;
}
};
}
#Bean
public Runnable idleConnectionMonitor(final PoolingHttpClientConnectionManager connectionManager) {
return new Runnable() {
#Override
#Scheduled(fixedDelay = 10000)
public void run() {
if (connectionManager != null) {
connectionManager.closeExpiredConnections();
connectionManager.closeIdleConnections(CLOSE_IDLE_CONNECTION_WAIT_TIME_SECS, TimeUnit.SECONDS);
}
}
};
}
#Bean
public SSLConnectionSocketFactory getSSLContext() {
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
try (FileInputStream jksFile = new FileInputStream(this.pathCertificado)) {
keyStore.load(jksFile, "xxxxxx".toCharArray());
}
TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(keyStore, acceptingTrustStrategy).build();
return new SSLConnectionSocketFactory(sslContext);
} catch (Exception e) {
logger.error("Keystore load failed: " + this.pathCertificado, e);
return null;
}
}
}