- remove OkHttpClient HTTPS support

2022-07-13 16:12:10 -04:00 · 2022-07-13 16:12:10 -04:00 · 893ac96882
parent e637df72fc
commit 893ac96882
4 changed files with 24 additions and 33 deletions
--- a/hapi-fhir-android/pom.xml
+++ b/hapi-fhir-android/pom.xml
@ -45,6 +45,16 @@
 			<groupId>ca.uhn.hapi.fhir</groupId>
 			<artifactId>hapi-fhir-client</artifactId>
 			<version>${project.version}</version>
+			<exclusions>
+				<exclusion>
+					<groupId>org.apache.httpcomponents</groupId>
+					<artifactId>httpcore</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.apache.httpcomponents</groupId>
+					<artifactId>httpclient</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 		<dependency>
 			<groupId>ca.uhn.hapi.fhir</groupId>
--- a/hapi-fhir-base/src/main/java/ca/uhn/fhir/i18n/Msg.java
+++ b/hapi-fhir-base/src/main/java/ca/uhn/fhir/i18n/Msg.java
@ -25,7 +25,7 @@ public final class Msg {

 	/**
 	 * IMPORTANT: Please update the following comment after you add a new code
-	 * Last code value: 2117
+	 * Last code value: 2118
 	 */

 	private Msg() {}
--- a/hapi-fhir-client-okhttp/src/main/java/ca/uhn/fhir/okhttp/client/OkHttpRestfulClientFactory.java
+++ b/hapi-fhir-client-okhttp/src/main/java/ca/uhn/fhir/okhttp/client/OkHttpRestfulClientFactory.java
@ -21,20 +21,15 @@ package ca.uhn.fhir.okhttp.client;
 */

 import ca.uhn.fhir.context.FhirContext;
+import ca.uhn.fhir.i18n.Msg;
 import ca.uhn.fhir.rest.api.RequestTypeEnum;
 import ca.uhn.fhir.rest.client.api.Header;
 import ca.uhn.fhir.rest.client.api.IHttpClient;
 import ca.uhn.fhir.rest.client.impl.RestfulClientFactory;
-import ca.uhn.fhir.rest.client.tls.TlsAuthenticationSvc;
 import ca.uhn.fhir.tls.TlsAuthentication;
-import ca.uhn.fhir.tls.TrustStoreInfo;
 import okhttp3.Call;
 import okhttp3.OkHttpClient;

-import javax.net.ssl.HostnameVerifier;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLSocketFactory;
-import javax.net.ssl.X509TrustManager;
 import java.net.InetSocketAddress;
 import java.net.Proxy;
 import java.util.List;
@ -79,23 +74,17 @@ public class OkHttpRestfulClientFactory extends RestfulClientFactory {
 	}

 	public synchronized Call.Factory getNativeClient(Optional<TlsAuthentication> theTlsAuthentication) {
+		if(theTlsAuthentication.isPresent()){
+			throw new UnsupportedOperationException(Msg.code(2118)+"HTTPS not supported for OkHttpCLient");
+		}
+
 		if (myNativeClient == null) {
-			OkHttpClient.Builder clientBuilder = new OkHttpClient.Builder()
+			myNativeClient = new OkHttpClient()
+				.newBuilder()
 				.connectTimeout(getConnectTimeout(), TimeUnit.MILLISECONDS)
 				.readTimeout(getSocketTimeout(), TimeUnit.MILLISECONDS)
-				.writeTimeout(getSocketTimeout(), TimeUnit.MILLISECONDS);
-
-			Optional<SSLContext> optionalSslContext = TlsAuthenticationSvc.createSslContext(theTlsAuthentication);
-			if (optionalSslContext.isPresent()) {
-				SSLContext sslContext = optionalSslContext.get();
-				SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
-				Optional<TrustStoreInfo> trustStoreInfo = theTlsAuthentication.get().getTrustStoreInfo();
-				X509TrustManager trustManager = TlsAuthenticationSvc.createTrustManager(trustStoreInfo);
-				clientBuilder.sslSocketFactory(sslSocketFactory, trustManager);
-				HostnameVerifier hostnameVerifier = TlsAuthenticationSvc.createHostnameVerifier(trustStoreInfo);
-				clientBuilder.hostnameVerifier(hostnameVerifier);
-			}
-			myNativeClient = (Call.Factory) clientBuilder.build();
+				.writeTimeout(getSocketTimeout(), TimeUnit.MILLISECONDS)
+				.build();
 		}

 		return myNativeClient;
--- a/hapi-fhir-client-okhttp/src/test/java/ca/uhn/fhir/okhttp/OkHttpRestfulClientFactoryTest.java
+++ b/hapi-fhir-client-okhttp/src/test/java/ca/uhn/fhir/okhttp/OkHttpRestfulClientFactoryTest.java
@ -1,6 +1,7 @@
 package ca.uhn.fhir.okhttp;

 import ca.uhn.fhir.context.FhirVersionEnum;
+import ca.uhn.fhir.i18n.Msg;
 import ca.uhn.fhir.okhttp.client.OkHttpRestfulClientFactory;
 import ca.uhn.fhir.test.BaseFhirVersionParameterizedTest;
 import okhttp3.Call;
@ -94,19 +95,10 @@ public class OkHttpRestfulClientFactoryTest extends BaseFhirVersionParameterized
 	public void testNativeClientHttps(FhirVersionEnum theFhirVersion) {
 		FhirVersionParams fhirVersionParams = getFhirVersionParams(theFhirVersion);
 		OkHttpRestfulClientFactory clientFactory = new OkHttpRestfulClientFactory(fhirVersionParams.getFhirContext());
-		OkHttpClient authenticatedClient = (OkHttpClient) clientFactory.getNativeClient(getTlsAuthentication());
-
-		assertDoesNotThrow(() -> {
-			Request request = new Request.Builder()
-				.url(fhirVersionParams.getSecuredPatientEndpoint())
-				.build();
-
-			Response response = authenticatedClient.newCall(request).execute();
-			assertEquals(200, response.code());
-			String json = response.body().string();
-			IBaseResource bundle = fhirVersionParams.getFhirContext().newJsonParser().parseResource(json);
-			assertEquals(fhirVersionParams.getFhirVersion(), bundle.getStructureFhirVersionEnum());
+		Exception exceptionThrown = assertThrows(UnsupportedOperationException.class, () -> {
+			clientFactory.getNativeClient(getTlsAuthentication());
 		});
+		assertEquals(Msg.code(2118)+"HTTPS not supported for OkHttpCLient", exceptionThrown.getMessage());
 	}

 	@ParameterizedTest