Pay no attention to the man behind the curtain (#388)

* added back in help file, and removed network logging * avoid checking ssl certs for build server * fixing help file loading from cli jar
2020-11-28 09:47:19 -05:00 · 2020-11-28 09:47:19 -05:00 · 9913168321
parent 3e7bd73109
commit 9913168321
7 changed files with 65 additions and 19 deletions
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@ -0,0 +1,3 @@
+* Removed logs from network calls
+* Added back in help file display
+* Avoiding checking ssl certs for build server, this needs to be fixed and should not be left in long term
--- a/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/utils/client/network/FhirRequestBuilder.java
+++ b/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/utils/client/network/FhirRequestBuilder.java
@ -319,9 +319,10 @@ public class FhirRequestBuilder {
      } catch (Exception e) {
        System.out.println("Error parsing response body passed in to logger ->\n" + e.getLocalizedMessage());
      }
-    } else {
-      System.out.println("Call to log HTTP response with null ToolingClientLogger set... are you forgetting to " +
-        "initialize your logger?");
-    }
+    }
+//    else { // TODO fix logs
+//      System.out.println("Call to log HTTP response with null ToolingClientLogger set... are you forgetting to " +
+//        "initialize your logger?");
+//    }
  }
 }
--- a/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/utils/client/network/RetryInterceptor.java
+++ b/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/utils/client/network/RetryInterceptor.java
@ -39,7 +39,7 @@ public class RetryInterceptor implements Interceptor {
            + "> from url -> " + chain.request().url() + ".");
          response.close();
        }
-        System.out.println(chain.request().method() + " attempt <" + (retryCounter + 1) + "> to url -> " + chain.request().url());
+        // System.out.println(chain.request().method() + " attempt <" + (retryCounter + 1) + "> to url -> " + chain.request().url());
        response = chain.proceed(request);
      } catch (IOException e) {
        try {
--- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/npm/FilesystemPackageCacheManager.java
+++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/npm/FilesystemPackageCacheManager.java
@ -46,6 +46,7 @@ import org.hl7.fhir.utilities.npm.NpmPackage.NpmPackageFolder;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import javax.net.ssl.*;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
@ -57,6 +58,7 @@ import java.net.URL;
 import java.net.URLConnection;
 import java.nio.channels.FileChannel;
 import java.nio.channels.FileLock;
+import java.security.cert.X509Certificate;
 import java.sql.Timestamp;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
@ -630,7 +632,9 @@ public class FilesystemPackageCacheManager extends BasePackageCacheManager imple

  private void loadFromBuildServer() throws IOException {
    URL url = new URL("https://build.fhir.org/ig/qas.json?nocache=" + System.currentTimeMillis());
-    HttpURLConnection connection = (HttpURLConnection) url.openConnection();
+    SSLCertTruster.trustAllHosts();
+    HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
+    connection.setHostnameVerifier(SSLCertTruster.DO_NOT_VERIFY);
    connection.setRequestMethod("GET");
    InputStream json = connection.getInputStream();
    buildInfo = (JsonArray) new com.google.gson.JsonParser().parse(TextFile.streamToString(json));
@ -655,16 +659,6 @@ public class FilesystemPackageCacheManager extends BasePackageCacheManager imple
    buildLoaded = true; // whether it succeeds or not
  }

-  //  private String buildPath(String url) {
-//    for (JsonElement e : buildInfo) {
-//      JsonObject j = (JsonObject) e;
-//      if (j.has("url") && (url.equals(j.get("url").getAsString()) || j.get("url").getAsString().startsWith(url+"/ImplementationGuide"))) {
-//        return "https://build.fhir.org/ig/"+j.get("repo").getAsString();
-//      }
-//    }
-//    return null;
-//  }
-//
  private String getRepo(String path) {
    String[] p = path.split("\\/");
    return p[0] + "/" + p[1];
--- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/npm/SSLCertTruster.java
+++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/npm/SSLCertTruster.java
@ -0,0 +1,48 @@
+package org.hl7.fhir.utilities.npm;
+
+import javax.net.ssl.*;
+import java.security.cert.X509Certificate;
+
+/**
+ * This is a _temporary_ fix to get around the fact that the build server's SSL certs have expired and people cannot
+ * publish IGs or run tests that rely on that box. The intention is to overhaul much of the current networking code
+ * to a more central, unified, HttpClient module.
+ * <p>
+ * If this is still in the code in 2021, contact markiantorno on github and yell at him.
+ */
+public class SSLCertTruster {
+
+  // always verify the host - dont check for certificate
+  final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
+    public boolean verify(String hostname, SSLSession session) {
+      return true;
+    }
+  };
+
+  /**
+   * Trust every server - don't check for any certificate
+   */
+  public static void trustAllHosts() {
+    // Create a trust manager that does not validate certificate chains
+    TrustManager[] trustAllCerts = new TrustManager[]{ new X509TrustManager() {
+      @Override
+      public void checkClientTrusted(X509Certificate[] x509Certificates, String s) {}
+
+      @Override
+      public void checkServerTrusted(X509Certificate[] x509Certificates, String s) {}
+
+      public X509Certificate[] getAcceptedIssuers() {
+        return new X509Certificate[]{};
+      }
+    }};
+
+    // Install the all-trusting trust manager
+    try {
+      SSLContext sc = SSLContext.getInstance("TLS");
+      sc.init(null, trustAllCerts, new java.security.SecureRandom());
+      HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+    } catch (Exception e) {
+      e.printStackTrace();
+    }
+  }
+}
--- a/org.hl7.fhir.validation/src/main/java/org/hl7/fhir/validation/cli/utils/Display.java
+++ b/org.hl7.fhir.validation/src/main/java/org/hl7/fhir/validation/cli/utils/Display.java
@ -1,11 +1,13 @@
 package org.hl7.fhir.validation.cli.utils;

 import org.apache.commons.io.FileUtils;
+import org.apache.commons.io.IOUtils;
 import org.hl7.fhir.utilities.npm.FilesystemPackageCacheManager;
 import org.hl7.fhir.utilities.npm.ToolsVersion;

 import java.io.File;
 import java.io.IOException;
+import java.io.InputStream;

 /**
 * Class for displaying output to the cli user.
@ -32,9 +34,9 @@ public class Display {
   */
  public static void displayHelpDetails() {
    ClassLoader classLoader = Display.class.getClassLoader();
-    File file = new File(classLoader.getResource("help.txt").getFile());
+    InputStream help = classLoader.getResourceAsStream("help.txt");
    try {
-      String data = FileUtils.readFileToString(file, "UTF-8");
+      String data = IOUtils.toString(help, "UTF-8");
      System.out.println(data);
    } catch (IOException e) {
      e.printStackTrace();
--- a/org.hl7.fhir.validation/src/main/java/org/hl7/fhir/validation/cli/utils/Params.java
+++ b/org.hl7.fhir.validation/src/main/java/org/hl7/fhir/validation/cli/utils/Params.java
@ -238,8 +238,6 @@ public class Params {
        cliContext.addSource(args[i]);
      }
    }
-    if (cliContext.getSources().isEmpty())
-      throw new Exception("Must provide at least one source file");
    return cliContext;
  }