[CLIENT] Update httpclient library from version 4.5.x to version 5.y

4 files changed, 96 insertions, 67 deletions

diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java
index 52092d4f..93105e91 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java
@@ -9,8 +9,8 @@ import java.util.List;
 import java.util.Map.Entry;
 
 import org.apache.commons.codec.binary.Base64;
-import org.apache.http.ParseException;
-import org.apache.http.client.ClientProtocolException;
+import org.apache.hc.client5.http.ClientProtocolException;
+import org.apache.hc.core5.http.ParseException;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.openslx.bwlp.thrift.iface.Satellite;
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java
index 2f40f782..6a226e1e 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java
@@ -6,10 +6,10 @@ import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URL;
 
-import org.apache.http.HttpResponse;
-import org.apache.http.ParseException;
-import org.apache.http.client.ClientProtocolException;
-import org.apache.http.util.EntityUtils;
+import org.apache.hc.client5.http.ClientProtocolException;
+import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse;
+import org.apache.hc.core5.http.ParseException;
+import org.apache.hc.core5.http.io.entity.EntityUtils;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.openslx.bwlp.thrift.iface.AuthorizationError;
@@ -135,7 +135,7 @@ public class ShibbolethEcp {
 		final ECPAuthenticator auth = new ECPAuthenticator(ProxyConfigurator.getClient(), user, pass, new URI(idpUrl), BWLP_SP);
 		auth.setRetryWithoutAt(true);
 
-		HttpResponse spResponse;
+		CloseableHttpResponse spResponse;
 		try {
 			spResponse = auth.authenticate();
 		} catch (ECPAuthenticationException e) {
@@ -143,10 +143,10 @@ public class ShibbolethEcp {
 			throw new TAuthorizationException(AuthorizationError.GENERIC_ERROR, e.getMessage());
 		}
 
-		if (spResponse.getStatusLine().getStatusCode() != 200) {
+		if (spResponse.getCode() != 200) {
 			LOGGER.error("SP does not return HTTP status code 200");
 			throw new TAuthorizationException(AuthorizationError.GENERIC_ERROR, "SP says: "
-					+ spResponse.getStatusLine().toString());
+					+ spResponse.getReasonPhrase());
 		}
 		
 		LOGGER.debug("Login complete, getting body");
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java
index 8011eaec..a6dede1c 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java
@@ -7,25 +7,27 @@ import java.net.Socket;
 import java.text.MessageFormat;
 import java.util.concurrent.atomic.AtomicReference;
 
-import org.apache.http.HttpException;
-import org.apache.http.HttpHost;
-import org.apache.http.HttpRequest;
-import org.apache.http.HttpResponse;
-import org.apache.http.client.config.RequestConfig;
-import org.apache.http.client.methods.HttpGet;
-import org.apache.http.config.Registry;
-import org.apache.http.config.RegistryBuilder;
-import org.apache.http.config.SocketConfig;
-import org.apache.http.conn.routing.HttpRoute;
-import org.apache.http.conn.socket.ConnectionSocketFactory;
-import org.apache.http.conn.socket.PlainConnectionSocketFactory;
-import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClientBuilder;
-import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
-import org.apache.http.impl.conn.SystemDefaultRoutePlanner;
-import org.apache.http.protocol.HttpContext;
-import org.apache.http.ssl.SSLContexts;
+import org.apache.hc.client5.http.HttpRoute;
+import org.apache.hc.client5.http.classic.methods.HttpGet;
+import org.apache.hc.client5.http.config.ConnectionConfig;
+import org.apache.hc.client5.http.config.RequestConfig;
+import org.apache.hc.client5.http.config.TlsConfig;
+import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
+import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
+import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager;
+import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
+import org.apache.hc.client5.http.impl.routing.SystemDefaultRoutePlanner;
+import org.apache.hc.client5.http.socket.ConnectionSocketFactory;
+import org.apache.hc.client5.http.socket.PlainConnectionSocketFactory;
+import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactoryBuilder;
+import org.apache.hc.core5.http.HttpException;
+import org.apache.hc.core5.http.HttpHost;
+import org.apache.hc.core5.http.HttpResponse;
+import org.apache.hc.core5.http.URIScheme;
+import org.apache.hc.core5.http.config.RegistryBuilder;
+import org.apache.hc.core5.http.protocol.HttpContext;
+import org.apache.hc.core5.http.ssl.TLS;
+import org.apache.hc.core5.util.Timeout;
 import org.apache.logging.log4j.Level;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
@@ -55,6 +57,12 @@ public class ProxyConfigurator {
 	
 	private static AtomicReference<CloseableHttpClient> apacheClient = new AtomicReference<>();
 	
+	private static final TLS[] SUPPORTED_TLS_VERSIONS = { TLS.V_1_3, TLS.V_1_2, TLS.V_1_1 };
+
+	private static final Timeout TIMEOUT_CONNECT = Timeout.ofSeconds(8);
+	private static final Timeout TIMEOUT_SOCKET = Timeout.ofSeconds(8);
+	private static final Timeout TIMEOUT_REQUEST = Timeout.ofSeconds(3);
+
 	/**
 	 * Initialization method.
 	 */
@@ -148,46 +156,49 @@ public class ProxyConfigurator {
 		return inst;
 	}
 
-	private static SSLConnectionSocketFactory createSslFactory() {
-		// TODO: Geht nich
-		for (String proto : new String[] { "TLSv1.2", "TLSv1.1", "TLS" }) {
-		try {
-			return new SSLConnectionSocketFactory(SSLContexts.custom().setProtocol(proto).build());
-		} catch (Exception e) {
-			LOGGER.warn(proto + " not available", e);
-		}
-		}
-		return SSLConnectionSocketFactory.getSystemSocketFactory();
-	}
-
 	private static HttpClientBuilder createShortTimeoutBuilder() {
-		HttpClientBuilder builder = HttpClientBuilder.create().setSSLSocketFactory(createSslFactory());
-		builder.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(8000).build());
-		PoolingHttpClientConnectionManager pm = new PoolingHttpClientConnectionManager();
-		pm.setDefaultMaxPerRoute(4);
-		builder.setConnectionManager(pm);
-		return builder;
+		return HttpClientBuilder.create()
+				.setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create()
+						.setSSLSocketFactory(SSLConnectionSocketFactoryBuilder.create()
+								.setTlsVersions(ProxyConfigurator.SUPPORTED_TLS_VERSIONS)
+								.build())
+						.setDefaultTlsConfig(TlsConfig.custom()
+								.setSupportedProtocols(ProxyConfigurator.SUPPORTED_TLS_VERSIONS)
+								.build())
+						.setDefaultConnectionConfig(ConnectionConfig.custom()
+								.setConnectTimeout(ProxyConfigurator.TIMEOUT_CONNECT)
+								.setSocketTimeout(ProxyConfigurator.TIMEOUT_SOCKET)
+								.build())
+						.setMaxConnPerRoute(4)
+						.build());
 	}
 
 	private static HttpClientBuilder createSlxBuilder() {
-		HttpClientBuilder builder = HttpClientBuilder.create();
-		builder.setRoutePlanner(new SlxRoutePlanner(null));
-		builder.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(8000).build());
-		Registry<ConnectionSocketFactory> csf = RegistryBuilder.<ConnectionSocketFactory> create()
-				.register("http", new SlxSocketFactory())
-				.register("https", createSslFactory())
-				.build();
-		PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(csf);
-		cm.setDefaultMaxPerRoute(4);
-		builder.setConnectionManager(cm);
-		return builder;
+
+		final RegistryBuilder<ConnectionSocketFactory> registryBuilder = RegistryBuilder.<ConnectionSocketFactory>create()
+				.register(URIScheme.HTTP.id, SlxSocketFactory.getSocketFactory())
+				.register(URIScheme.HTTPS.id, SSLConnectionSocketFactoryBuilder.create()
+						.setTlsVersions(ProxyConfigurator.SUPPORTED_TLS_VERSIONS)
+						.build());
+
+		final PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(registryBuilder.build());
+		connectionManager.setDefaultTlsConfig(TlsConfig.custom()
+				.setSupportedProtocols(ProxyConfigurator.SUPPORTED_TLS_VERSIONS)
+				.build());
+		connectionManager.setDefaultConnectionConfig(ConnectionConfig.custom()
+				.setConnectTimeout(ProxyConfigurator.TIMEOUT_CONNECT)
+				.setSocketTimeout(ProxyConfigurator.TIMEOUT_SOCKET)
+				.build());
+		connectionManager.setDefaultMaxPerRoute(4);
+
+		return HttpClientBuilder.create()
+				.setRoutePlanner(new SlxRoutePlanner(null))
+				.setConnectionManager(connectionManager);
 	}
 
 	private static boolean testHttpsMaster() {
-		RequestConfig requestConfig = RequestConfig.custom()
-				.setConnectionRequestTimeout(3000)
-				.setConnectTimeout(3000)
-				.setSocketTimeout(3000)
+		final RequestConfig requestConfig = RequestConfig.custom()
+				.setConnectionRequestTimeout(ProxyConfigurator.TIMEOUT_REQUEST)
 				.build();
 		HttpGet httpGet = new HttpGet(ShibbolethEcp.BWLP_SP.toString());
 		httpGet.setConfig(requestConfig);
@@ -196,8 +207,8 @@ public class ProxyConfigurator {
 				"ver=\"urn:liberty:paos:2003-08\";\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp\"");
 		try {
 			HttpResponse response = getClient().execute(httpGet);
-			LOGGER.debug("Master server replies with " + response.getStatusLine().getStatusCode());
-			return response.getStatusLine().getStatusCode() == 200;
+			LOGGER.debug("Master server replies with " + response.getCode());
+			return response.getCode() == 200;
 		} catch (Exception e) {
 			LOGGER.debug("Cannot reach master server via HTTPS", e);
 			return false;
@@ -205,6 +216,13 @@ public class ProxyConfigurator {
 	}
 
 	private static class SlxSocketFactory extends PlainConnectionSocketFactory {
+
+		public static final SlxSocketFactory INSTANCE = new SlxSocketFactory();
+
+		public static SlxSocketFactory getSocketFactory() {
+			return INSTANCE;
+		}
+
 		@Override
 		public Socket createSocket(HttpContext context) throws IOException {
 			Object obj = context.getAttribute("openslx.l7proxy");
@@ -224,11 +242,11 @@ public class ProxyConfigurator {
 		}
 
 		@Override
-		public HttpRoute determineRoute(HttpHost host, HttpRequest request, HttpContext context)
+		public HttpHost determineProxy(final HttpHost target, final HttpContext context)
 				throws HttpException {
-			HttpRoute route = super.determineRoute(host, request, context);
-			context.setAttribute("openslx.l7proxy", route);
-			return route;
+			HttpHost host = super.determineProxy(target, context);
+			context.setAttribute("openslx.l7proxy", host);
+			return host;
 		}
 	}
 	
diff --git a/dozentenmodul/src/main/properties/log4j2.properties b/dozentenmodul/src/main/properties/log4j2.properties
index 1b68a76d..eaa9a669 100644
--- a/dozentenmodul/src/main/properties/log4j2.properties
+++ b/dozentenmodul/src/main/properties/log4j2.properties
@@ -23,3 +23,14 @@ appender.console.layout.type=PatternLayout
 appender.console.layout.pattern=[%t] %-5p %F - %m%n
 appender.console.filter.threshold.type=ThresholdFilter
 appender.console.filter.threshold.level=info
+
+#
+# configuration for specific package or class loggers
+#
+loggers=httpclientContext,httpclientContent
+
+logger.httpclientContext.name=org.apache.hc.client5.http
+logger.httpclientContext.level=warn
+
+logger.httpclientContent.name=org.apache.hc.client5.http.wire
+logger.httpclientContent.level=warn