diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/manager/EngineManager.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/manager/EngineManager.java index 1c4fe845c..2d5645393 100644 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/manager/EngineManager.java +++ b/dongtai-agent/src/main/java/io/dongtai/iast/agent/manager/EngineManager.java @@ -8,16 +8,15 @@ import io.dongtai.iast.agent.monitor.impl.PerformanceMonitor; import io.dongtai.iast.agent.report.AgentRegisterReport; import io.dongtai.iast.agent.util.FileUtils; -import io.dongtai.iast.agent.util.http.HttpClientUtils; +import io.dongtai.iast.agent.util.HttpClientUtils; import io.dongtai.iast.common.utils.base64.Base64Encoder; import io.dongtai.log.DongTaiLog; -import org.json.JSONObject; -import java.io.*; +import java.io.File; +import java.io.IOException; import java.lang.instrument.Instrumentation; import java.lang.management.ManagementFactory; import java.lang.reflect.InvocationTargetException; -import java.net.*; import java.util.jar.JarFile; /** @@ -196,79 +195,20 @@ private static String getGrpcPackagePath() { return TMP_DIR + "dongtai-grpc.jar"; } - - /** - * 从远程URI下载jar包到指定的本地文件 - * - * @param fileUrl 远程URI - * @param fileName 本地文件路径 - * @return 下载结果,成功为true,失败为false - */ - private boolean downloadJarPackageToCacheFromUrl(String fileUrl, String fileName) { - boolean status = false; - try { - URL url = new URL(fileUrl); - Proxy proxy = HttpClientUtils.loadProxy(); - HttpURLConnection connection = proxy == null ? (HttpURLConnection) url.openConnection() - : (HttpURLConnection) url.openConnection(proxy); - - connection.setRequestMethod("GET"); - connection.setRequestProperty("User-Agent", "DongTai-IAST-Agent"); - connection.setRequestProperty("Authorization", "Token " + properties.getServerToken()); - connection.setUseCaches(false); - connection.setDoOutput(true); - - if ("application/json".equals(connection.getContentType())) { - BufferedReader streamReader = new BufferedReader(new InputStreamReader(connection.getInputStream(), "UTF-8")); - StringBuilder responseStrBuilder = new StringBuilder(); - String inputStr; - while ((inputStr = streamReader.readLine()) != null) { - responseStrBuilder.append(inputStr); - } - - JSONObject jsonObject = new JSONObject(responseStrBuilder.toString()); - DongTaiLog.error("DongTai Core Package: {} download failed. response: {}", fileUrl, jsonObject); - return false; - } else { - BufferedInputStream in = new BufferedInputStream(connection.getInputStream()); - final File classPath = new File(new File(fileName).getParent()); - - if (!classPath.mkdirs() && !classPath.exists()) { - DongTaiLog.info("Check or create local file cache path, path is " + classPath); - } - FileOutputStream fileOutputStream = new FileOutputStream(fileName); - byte[] dataBuffer = new byte[1024]; - int bytesRead; - while ((bytesRead = in.read(dataBuffer, 0, 1024)) != -1) { - fileOutputStream.write(dataBuffer, 0, bytesRead); - } - dataBuffer = null; - in.close(); - fileOutputStream.close(); - DongTaiLog.info("The remote file " + fileUrl + " was successfully written to the local cache."); - status = true; - } - } catch (Exception ignore) { - DongTaiLog.error("The remote file " + fileUrl + " download failure, please check the dongtai-token."); - } - return status; - } - /** * 更新IAST引擎需要的jar包,用于启动时加载和热更新检测引擎 - iast-core.jar - iast-inject.jar * * @return 更新状态,成功为true,失败为false */ public boolean downloadPackageFromServer() { - String baseUrl = properties.getBaseUrl(); // 自定义jar下载地址 - String spyJarUrl = "".equals(properties.getCustomSpyJarUrl()) ? baseUrl + INJECT_PACKAGE_REMOTE_URI : properties.getCustomSpyJarUrl(); - String coreJarUrl = "".equals(properties.getCustomCoreJarUrl()) ? baseUrl + ENGINE_PACKAGE_REMOTE_URI : properties.getCustomCoreJarUrl(); - String apiJarUrl = "".equals(properties.getCustomApiJarUrl()) ? baseUrl + API_PACKAGE_REMOTE_URI : properties.getCustomApiJarUrl(); - return downloadJarPackageToCacheFromUrl(spyJarUrl, getInjectPackageCachePath()) && - downloadJarPackageToCacheFromUrl(coreJarUrl, getEnginePackageCachePath()) && - downloadJarPackageToCacheFromUrl(apiJarUrl, getApiPackagePath()) && - downloadJarPackageToCacheFromUrl(baseUrl + "/api/v1/engine/download?engineName=dongtai-grpc", getGrpcPackagePath()); + String spyJarUrl = "".equals(properties.getCustomSpyJarUrl()) ? INJECT_PACKAGE_REMOTE_URI : properties.getCustomSpyJarUrl(); + String coreJarUrl = "".equals(properties.getCustomCoreJarUrl()) ? ENGINE_PACKAGE_REMOTE_URI : properties.getCustomCoreJarUrl(); + String apiJarUrl = "".equals(properties.getCustomApiJarUrl()) ? API_PACKAGE_REMOTE_URI : properties.getCustomApiJarUrl(); + return HttpClientUtils.downloadRemoteJar(spyJarUrl, getInjectPackageCachePath()) && + HttpClientUtils.downloadRemoteJar(coreJarUrl, getEnginePackageCachePath()) && + HttpClientUtils.downloadRemoteJar(apiJarUrl, getApiPackagePath()) && + HttpClientUtils.downloadRemoteJar("/api/v1/engine/download?engineName=dongtai-grpc", getGrpcPackagePath()); } /** @@ -277,14 +217,13 @@ public boolean downloadPackageFromServer() { * @return 更新状态,成功为true,失败为false */ public boolean downloadPackageFromServerJdk6() { - String baseUrl = properties.getBaseUrl(); // 自定义jar下载地址 - String spyJarUrl = "".equals(properties.getCustomSpyJarUrl()) ? baseUrl + INJECT_PACKAGE_REMOTE_URI_JDK6 : properties.getCustomSpyJarUrl(); - String coreJarUrl = "".equals(properties.getCustomCoreJarUrl()) ? baseUrl + ENGINE_PACKAGE_REMOTE_URI_JDK6 : properties.getCustomCoreJarUrl(); - String apiJarUrl = "".equals(properties.getCustomApiJarUrl()) ? baseUrl + API_PACKAGE_REMOTE_URI_JDK6 : properties.getCustomApiJarUrl(); - return downloadJarPackageToCacheFromUrl(spyJarUrl, getInjectPackageCachePath()) && - downloadJarPackageToCacheFromUrl(coreJarUrl, getEnginePackageCachePath()) && - downloadJarPackageToCacheFromUrl(apiJarUrl, getApiPackagePath()); + String spyJarUrl = "".equals(properties.getCustomSpyJarUrl()) ? INJECT_PACKAGE_REMOTE_URI_JDK6 : properties.getCustomSpyJarUrl(); + String coreJarUrl = "".equals(properties.getCustomCoreJarUrl()) ? ENGINE_PACKAGE_REMOTE_URI_JDK6 : properties.getCustomCoreJarUrl(); + String apiJarUrl = "".equals(properties.getCustomApiJarUrl()) ? API_PACKAGE_REMOTE_URI_JDK6 : properties.getCustomApiJarUrl(); + return HttpClientUtils.downloadRemoteJar(spyJarUrl, getInjectPackageCachePath()) && + HttpClientUtils.downloadRemoteJar(coreJarUrl, getEnginePackageCachePath()) && + HttpClientUtils.downloadRemoteJar(apiJarUrl, getApiPackagePath()); } /** diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/DongTaiThreadMonitor.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/DongTaiThreadMonitor.java index db018cf70..5ec53c364 100644 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/DongTaiThreadMonitor.java +++ b/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/DongTaiThreadMonitor.java @@ -2,8 +2,8 @@ import io.dongtai.iast.agent.monitor.IMonitor; import io.dongtai.iast.agent.monitor.MonitorDaemonThread; +import io.dongtai.iast.agent.util.HttpClientUtils; import io.dongtai.iast.agent.util.ThreadUtils; -import io.dongtai.iast.agent.util.http.HttpClientUtils; import io.dongtai.iast.common.constants.*; import io.dongtai.iast.common.entity.performance.metrics.ThreadInfoMetrics; import io.dongtai.log.DongTaiLog; diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/EngineMonitor.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/EngineMonitor.java index cf2aba339..5bc99b4c5 100644 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/EngineMonitor.java +++ b/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/EngineMonitor.java @@ -5,14 +5,17 @@ import io.dongtai.iast.agent.monitor.MonitorDaemonThread; import io.dongtai.iast.agent.report.AgentRegisterReport; import io.dongtai.iast.agent.report.HeartBeatReport; +import io.dongtai.iast.agent.util.HttpClientUtils; import io.dongtai.iast.agent.util.ThreadUtils; -import io.dongtai.iast.agent.util.http.HttpClientUtils; import io.dongtai.iast.common.constants.AgentConstant; import io.dongtai.iast.common.constants.ApiPath; import io.dongtai.iast.common.utils.version.JavaVersionUtils; import io.dongtai.log.DongTaiLog; import org.json.JSONObject; +import java.util.HashMap; +import java.util.Map; + /** * @author dongzhiyong@huoxian.cn */ @@ -104,8 +107,10 @@ private void forceSwitchPerformanceBreaker(boolean turnOn) { private String checkForStatus() { try { - String respRaw = String.valueOf(HttpClientUtils.sendGet(ApiPath.EXCEPT_ACTION, "agentId", String.valueOf(AgentRegisterReport.getAgentFlag()))); - if (respRaw != null && !respRaw.isEmpty()) { + Map parameters = new HashMap(); + parameters.put("agentId", String.valueOf(AgentRegisterReport.getAgentFlag())); + String respRaw = HttpClientUtils.sendGet(ApiPath.EXCEPT_ACTION, parameters).toString(); + if (!respRaw.isEmpty()) { JSONObject resp = new JSONObject(respRaw); JSONObject data = (JSONObject) resp.get("data"); return data.get("exceptRunningStatus").toString(); diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/HeartBeatMonitor.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/HeartBeatMonitor.java index 0f2ff06ab..47809a6b9 100644 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/HeartBeatMonitor.java +++ b/dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/HeartBeatMonitor.java @@ -3,8 +3,8 @@ import io.dongtai.iast.agent.monitor.IMonitor; import io.dongtai.iast.agent.monitor.MonitorDaemonThread; import io.dongtai.iast.agent.report.HeartBeatReport; +import io.dongtai.iast.agent.util.HttpClientUtils; import io.dongtai.iast.agent.util.ThreadUtils; -import io.dongtai.iast.agent.util.http.HttpClientUtils; import io.dongtai.iast.common.constants.AgentConstant; import io.dongtai.iast.common.constants.ApiPath; import io.dongtai.log.DongTaiLog; diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/report/AgentRegisterReport.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/report/AgentRegisterReport.java index 399b1084e..331766e5c 100644 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/report/AgentRegisterReport.java +++ b/dongtai-agent/src/main/java/io/dongtai/iast/agent/report/AgentRegisterReport.java @@ -4,7 +4,7 @@ import io.dongtai.iast.agent.manager.EngineManager; import io.dongtai.iast.agent.middlewarerecognition.IServer; import io.dongtai.iast.agent.middlewarerecognition.ServerDetect; -import io.dongtai.iast.agent.util.http.HttpClientUtils; +import io.dongtai.iast.agent.util.HttpClientUtils; import io.dongtai.iast.common.constants.AgentConstant; import io.dongtai.iast.common.constants.ApiPath; import io.dongtai.iast.common.utils.base64.Base64Encoder; diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/HttpClientUtils.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/HttpClientUtils.java new file mode 100644 index 000000000..753cad484 --- /dev/null +++ b/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/HttpClientUtils.java @@ -0,0 +1,62 @@ +package io.dongtai.iast.agent.util; + +import io.dongtai.iast.agent.IastProperties; +import io.dongtai.iast.common.enums.HttpMethods; +import io.dongtai.iast.common.utils.AbstractHttpClientUtils; + +import java.util.HashMap; +import java.util.Map; + +/** + * @author dongzhiyong@huoxian.cn + */ +public class HttpClientUtils extends AbstractHttpClientUtils { + private final static IastProperties PROPERTIES = IastProperties.getInstance(); + private static String proxyHost = ""; + private static int proxyPort = -1; + + static { + if (PROPERTIES.isProxyEnable()) { + proxyHost = PROPERTIES.getProxyHost(); + proxyPort = PROPERTIES.getProxyPort(); + } + } + + public static StringBuilder sendGet(String uri, Map parameters) { + if (parameters != null && !parameters.isEmpty()) { + StringBuilder uriBuilder = new StringBuilder(uri); + uriBuilder.append("?"); + for (Map.Entry entry : parameters.entrySet()) { + uriBuilder.append(entry.getKey()).append("=").append(entry.getValue()).append("&"); + } + uri = uriBuilder.toString(); + } + + Map headers = new HashMap(); + setToken(headers); + + return sendRequest(HttpMethods.GET, PROPERTIES.getBaseUrl() + uri, null, headers, 0, + proxyHost, proxyPort, null); + } + + public static StringBuilder sendPost(String uri, String value) { + Map headers = new HashMap(); + setToken(headers); + headers.put(HEADER_CONTENT_TYPE, MEDIA_TYPE_APPLICATION_JSON); + headers.put(HEADER_CONTENT_ENCODING, REQUEST_ENCODING_TYPE); + + return sendRequest(HttpMethods.POST, PROPERTIES.getBaseUrl() + uri, value, headers, 0, + proxyHost, proxyPort, null); + } + + public static boolean downloadRemoteJar(String fileURI, String fileName) { + Map headers = new HashMap(); + setToken(headers); + + return downloadFile(PROPERTIES.getBaseUrl() + fileURI, fileName, headers, proxyHost, proxyPort); + } + + private static void setToken(Map headers) { + headers.put(REQUEST_HEADER_TOKEN_KEY, "Token " + PROPERTIES.getServerToken()); + } +} diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpClientHostnameVerifier.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpClientHostnameVerifier.java deleted file mode 100644 index 93ae0dfd7..000000000 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpClientHostnameVerifier.java +++ /dev/null @@ -1,14 +0,0 @@ -package io.dongtai.iast.agent.util.http; - -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.SSLSession; - -/** - * @author dongzhiyong@huoxian.cn - */ -public class HttpClientHostnameVerifier implements HostnameVerifier { - @Override - public boolean verify(String hostname, SSLSession session) { - return true; - } -} diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpClientUtils.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpClientUtils.java deleted file mode 100644 index 2b527f3e8..000000000 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpClientUtils.java +++ /dev/null @@ -1,152 +0,0 @@ -package io.dongtai.iast.agent.util.http; - -import io.dongtai.iast.agent.IastProperties; -import io.dongtai.log.DongTaiLog; - -import javax.net.ssl.*; -import java.io.*; -import java.net.*; -import java.nio.charset.Charset; -import java.util.HashMap; -import java.util.Map; -import java.util.zip.GZIPOutputStream; - -/** - * @author dongzhiyong@huoxian.cn - */ -public class HttpClientUtils { - - private static final String PROTOCOL_HTTPS = "https"; - private static final String REQUEST_HEADER_CONTENT_TYPE = "Content-Type"; - private static final String REQUEST_HEADER_CONTENT_ENCODING = "Content-Encoding"; - private static final String REQUEST_HEADER_USER_AGENT = "user-agent"; - private static final String MEDIA_TYPE_APPLICATION_JSON = "application/json"; - private static final String REQUEST_HEADER_TOKEN_KEY = "Authorization"; - private static final String REQUEST_ENCODING_TYPE = "gzip"; - private static final String SSL_SIGNATURE = "TLSv1.2"; - private final static HostnameVerifier DO_NOT_VERIFY = new HttpClientHostnameVerifier(); - private final static IastProperties PROPERTIES = IastProperties.getInstance(); - private final static Proxy PROXY = loadProxy(); - - public static StringBuilder sendGet(String uri, String arg, String value) { - try { - if (arg != null && value != null) { - return sendRequest(HttpMethods.GET, PROPERTIES.getBaseUrl(), uri + "?" + arg + "=" + value, null, null, - PROXY); - } else { - return sendRequest(HttpMethods.GET, PROPERTIES.getBaseUrl(), uri, null, null, PROXY); - } - } catch (Exception e) { - return null; - } - } - - public static StringBuilder sendPost(String uri, String value) { - StringBuilder response; - response = sendRequest(HttpMethods.POST, PROPERTIES.getBaseUrl(), uri, value, null, PROXY); - return response; - } - - - private static StringBuilder sendRequest(HttpMethods method, String baseUrl, String urlStr, String data, - HashMap headers, Proxy proxy) { - HttpURLConnection connection = null; - StringBuilder response = new StringBuilder(); - try { - trustAllHosts(); - URL url = new URL(baseUrl + urlStr); - // 通过请求地址判断请求类型(http或者是https) - if (PROTOCOL_HTTPS.equalsIgnoreCase(url.getProtocol())) { - HttpsURLConnection https = proxy == null ? (HttpsURLConnection) url.openConnection() - : (HttpsURLConnection) url.openConnection(proxy); - https.setHostnameVerifier(DO_NOT_VERIFY); - connection = https; - } else { - connection = proxy == null ? (HttpURLConnection) url.openConnection() - : (HttpURLConnection) url.openConnection(proxy); - } - connection.setReadTimeout(10 * 1000); - connection.setConnectTimeout(10 * 1000); - - connection.setRequestMethod(method.name()); - if (HttpMethods.POST.equals(method)) { - connection.setRequestProperty(REQUEST_HEADER_CONTENT_TYPE, MEDIA_TYPE_APPLICATION_JSON); - connection.setRequestProperty(REQUEST_HEADER_CONTENT_ENCODING, REQUEST_ENCODING_TYPE); - connection.setRequestProperty(REQUEST_HEADER_USER_AGENT, - "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.94 Safari/537.36 IAST-AGENT"); - } - connection.setRequestProperty(REQUEST_HEADER_USER_AGENT, "DongTai-IAST-Agent"); - connection.setRequestProperty(REQUEST_HEADER_TOKEN_KEY, - "Token " + IastProperties.getInstance().getServerToken()); - // 插入自定义的 - if (null != headers) { - for (Map.Entry entry : headers.entrySet()) { - connection.setRequestProperty(entry.getKey(), entry.getValue()); - } - } - - //Send request - if (HttpMethods.POST.equals(method)) { - connection.setUseCaches(false); - connection.setDoOutput(true); - - GZIPOutputStream wr = new GZIPOutputStream(connection.getOutputStream()); - wr.write(data.getBytes(Charset.forName("UTF-8"))); - wr.close(); - } - if (connection.getResponseCode() != 200) { - DongTaiLog.error(connection.getResponseCode() + " " + connection.getResponseMessage()); - } - InputStream is = connection.getInputStream(); - BufferedReader rd = new BufferedReader(new InputStreamReader(is)); - String line; - while ((line = rd.readLine()) != null) { - response.append(line); - response.append('\r'); - } - rd.close(); - DongTaiLog.trace("dongtai upload url is {}, request is {} ,response is {}", urlStr, data, response.toString()); - return response; - } catch (Exception e){ - DongTaiLog.error(e); - } - finally { - if (connection != null) { - connection.disconnect(); - } - } - return response; - } - - /** - * 根据配置文件创建http/https代理 - */ - public static Proxy loadProxy() { - try { - if (PROPERTIES.isProxyEnable()) { - Proxy proxy; - proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress( - PROPERTIES.getProxyHost(), - PROPERTIES.getProxyPort() - )); - return proxy; - } - } catch (Throwable e) { - DongTaiLog.error(e); - } - return null; - } - - public static void trustAllHosts() { - TrustManager[] trustAllCerts = new TrustManager[]{new IastTrustManager()}; - try { - SSLContext sc = SSLContext.getInstance(SSL_SIGNATURE); - sc.init(null, trustAllCerts, new java.security.SecureRandom()); - HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); - } catch (Exception e) { - DongTaiLog.error(e); - } - } - - -} diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpMethods.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpMethods.java deleted file mode 100644 index 0abe6a6fc..000000000 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpMethods.java +++ /dev/null @@ -1,27 +0,0 @@ -package io.dongtai.iast.agent.util.http; - -/** - * 创建HTTP请求方法的枚举对象 - * - * @author dongzhiyong@huoxian.cn - */ -public enum HttpMethods { - /** - * GET方法 - */ - GET("GET"), - /** - * POST方法 - */ - POST("POST"); - - private final String method; - - HttpMethods(String method) { - this.method = method; - } - - public boolean equals(String method) { - return this.method.equals(method.toUpperCase()); - } -} diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/IastTrustManager.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/IastTrustManager.java deleted file mode 100644 index 8c95ac5b5..000000000 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/IastTrustManager.java +++ /dev/null @@ -1,22 +0,0 @@ -package io.dongtai.iast.agent.util.http; - -import javax.net.ssl.X509TrustManager; -import java.security.cert.X509Certificate; - -/** - * @author dongzhiyong@huoxian.cn - */ -public class IastTrustManager implements X509TrustManager { - @Override - public X509Certificate[] getAcceptedIssuers() { - return new X509Certificate[]{}; - } - - @Override - public void checkClientTrusted(X509Certificate[] chain, String authType) { - } - - @Override - public void checkServerTrusted(X509Certificate[] chain, String authType) { - } -} diff --git a/dongtai-common/pom.xml b/dongtai-common/pom.xml index 478e67bb3..2c415406e 100644 --- a/dongtai-common/pom.xml +++ b/dongtai-common/pom.xml @@ -12,8 +12,7 @@ dongtai-common - 1.6 - 1.6 + 4.5.13 @@ -23,6 +22,23 @@ ${project.version} provided + + org.apache.httpcomponents + httpclient + ${apache-httpclient.version} + + + org.json + json + ${json.version} + test + + + + junit + junit + test + @@ -31,13 +47,35 @@ org.apache.maven.plugins maven-shade-plugin - 2.4 + 3.1.0 package shade + + + + + *:* + + META-INF/ + *.dtd + + + + + + org.apache + ${shade-prefix}.org.apache + + + org.json + ${shade-prefix}.org.json + + + diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/HttpMethods.java b/dongtai-common/src/main/java/io/dongtai/iast/common/enums/HttpMethods.java similarity index 91% rename from dongtai-core/src/main/java/io/dongtai/iast/core/utils/HttpMethods.java rename to dongtai-common/src/main/java/io/dongtai/iast/common/enums/HttpMethods.java index 10d4a2001..efdab5885 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/HttpMethods.java +++ b/dongtai-common/src/main/java/io/dongtai/iast/common/enums/HttpMethods.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.core.utils; +package io.dongtai.iast.common.enums; /** * 创建HTTP请求方法的枚举对象 diff --git a/dongtai-common/src/main/java/io/dongtai/iast/common/utils/AbstractHttpClientUtils.java b/dongtai-common/src/main/java/io/dongtai/iast/common/utils/AbstractHttpClientUtils.java new file mode 100644 index 000000000..00e94e829 --- /dev/null +++ b/dongtai-common/src/main/java/io/dongtai/iast/common/utils/AbstractHttpClientUtils.java @@ -0,0 +1,204 @@ +package io.dongtai.iast.common.utils; + +import io.dongtai.iast.common.enums.HttpMethods; +import io.dongtai.log.DongTaiLog; +import org.apache.http.HttpHost; +import org.apache.http.HttpStatus; +import org.apache.http.client.entity.GzipCompressingEntity; +import org.apache.http.client.methods.*; +import org.apache.http.conn.ssl.NoopHostnameVerifier; +import org.apache.http.entity.StringEntity; +import org.apache.http.impl.client.*; +import org.apache.http.util.EntityUtils; + +import java.io.*; +import java.util.Map; + +public class AbstractHttpClientUtils { + protected static final String REQUEST_HEADER_TOKEN_KEY = "Authorization"; + protected static final String HEADER_CONTENT_ENCODING = "Content-Encoding"; + protected static final String REQUEST_ENCODING_TYPE = "gzip"; + protected static final String HEADER_CONTENT_TYPE = "Content-Type"; + protected static final String MEDIA_TYPE_APPLICATION_JSON = "application/json"; + protected static final String MEDIA_TYPE_TEXT_PLAIN = "text/plain"; + protected static final String MEDIA_TYPE_TEXT_HTML = "text/html"; + + protected interface HttpClientExceptionHandler { + void run(); + } + + protected static StringBuilder sendRequest(HttpMethods method, String url, String data, Map headers, + int maxRetries, String proxyHost, int proxyPort, + HttpClientExceptionHandler handler) { + CloseableHttpClient client = getClient(maxRetries, proxyHost, proxyPort); + + return sendRequest(client, method, url, data, headers, handler); + } + + protected static StringBuilder sendRequest(CloseableHttpClient client, HttpMethods method, String url, String data, + Map headers, HttpClientExceptionHandler handler) { + StringBuilder response = new StringBuilder(); + CloseableHttpResponse resp = null; + + try { + if (method.equals(HttpMethods.GET)) { + HttpGet req = new HttpGet(url); + resp = sendRequestInternal(client, req, data, headers, handler); + } else { + HttpPost req = new HttpPost(url); + resp = sendRequestInternal(client, req, data, headers, handler); + } + if (resp != null) { + if (resp.getStatusLine().getStatusCode() != HttpStatus.SC_OK) { + DongTaiLog.error("request {} response status code invalid: {}", + url, resp.getStatusLine().getStatusCode()); + } + + response.append(EntityUtils.toString(resp.getEntity(), "UTF-8")); + DongTaiLog.trace("dongtai request url is {}, request is {} ,response is {}", + url, data, response.toString()); + return response; + } + } catch (Exception e) { + DongTaiLog.error("request " + url + " parse response failed", e); + if (handler != null) { + handler.run(); + } + } finally { + if (resp != null) { + try { + resp.close(); + } catch (IOException ignore) { + } + } + + if (client != null) { + try { + client.close(); + } catch (IOException ignore) { + } + } + } + return response; + } + + /** + * @param req HttpRequestBase + * @param data post data + * @param headers headers map + * @return StringBuilder + *

+ * java.net.URLConnection will not shut down the threads properly, so we use apache httpclient + * https://stackoverflow.com/questions/33849053/how-to-stop-a-url-connection-upon-thread-interruption-java + */ + private static CloseableHttpResponse sendRequestInternal(CloseableHttpClient client, HttpRequestBase req, + String data, Map headers, + HttpClientExceptionHandler func) { + try { + if (headers != null) { + for (Map.Entry entry : headers.entrySet()) { + req.setHeader(entry.getKey(), entry.getValue()); + } + } + + if (req instanceof HttpPost && data != null) { + GzipCompressingEntity entity = new GzipCompressingEntity(new StringEntity(data)); + ((HttpPost) req).setEntity(entity); + } + return client.execute(req); + } catch (IOException e) { + DongTaiLog.error("request " + req.getURI().toString() + " failed", e); + if (func != null) { + func.run(); + } + } + return null; + } + + public static CloseableHttpClient getClient(int maxRetries, String proxyHost, int proxyPort) { + HttpClientBuilder hcb = getClientBuilder(maxRetries, proxyHost, proxyPort); + return hcb.build(); + } + + public static HttpClientBuilder getClientBuilder(int maxRetries, String proxyHost, int proxyPort) { + HttpClientBuilder hcb = HttpClients.custom() + .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE); + if (maxRetries > 0) { + hcb.setRetryHandler(new DefaultHttpRequestRetryHandler(10, false)); + } else { + hcb.disableAutomaticRetries(); + } + if (proxyHost != null && !proxyHost.isEmpty() && proxyPort > 0) { + hcb.setProxy(new HttpHost(proxyHost, proxyPort)); + } + hcb.setUserAgent("DongTai-IAST-Agent"); + return hcb; + } + + /** + * Download file + * + * @param fileURL file url + * @param fileName local file name + */ + protected static boolean downloadFile(String fileURL, String fileName, Map headers, + String proxyHost, int proxyPort) { + CloseableHttpClient client = null; + CloseableHttpResponse resp = null; + try { + client = getClient(0, proxyHost, proxyPort); + + HttpGet req = new HttpGet(fileURL); + resp = sendRequestInternal(client, req, null, headers, null); + if (resp == null) { + DongTaiLog.error("The remote file {} response empty", fileURL); + return false; + } + + String contentType = resp.getFirstHeader(HEADER_CONTENT_TYPE).getValue(); + if (MEDIA_TYPE_APPLICATION_JSON.equals(contentType) + || MEDIA_TYPE_TEXT_PLAIN.equals(contentType) + || MEDIA_TYPE_TEXT_HTML.equals(contentType)) { + String r = EntityUtils.toString(resp.getEntity(), "UTF-8"); + DongTaiLog.error("The remote file {} download failed. response: {}", fileURL, r); + return false; + } + + BufferedInputStream in = new BufferedInputStream(resp.getEntity().getContent()); + final File classPath = new File(new File(fileName).getParent()); + + if (!classPath.mkdirs() && !classPath.exists()) { + DongTaiLog.info("Check or create local file cache path, path is {}", classPath); + } + FileOutputStream fileOutputStream = new FileOutputStream(fileName); + byte[] dataBuffer = new byte[1024]; + int bytesRead; + while ((bytesRead = in.read(dataBuffer, 0, 1024)) != -1) { + fileOutputStream.write(dataBuffer, 0, bytesRead); + } + + dataBuffer = null; + in.close(); + fileOutputStream.close(); + DongTaiLog.info("The remote file {} was successfully written to the local file {}", fileURL, fileName); + return true; + } catch (Exception e) { + DongTaiLog.error("The remote file " + fileURL + " download failure", e); + } finally { + if (resp != null) { + try { + resp.close(); + } catch (IOException ignore) { + } + } + + if (client != null) { + try { + client.close(); + } catch (IOException ignore) { + } + } + } + return false; + } +} diff --git a/dongtai-common/src/test/java/io/dongtai/iast/common/utils/AbstractHttpClientUtilsTest.java b/dongtai-common/src/test/java/io/dongtai/iast/common/utils/AbstractHttpClientUtilsTest.java new file mode 100644 index 000000000..6af2dbea3 --- /dev/null +++ b/dongtai-common/src/test/java/io/dongtai/iast/common/utils/AbstractHttpClientUtilsTest.java @@ -0,0 +1,98 @@ +package io.dongtai.iast.common.utils; + +import io.dongtai.iast.common.enums.HttpMethods; +import io.dongtai.log.DongTaiLog; +import org.apache.http.client.config.RequestConfig; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClientBuilder; +import org.json.JSONObject; +import org.junit.*; + +import java.io.ByteArrayOutputStream; +import java.io.PrintStream; +import java.util.HashMap; +import java.util.Map; + +public class AbstractHttpClientUtilsTest { + private final PrintStream standardOut = System.out; + private final ByteArrayOutputStream outputStreamCaptor = new ByteArrayOutputStream(); + private final boolean oldEnableColor = DongTaiLog.enableColor; + + private static final String BASE_URL = "https://iast-test.huoxian.cn"; + + private void clear() { + outputStreamCaptor.reset(); + } + + @Before + public void setUp() { + DongTaiLog.enablePrintLog = true; + DongTaiLog.enableColor = false; + clear(); + System.setOut(new PrintStream(outputStreamCaptor)); + } + + @After + public void tearDown() { + DongTaiLog.enablePrintLog = false; + DongTaiLog.enableColor = oldEnableColor; + clear(); + System.setOut(standardOut); + } + + @Test + public void sendRequest() { + Map headers = new HashMap(); + headers.put("Content-Type", "application/json"); + + String url; + String data; + StringBuilder resp; + JSONObject respObj; + int status; + + url = BASE_URL + "/api/v1/captcha/refresh"; + resp = AbstractHttpClientUtils.sendRequest(HttpMethods.GET, url, null, headers, 0, "", -1, null); + respObj = new JSONObject(resp.toString()); + status = respObj.getInt("status"); + Assert.assertEquals("captcha/refresh status", 201, status); + + url = BASE_URL + "/api/v1/user/login"; + data = "{\"username\":\"test\",\"password\":\"test\",\"captcha\":\"test\",\"captcha_hash_key\":\"test\"}"; + resp = AbstractHttpClientUtils.sendRequest(HttpMethods.POST, url, data, headers, 0, "", -1, null); + respObj = new JSONObject(resp.toString()); + status = respObj.getInt("status"); + Assert.assertEquals("user/login status", 202, status); + + url = BASE_URL + ":55555"; + final String exMsg = "custom exception handler"; + HttpClientBuilder hcb = AbstractHttpClientUtils.getClientBuilder(0, "", -1); + RequestConfig requestConfig = RequestConfig.custom() + .setConnectTimeout(3000) + .setSocketTimeout(3000) + .build(); + hcb.setDefaultRequestConfig(requestConfig); + CloseableHttpClient client = hcb.build(); + resp = AbstractHttpClientUtils.sendRequest(client, HttpMethods.GET, url, null, headers, new AbstractHttpClientUtils.HttpClientExceptionHandler() { + @Override + public void run() { + clear(); + System.out.println(exMsg); + } + }); + String log = outputStreamCaptor.toString(); + Assert.assertEquals("exception handler resp", "", resp.toString()); + Assert.assertEquals("exception handler", exMsg, log.trim()); + } + + @Test + public void testDownloadFile() { + Map headers = new HashMap(); + headers.put("Authorization", "Token foo"); + String url = "https://iast-test.huoxian.cn/openapi/api/v1/engine/download?engineName=dongtai-api"; + boolean ok = AbstractHttpClientUtils.downloadFile(url, "/tmp/agent.jar", headers, "", -1); + Assert.assertFalse("invalid token download", ok); + String log = outputStreamCaptor.toString(); + Assert.assertTrue("invalid token download error", log.contains("[ERROR]") && log.contains("download failed")); + } +} \ No newline at end of file diff --git a/dongtai-core/pom.xml b/dongtai-core/pom.xml index 6ffe3bd7d..5e2940b01 100755 --- a/dongtai-core/pom.xml +++ b/dongtai-core/pom.xml @@ -12,9 +12,10 @@ dongtai-core dongtai-core - 2 + 8 + 8 + 1.18.20 - 4.5.13 2.1.3 1.1.3 1.3.7 @@ -144,8 +145,8 @@ org.apache.maven.plugins maven-compiler-plugin - 8 - 8 + ${maven.compiler.source} + ${maven.compiler.target} @@ -218,12 +219,6 @@ ${lombok.version} provided - - org.apache.httpcomponents - httpclient - ${apache-httpclient.version} - provided - io.dongtai.iast dongtai-log diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/models/IastHookRuleModel.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/models/IastHookRuleModel.java index c79887e1e..1fea36582 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/models/IastHookRuleModel.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/models/IastHookRuleModel.java @@ -249,7 +249,7 @@ public static void buildRemote() { } private static JSONArray loadRemoteRule() { - StringBuilder respRaw = HttpClientUtils.sendGet(ApiPath.HOOK_PROFILE, null, null); + StringBuilder respRaw = HttpClientUtils.sendGet(ApiPath.HOOK_PROFILE, null); if (respRaw != null) { JSONObject resp = new JSONObject(respRaw.toString()); return resp.getJSONArray("data"); diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/replay/HttpRequestReplay.java b/dongtai-core/src/main/java/io/dongtai/iast/core/replay/HttpRequestReplay.java index 543758583..4d17aa6cd 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/replay/HttpRequestReplay.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/replay/HttpRequestReplay.java @@ -1,14 +1,15 @@ package io.dongtai.iast.core.replay; +import io.dongtai.iast.common.enums.HttpMethods; import io.dongtai.iast.common.utils.base64.Base64Decoder; import io.dongtai.iast.core.handler.hookpoint.models.IastReplayModel; -import io.dongtai.iast.core.utils.*; +import io.dongtai.iast.core.utils.HttpClientHostnameVerifier; +import io.dongtai.iast.core.utils.IastTrustManager; import io.dongtai.log.DongTaiLog; import org.json.JSONArray; import org.json.JSONObject; -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.*; import java.io.*; import java.net.HttpURLConnection; import java.net.URL; @@ -31,6 +32,7 @@ public class HttpRequestReplay implements Runnable { private static final String PROTOCOL_HTTPS = "https"; public final static HostnameVerifier DO_NOT_VERIFY = new HttpClientHostnameVerifier(); + private static final String SSL_SIGNATURE = "TLSv1.2"; private final StringBuilder replayRequestRaw; public HttpRequestReplay(StringBuilder replayRequestRaw) { @@ -83,13 +85,12 @@ private static HashMap splitHeaderStringToHashmap(String origina * @param fullUrl http请求的地址 * @param data http请求的数据,用于post请求 * @param headers http请求的header头 - * @throws Exception http请求中抛出的异常 */ private static void sendRequest(String method, String fullUrl, String data, HashMap headers) { DongTaiLog.debug("Do request replay: method={},url={},data={},header={}",method,fullUrl,data,headers.toString()); HttpURLConnection connection = null; try { - HttpClientUtils.trustAllHosts(); + trustAllHosts(); URL url = new URL(fullUrl); if (PROTOCOL_HTTPS.equals(url.getProtocol().toLowerCase())) { HttpsURLConnection https = (HttpsURLConnection) url.openConnection(); @@ -125,9 +126,9 @@ private static void sendRequest(String method, String fullUrl, String data, Hash response.append('\r'); } rd.close(); - DongTaiLog.debug("Request replay response: {}",response); + DongTaiLog.debug("Request replay response: {}", response); } catch (Exception e) { - DongTaiLog.error("io.dongtai.iast.core.replay.HttpRequestReplay.sendRequest(java.lang.String,java.lang.String,java.lang.String,java.util.HashMap)",e); + DongTaiLog.error("io.dongtai.iast.core.replay.HttpRequestReplay.sendRequest(java.lang.String,java.lang.String,java.lang.String,java.util.HashMap)", e); } finally { if (connection != null) { connection.disconnect(); @@ -135,6 +136,17 @@ private static void sendRequest(String method, String fullUrl, String data, Hash } } + public static void trustAllHosts() { + TrustManager[] trustAllCerts = new TrustManager[]{new IastTrustManager()}; + try { + SSLContext sc = SSLContext.getInstance(SSL_SIGNATURE); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); + } catch (Exception e) { + DongTaiLog.error(e); + } + } + @Override public void run() { try { diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/HttpClientUtils.java b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/HttpClientUtils.java index a5f6d993d..e297e2735 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/HttpClientUtils.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/HttpClientUtils.java @@ -1,193 +1,72 @@ package io.dongtai.iast.core.utils; +import io.dongtai.iast.common.enums.HttpMethods; +import io.dongtai.iast.common.utils.AbstractHttpClientUtils; import io.dongtai.iast.core.EngineManager; -import io.dongtai.log.DongTaiLog; -import javax.net.ssl.*; -import java.io.*; -import java.net.*; -import java.nio.charset.Charset; import java.util.HashMap; import java.util.Map; -import java.util.zip.GZIPOutputStream; /** * @author dongzhiyong@huoxian.cn */ -public class HttpClientUtils { +public class HttpClientUtils extends AbstractHttpClientUtils { + private static final int MAX_RETRIES = 10; - private static final String PROTOCOL_HTTPS = "https"; - private static final String REQUEST_HEADER_CONTENT_TYPE = "Content-Type"; - private static final String REQUEST_HEADER_CONTENT_ENCODING = "Content-Encoding"; - private static final String REQUEST_HEADER_USER_AGENT = "user-agent"; - private static final String MEDIA_TYPE_APPLICATION_JSON = "application/json"; - private static final String REQUEST_HEADER_TOKEN_KEY = "Authorization"; - private static final String REQUEST_ENCODING_TYPE = "gzip"; - private static final String SSL_SIGNATURE = "TLSv1.2"; - public final static HostnameVerifier DO_NOT_VERIFY = new HttpClientHostnameVerifier(); - private final static PropertyUtils PROPERTIES = PropertyUtils.getInstance(); - private final static Proxy PROXY = loadProxy(); - private static Integer FAILED_CONNECTION_COUNT = 0; + private static final PropertyUtils PROPERTIES = PropertyUtils.getInstance(); + private static String proxyHost = ""; + private static int proxyPort = -1; - public static StringBuilder sendGet(String uri, String arg, String value) { - try { - if (arg != null && value != null) { - return sendRequest(HttpMethods.GET, PROPERTIES.getBaseUrl(), uri + "?" + arg + "=" + value, null, null, - PROXY); - } else { - return sendRequest(HttpMethods.GET, PROPERTIES.getBaseUrl(), uri, null, null, PROXY); - } - } catch (Exception e) { - return null; + private static final HttpClientExceptionHandler EXCEPTION_HANDLER = new HttpClientExceptionHandler() { + @Override + public void run() { + EngineManager.turnOffEngine(); } - } + }; - public static StringBuilder sendPost(String uri, String value) { - StringBuilder response; - response = sendRequest(HttpMethods.POST, PROPERTIES.getBaseUrl(), uri, value, null, PROXY); - return response; + static { + if (PROPERTIES.isProxyEnable()) { + proxyHost = PROPERTIES.getProxyHost(); + proxyPort = PROPERTIES.getProxyPort(); + } } - private static StringBuilder sendRequest(HttpMethods method, String baseUrl, String urlStr, String data, - HashMap headers, Proxy proxy) { - HttpURLConnection connection = null; - StringBuilder response = new StringBuilder(); - try { - trustAllHosts(); - URL url = new URL(baseUrl + urlStr); - // 通过请求地址判断请求类型(http或者是https) - if (PROTOCOL_HTTPS.equalsIgnoreCase(url.getProtocol())) { - HttpsURLConnection https = proxy == null ? (HttpsURLConnection) url.openConnection() - : (HttpsURLConnection) url.openConnection(proxy); - https.setHostnameVerifier(DO_NOT_VERIFY); - connection = https; - } else { - connection = proxy == null ? (HttpURLConnection) url.openConnection() - : (HttpURLConnection) url.openConnection(proxy); - } - - connection.setRequestMethod(method.name()); - if (HttpMethods.POST.equals(method)) { - connection.setRequestProperty(REQUEST_HEADER_CONTENT_TYPE, MEDIA_TYPE_APPLICATION_JSON); - connection.setRequestProperty(REQUEST_HEADER_CONTENT_ENCODING, REQUEST_ENCODING_TYPE); - connection.setRequestProperty(REQUEST_HEADER_USER_AGENT, - "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.94 Safari/537.36 IAST-AGENT"); - } - //fixme:根据配置文件动态获取token和http请求头,用于后续自定义操作 - connection.setRequestProperty(REQUEST_HEADER_USER_AGENT, "DongTai-IAST-Agent"); - connection.setRequestProperty(REQUEST_HEADER_TOKEN_KEY, - "Token " + PropertyUtils.getInstance().getIastServerToken()); - // 插入自定义的 - if (null != headers) { - for (Map.Entry entry : headers.entrySet()) { - connection.setRequestProperty(entry.getKey(), entry.getValue()); - } - } - - //Send request - if (HttpMethods.POST.equals(method)) { - connection.setUseCaches(false); - connection.setDoOutput(true); - - GZIPOutputStream wr = new GZIPOutputStream(connection.getOutputStream()); - wr.write(data.getBytes(Charset.forName("UTF-8"))); - wr.close(); - } - InputStream is = connection.getInputStream(); - BufferedReader rd = new BufferedReader(new InputStreamReader(is)); - String line; - while ((line = rd.readLine()) != null) { - response.append(line); - response.append('\r'); - } - rd.close(); - DongTaiLog.trace("dongtai upload url is {}, request is {} ,response is {}", urlStr, data, response.toString()); - return response; - } catch (Exception e) { - DongTaiLog.error("io.dongtai.iast.core.utils.HttpClientUtils.sendRequest(io.dongtai.iast.core.utils.HttpMethods,java.lang.String,java.lang.String,java.lang.String,java.util.HashMap,java.net.Proxy)",e); - FAILED_CONNECTION_COUNT++; - if (FAILED_CONNECTION_COUNT > 10){ - DongTaiLog.info("The network connection is abnormal, DongTai engine is shut down."); - EngineManager.turnOffEngine(); - FAILED_CONNECTION_COUNT = 0; - } - } finally { - if (connection != null) { - connection.disconnect(); + public static StringBuilder sendGet(String uri, Map parameters) { + if (parameters != null && !parameters.isEmpty()) { + StringBuilder uriBuilder = new StringBuilder(uri); + uriBuilder.append("?"); + for (Map.Entry entry : parameters.entrySet()) { + uriBuilder.append(entry.getKey()).append("=").append(entry.getValue()).append("&"); } + uri = uriBuilder.toString(); } - return response; - } - /** - * 从云端下载jar包 - * - * @param fileURI 云端对应URI - * @param fileName 本地文件名及地址 - */ - public static void downloadRemoteJar(String fileURI, String fileName) { - try { - URL url = new URL(PROPERTIES.getBaseUrl().concat(fileURI)); - HttpURLConnection connection = PROXY == null ? (HttpURLConnection) url.openConnection() - : (HttpURLConnection) url.openConnection(PROXY); + Map headers = new HashMap(); + setToken(headers); - connection.setRequestMethod("GET"); - connection.setRequestProperty("User-Agent", "DongTai-IAST-Agent"); - connection.setRequestProperty("Authorization", "Token " + PROPERTIES.getIastServerToken()); - connection.setUseCaches(false); - connection.setDoOutput(true); + return sendRequest(HttpMethods.GET, PROPERTIES.getBaseUrl() + uri, null, headers, MAX_RETRIES, + proxyHost, proxyPort, EXCEPTION_HANDLER); + } - BufferedInputStream in = new BufferedInputStream(connection.getInputStream()); - final File classPath = new File(new File(fileName).getParent()); + public static StringBuilder sendPost(String uri, String value) { + Map headers = new HashMap(); + setToken(headers); + headers.put(HEADER_CONTENT_TYPE, MEDIA_TYPE_APPLICATION_JSON); + headers.put(HEADER_CONTENT_ENCODING, REQUEST_ENCODING_TYPE); - if (!classPath.mkdirs() && !classPath.exists()) { - DongTaiLog.info("Check or create local file cache path, path is {}", classPath); - } - FileOutputStream fileOutputStream = new FileOutputStream(fileName); - byte[] dataBuffer = new byte[1024]; - int bytesRead; - while ((bytesRead = in.read(dataBuffer, 0, 1024)) != -1) { - fileOutputStream.write(dataBuffer, 0, bytesRead); - } - dataBuffer = null; - in.close(); - fileOutputStream.close(); - DongTaiLog.info("The remote file {} was successfully written to the local cache", fileURI); - } catch (Exception ignore) { - DongTaiLog.error("The remote file {} download failure, please check the dongtai-token", fileURI); - } + return sendRequest(HttpMethods.POST, PROPERTIES.getBaseUrl() + uri, value, headers, MAX_RETRIES, + proxyHost, proxyPort, EXCEPTION_HANDLER); } - /** - * 根据配置文件创建http/https代理 - */ - private static Proxy loadProxy() { - try { - if (PROPERTIES.isProxyEnable()) { - Proxy proxy; - proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress( - PROPERTIES.getProxyHost(), - PROPERTIES.getProxyPort() - )); - return proxy; - } - } catch (Throwable e) { - DongTaiLog.error(e); - } - return null; - } + public static boolean downloadRemoteJar(String fileURI, String fileName) { + Map headers = new HashMap(); + setToken(headers); - public static void trustAllHosts() { - TrustManager[] trustAllCerts = new TrustManager[]{new IastTrustManager()}; - try { - SSLContext sc = SSLContext.getInstance(SSL_SIGNATURE); - sc.init(null, trustAllCerts, new java.security.SecureRandom()); - HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); - } catch (Exception e) { - DongTaiLog.error(e); - } + return downloadFile(PROPERTIES.getBaseUrl() + fileURI, fileName, headers, proxyHost, proxyPort); } - + private static void setToken(Map headers) { + headers.put(REQUEST_HEADER_TOKEN_KEY, "Token " + PROPERTIES.getIastServerToken()); + } } diff --git a/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java b/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java index 85ee00f1f..ccc34107c 100644 --- a/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java +++ b/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java @@ -12,9 +12,9 @@ */ public class DongTaiLog { - static boolean enablePrintLog; + public static boolean enablePrintLog; static String filePath; - static boolean enableColor; + public static boolean enableColor; static boolean isCreateLog = false; public static LogLevel LEVEL = getCurrentLevel(); diff --git a/pom.xml b/pom.xml index b39941b7d..4c3650c88 100644 --- a/pom.xml +++ b/pom.xml @@ -10,14 +10,13 @@ 1.6 1.6 - 3.2.0 + 2.3.2 1.3.0 1.4 1.6 ${java.home}/../lib/tools.jar - 2.2.3 1.2.1 @@ -29,8 +28,6 @@ 1.9.0 9.2 4.13.1 - 2.2.0 - 2 3.1.0 2.4 5.0.0