Merge branch 'v3.x.x' into reboot/fix/authentication_header_for_route…

…d_requests
zowe · Feb 24, 2025 · 7163495 · 7163495
2 parents 4f65e6b + d7bf3bb
commit 7163495
Show file tree

Hide file tree

Showing 3 changed files with 56 additions and 5 deletions.
diff --git a/client-cert-auth-sample/README.md b/client-cert-auth-sample/README.md
@@ -0,0 +1,39 @@
+# Run Client Certificate Authentication Sample
+
+This project is a Java-based client that performs authentication using a client certificate. 
+It utilizes the Apache HTTP Client to send an HTTPS request with client certificate authentication.
+
+## Prerequisites
+
+1. Java 17
+2. A valid trusted client certificate stored in a PKCS12 keystore (.p12 or .pfx file)
+
+## Running the application
+
+1. Build the client-cert-auth-sample
+2. Export the following environment variables:
+
+   **macOS:**
+
+   ```shell
+   export API_URL="<API_URL>"
+   export CLIENT_CERT_PATH="<CLIENT_CERT_PATH>"
+   export CLIENT_CERT_PASSWORD="<CLIENT_CERT_PASSWORD>"
+   export CLIENT_CERT_ALIAS="<CLIENT_CERT_ALIAS>"
+   export PRIVATE_KEY_ALIAS="<PRIVATE_KEY_ALIAS>"
+   ```
+   **Windows:**
+
+   ```shell
+   set API_URL="<API_URL>"
+   set CLIENT_CERT_PATH="<CLIENT_CERT_PATH>"
+   set CLIENT_CERT_PASSWORD="<CLIENT_CERT_PASSWORD>"
+   set CLIENT_CERT_ALIAS="<CLIENT_CERT_ALIAS>"
+   set PRIVATE_KEY_ALIAS="<PRIVATE_KEY_ALIAS>"
+   ```
+
+3. Run the JAR located inside the `build/libs` folder with the SSL debug argument:
+   ```shell
+   java -jar client-cert-auth-sample.jar -Djavax.net.debug=all
+   ```
+This will output detailed information about the SSL handshake and certificate validation process.
diff --git a/client-cert-auth-sample/build.gradle b/client-cert-auth-sample/build.gradle
@@ -16,3 +16,14 @@ dependencies {
 test {
     useJUnitPlatform()
 }
+
+jar {
+    manifest {
+        attributes 'Main-Class': 'org.zowe.apiml.Main'
+    }
+    from {
+        configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) }
+    }
+    duplicatesStrategy = DuplicatesStrategy.EXCLUDE
+}
+
diff --git a/client-cert-auth-sample/src/main/java/org/zowe/apiml/Main.java b/client-cert-auth-sample/src/main/java/org/zowe/apiml/Main.java
@@ -20,14 +20,15 @@
 import java.io.FileInputStream;
 import java.security.KeyStore;
 import java.security.cert.Certificate;
+import java.util.Optional;
 
 public class Main {
 
-    private static final String API_URL = "https://localhost:8080/gateway/api/v1/auth/login"; // Replace with your API URL
-    private static final String CLIENT_CERT_PATH = "../keystore/client_cert/client-certs.p12"; // Replace with your client cert path
-    private static final String CLIENT_CERT_PASSWORD = "password"; // Replace with your cert password
-    private static final String CLIENT_CERT_ALIAS = "apimtst"; // Replace with your signed client cert alias
-    private static final String PRIVATE_KEY_ALIAS = "apimtst"; // Replace with your private key alias
+    private static final String API_URL = Optional.ofNullable(System.getenv("API_URL")).orElse("https://localhost:8080") + "/gateway/api/v1/auth/login"; // Replace with your API URL
+    private static final String CLIENT_CERT_PATH = Optional.ofNullable(System.getenv("CLIENT_CERT_PATH")).orElse("client-cert.p12"); // Replace with your client cert path
+    private static final String CLIENT_CERT_PASSWORD = Optional.ofNullable(System.getenv("CLIENT_CERT_PASSWORD")).orElse("password"); // Replace with your cert password
+    private static final String CLIENT_CERT_ALIAS = Optional.ofNullable(System.getenv("CLIENT_CERT_ALIAS")).orElse("apimtst"); // Replace with your signed client cert alias
+    private static final String PRIVATE_KEY_ALIAS = Optional.ofNullable(System.getenv("PRIVATE_KEY_ALIAS")).orElse("apimtst"); // Replace with your private key alias
 
 
     public static void main(String[] args) {