Merge pull request #5 from Gared/https

jhollinger · jhollinger · commit b7f2396ef989 · 2013-01-16T22:38:47.000-08:00
Add possibility to request https api urls
diff --git a/org/etherpad_lite_client/EPLiteClient.java b/org/etherpad_lite_client/EPLiteClient.java
@@ -22,6 +22,14 @@
 import java.util.Map;
 import java.util.HashMap;
 import java.util.Iterator;
+
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
 import org.json.*;
 
 /**
@@ -713,6 +721,8 @@ private HashMap call(String apiMethod, HashMap apiArgs, String httpMethod) {
                 }
             }
         }
+        
+        trustServerAndCertificate();
 
         // Execute the API call
         String path = this.uri.getPath() + "/" + API_VERSION + "/" + apiMethod;
@@ -741,6 +751,43 @@ else if (httpMethod == "POST") {
             throw new EPLiteException("Unable to connect to Etherpad Lite instance (" + e.getClass() + "): " + e.getMessage());
         }
     }
+    
+    /**
+     * Creates a trust manager to trust all certificates if you open a ssl connection
+     */
+	private void trustServerAndCertificate() {
+		// Create a trust manager that does not validate certificate chains
+		TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
+				public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+					return null;
+				}
+		
+				public void checkClientTrusted(
+						java.security.cert.X509Certificate[] certs, String authType) {
+				}
+		
+				public void checkServerTrusted(
+						java.security.cert.X509Certificate[] certs, String authType) {
+				}
+			}
+		};
+
+		// Install the all-trusting trust manager
+		try {
+			SSLContext sc = SSLContext.getInstance("SSL");
+			sc.init(null, trustAllCerts, new java.security.SecureRandom());
+			HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+		} catch (Exception e) {
+		}
+
+		HostnameVerifier hv = new HostnameVerifier() {
+			@Override
+			public boolean verify(String hostname, SSLSession session) {
+				return true;
+			}
+		};
+		HttpsURLConnection.setDefaultHostnameVerifier(hv);
+	}
 
     /**
      * Converts the API resonse's JSON string into a HashMap.
