From 3167f3a9021b5c90c5700333420bd09990116283 Mon Sep 17 00:00:00 2001
From: Jose Montoya <jam01@protonmail.com>
Date: Fri, 18 Dec 2020 19:52:39 -0600
Subject: [PATCH] adds support for disabling ssl

---
 .../plugin/internal/KeycloakAdminClient.java  | 25 ++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/github/flytreeleft/nexus3/keycloak/plugin/internal/KeycloakAdminClient.java b/src/main/java/org/github/flytreeleft/nexus3/keycloak/plugin/internal/KeycloakAdminClient.java
index fac3757..1f45a1f 100644
--- a/src/main/java/org/github/flytreeleft/nexus3/keycloak/plugin/internal/KeycloakAdminClient.java
+++ b/src/main/java/org/github/flytreeleft/nexus3/keycloak/plugin/internal/KeycloakAdminClient.java
@@ -3,6 +3,9 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URI;
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
@@ -10,7 +13,11 @@
 
 import com.fasterxml.jackson.core.type.TypeReference;
 import org.apache.http.client.HttpClient;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.conn.ssl.TrustAllStrategy;
+import org.apache.http.impl.client.HttpClientBuilder;
 import org.apache.http.impl.client.HttpClients;
+import org.apache.http.ssl.SSLContextBuilder;
 import org.apache.shiro.util.StringUtils;
 import org.github.flytreeleft.nexus3.keycloak.plugin.internal.http.ClientAuthenticator;
 import org.github.flytreeleft.nexus3.keycloak.plugin.internal.http.Http;
@@ -302,7 +309,23 @@ public AdapterConfig getConfig() {
 
     public synchronized Http getHttp() {
         if (this.http == null) {
-            HttpClient httpClient = HttpClients.createDefault();
+            HttpClient httpClient = null;
+
+            try {
+                HttpClientBuilder builder = HttpClients.custom();
+
+                if (this.config.isDisableTrustManager()) {
+                    builder.setSSLContext(new SSLContextBuilder().loadTrustMaterial(null, TrustAllStrategy.INSTANCE).build());
+                }
+                if (this.config.isAllowAnyHostname()) {
+                    builder.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE);
+                }
+
+                httpClient = builder.build();
+            } catch (Exception e) {
+                throw new IllegalArgumentException(e);
+            }
+
             ClientAuthenticator clientAuthenticator = (HttpMethod httpMethod) -> {
                 String token = getTokenManager().getAccessTokenString();