Package org.owasp.dependencycheck.utils
Class Downloader
- java.lang.Object
-
- org.owasp.dependencycheck.utils.Downloader
-
public final class Downloader extends java.lang.Object
A Utility class to centralize download logic like HTTP(S) proxy configuration and proxy- and server credential handling.- Author:
- Jeremy Long, Hans Aikema
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
configure(Settings settings)
Initialize the Downloader from the settings.<T> T
fetchAndHandle(@NotNull java.net.URL url, @NotNull org.apache.hc.core5.http.io.HttpClientResponseHandler<T> handler)
Download a resource from the given URL and have its content handled by the given ResponseHandler.<T> T
fetchAndHandle(@NotNull java.net.URL url, @NotNull org.apache.hc.core5.http.io.HttpClientResponseHandler<T> handler, @NotNull java.util.List<org.apache.hc.core5.http.Header> hdr)
Download a resource from the given URL and have its content handled by the given ResponseHandler.<T> T
fetchAndHandle(@NotNull java.net.URL url, @NotNull org.apache.hc.core5.http.io.HttpClientResponseHandler<T> handler, @NotNull java.util.List<org.apache.hc.core5.http.Header> hdr, boolean useProxy)
Download a resource from the given URL and have its content handled by the given ResponseHandler.<T> T
fetchAndHandle(@NotNull org.apache.hc.client5.http.impl.classic.CloseableHttpClient client, @NotNull java.net.URL url, @NotNull org.apache.hc.core5.http.io.HttpClientResponseHandler<T> handler, @NotNull java.util.List<org.apache.hc.core5.http.Header> hdr)
Download a resource from the given URL and have its content handled by the given ResponseHandler.java.lang.String
fetchContent(java.net.URL url, boolean useProxy, java.nio.charset.Charset charset)
Retrieves a file from a given URL and returns the contents.java.lang.String
fetchContent(java.net.URL url, java.nio.charset.Charset charset)
Retrieves a file from a given URL and returns the contents.void
fetchFile(java.net.URL url, java.io.File outputPath)
Retrieves a file from a given URL and saves it to the outputPath.void
fetchFile(java.net.URL url, java.io.File outputPath, boolean useProxy)
Retrieves a file from a given URL and saves it to the outputPath.void
fetchFile(java.net.URL url, java.io.File outputPath, boolean useProxy, java.lang.String userKey, java.lang.String passwordKey, java.lang.String tokenKey)
Retrieves a file from a given URL using an ad-hoc created CredentialsProvider if needed and saves it to the outputPath.org.apache.hc.client5.http.impl.classic.CloseableHttpClient
getHttpClient(boolean useProxy)
Gets a pre-configured HttpClient.static Downloader
getInstance()
The singleton instance for downloading file resources.org.apache.hc.client5.http.protocol.HttpClientContext
getPreEmptiveAuthContext()
Gets a HttpClientContext that supports pre-emptive authentication.java.lang.String
postBasedFetchContent(java.net.URI url, java.lang.String payload, org.apache.hc.core5.http.ContentType payloadType, java.util.List<org.apache.hc.core5.http.Header> hdr)
Posts a payload to the URL and returns the response as a string.
-
-
-
Method Detail
-
getInstance
public static Downloader getInstance()
The singleton instance for downloading file resources.- Returns:
- The singleton instance managing download credentials and proxy configuration
-
configure
public void configure(Settings settings) throws InvalidSettingException
Initialize the Downloader from the settings. Extracts the configured proxy- and credential information from the settings and system properties and caches those for future use by the Downloader.- Parameters:
settings
- The settings to configure from- Throws:
InvalidSettingException
- When improper configurations are found.
-
fetchFile
public void fetchFile(java.net.URL url, java.io.File outputPath) throws DownloadFailedException, TooManyRequestsException, ResourceNotFoundException, URLConnectionFailureException
Retrieves a file from a given URL and saves it to the outputPath.- Parameters:
url
- the URL of the file to downloadoutputPath
- the path to the save the file to- Throws:
DownloadFailedException
- is thrown if there is an error downloading the fileURLConnectionFailureException
- is thrown when certificate-chain trust errors occur downloading the fileTooManyRequestsException
- thrown when a 429 is receivedResourceNotFoundException
- thrown when a 404 is received
-
fetchFile
public void fetchFile(java.net.URL url, java.io.File outputPath, boolean useProxy) throws DownloadFailedException, TooManyRequestsException, ResourceNotFoundException, URLConnectionFailureException
Retrieves a file from a given URL and saves it to the outputPath.- Parameters:
url
- the URL of the file to downloadoutputPath
- the path to the save the file touseProxy
- whether to use the configured proxy when downloading files- Throws:
DownloadFailedException
- is thrown if there is an error downloading the fileURLConnectionFailureException
- is thrown when certificate-chain trust errors occur downloading the fileTooManyRequestsException
- thrown when a 429 is receivedResourceNotFoundException
- thrown when a 404 is received
-
fetchFile
public void fetchFile(java.net.URL url, java.io.File outputPath, boolean useProxy, java.lang.String userKey, java.lang.String passwordKey, java.lang.String tokenKey) throws DownloadFailedException, TooManyRequestsException, ResourceNotFoundException, URLConnectionFailureException
Retrieves a file from a given URL using an ad-hoc created CredentialsProvider if needed and saves it to the outputPath.- Parameters:
url
- the URL of the file to downloadoutputPath
- the path to the save the file touseProxy
- whether to use the configured proxy when downloading filesuserKey
- The settings property key for a potentially configured configured Basic-auth usernamepasswordKey
- The settings property key for a potentially configured configured Basic-auth passwordtokenKey
- The settings property key for a potentially configured Bearer-auth token- Throws:
DownloadFailedException
- is thrown if there is an error downloading the fileURLConnectionFailureException
- is thrown when certificate-chain trust errors occur downloading the fileTooManyRequestsException
- thrown when a 429 is receivedResourceNotFoundException
- thrown when a 404 is received- Implementation Note:
- This method should only be used in cases where the target host cannot be determined beforehand from settings, so that ad-hoc
Credentials needs to be constructed for the target URL when the user/password keys point to configured credentials. The method delegates to
fetchFile(URL, File, boolean)
when credentials are not configured for the given keys or the resource points to a file.
-
postBasedFetchContent
public java.lang.String postBasedFetchContent(java.net.URI url, java.lang.String payload, org.apache.hc.core5.http.ContentType payloadType, java.util.List<org.apache.hc.core5.http.Header> hdr) throws DownloadFailedException, TooManyRequestsException, ResourceNotFoundException, URLConnectionFailureException
Posts a payload to the URL and returns the response as a string.- Parameters:
url
- the URL to POST topayload
- the Payload to postpayloadType
- the string describing the payload's mime-typehdr
- Additional headers to add to the HTTP request- Returns:
- the content of the response
- Throws:
DownloadFailedException
- is thrown if there is an error downloading the fileURLConnectionFailureException
- is thrown when certificate-chain trust errors occur downloading the fileTooManyRequestsException
- thrown when a 429 is receivedResourceNotFoundException
- thrown when a 404 is received
-
fetchContent
public java.lang.String fetchContent(java.net.URL url, java.nio.charset.Charset charset) throws DownloadFailedException, TooManyRequestsException, ResourceNotFoundException
Retrieves a file from a given URL and returns the contents.- Parameters:
url
- the URL of the file to downloadcharset
- The characterset to use to interpret the binary content of the file- Returns:
- the content of the file
- Throws:
DownloadFailedException
- is thrown if there is an error downloading the fileTooManyRequestsException
- thrown when a 429 is receivedResourceNotFoundException
- thrown when a 404 is received
-
fetchContent
public java.lang.String fetchContent(java.net.URL url, boolean useProxy, java.nio.charset.Charset charset) throws DownloadFailedException, TooManyRequestsException, ResourceNotFoundException
Retrieves a file from a given URL and returns the contents.- Parameters:
url
- the URL of the file to downloaduseProxy
- whether to use the configured proxy when downloading filescharset
- The characterset to use to interpret the binary content of the file- Returns:
- the content of the file
- Throws:
DownloadFailedException
- is thrown if there is an error downloading the fileTooManyRequestsException
- thrown when a 429 is receivedResourceNotFoundException
- thrown when a 404 is received
-
getPreEmptiveAuthContext
public org.apache.hc.client5.http.protocol.HttpClientContext getPreEmptiveAuthContext()
Gets a HttpClientContext that supports pre-emptive authentication.- Returns:
- A HttpClientContext pre-configured with the authentication cache build from the settings.
-
getHttpClient
public org.apache.hc.client5.http.impl.classic.CloseableHttpClient getHttpClient(boolean useProxy)
Gets a pre-configured HttpClient. Mainly targeted for use in paged resultset scenarios with multiple roundtrips.- Parameters:
useProxy
- Whether to use the configuration that includes proxy-settings- Returns:
- A HttpClient pre-configured with the settings.
-
fetchAndHandle
public <T> T fetchAndHandle(@NotNull @NotNull java.net.URL url, @NotNull @NotNull org.apache.hc.core5.http.io.HttpClientResponseHandler<T> handler) throws java.io.IOException, TooManyRequestsException, ResourceNotFoundException, java.net.URISyntaxException
Download a resource from the given URL and have its content handled by the given ResponseHandler.- Type Parameters:
T
- The return-type for the responseHandler- Parameters:
url
- The url of the resourcehandler
- The responsehandler to handle the response- Returns:
- The response handler result
- Throws:
java.io.IOException
- on I/O ExceptionsTooManyRequestsException
- When HTTP status 429 is encounteredResourceNotFoundException
- When HTTP status 404 is encounteredjava.net.URISyntaxException
-
fetchAndHandle
public <T> T fetchAndHandle(@NotNull @NotNull java.net.URL url, @NotNull @NotNull org.apache.hc.core5.http.io.HttpClientResponseHandler<T> handler, @NotNull @NotNull java.util.List<org.apache.hc.core5.http.Header> hdr) throws java.io.IOException, TooManyRequestsException, ResourceNotFoundException, java.net.URISyntaxException
Download a resource from the given URL and have its content handled by the given ResponseHandler.- Type Parameters:
T
- The return-type for the responseHandler- Parameters:
url
- The url of the resourcehandler
- The responsehandler to handle the responsehdr
- Additional headers to add to the HTTP request- Returns:
- The response handler result
- Throws:
java.io.IOException
- on I/O ExceptionsTooManyRequestsException
- When HTTP status 429 is encounteredResourceNotFoundException
- When HTTP status 404 is encounteredjava.net.URISyntaxException
-
fetchAndHandle
public <T> T fetchAndHandle(@NotNull @NotNull java.net.URL url, @NotNull @NotNull org.apache.hc.core5.http.io.HttpClientResponseHandler<T> handler, @NotNull @NotNull java.util.List<org.apache.hc.core5.http.Header> hdr, boolean useProxy) throws java.io.IOException, TooManyRequestsException, ResourceNotFoundException, java.net.URISyntaxException
Download a resource from the given URL and have its content handled by the given ResponseHandler.- Type Parameters:
T
- The return-type for the responseHandler- Parameters:
url
- The url of the resourcehandler
- The responsehandler to handle the responsehdr
- Additional headers to add to the HTTP requestuseProxy
- Whether to use the configured proxy for the connection- Returns:
- The response handler result
- Throws:
java.io.IOException
- on I/O ExceptionsTooManyRequestsException
- When HTTP status 429 is encounteredResourceNotFoundException
- When HTTP status 404 is encounteredjava.net.URISyntaxException
-
fetchAndHandle
public <T> T fetchAndHandle(@NotNull @NotNull org.apache.hc.client5.http.impl.classic.CloseableHttpClient client, @NotNull @NotNull java.net.URL url, @NotNull @NotNull org.apache.hc.core5.http.io.HttpClientResponseHandler<T> handler, @NotNull @NotNull java.util.List<org.apache.hc.core5.http.Header> hdr) throws java.io.IOException, TooManyRequestsException, ResourceNotFoundException
Download a resource from the given URL and have its content handled by the given ResponseHandler.- Type Parameters:
T
- The return-type for the responseHandler- Parameters:
client
- The HTTP Client to reuse for the requesturl
- The url of the resourcehandler
- The responsehandler to handle the responsehdr
- Additional headers to add to the HTTP request- Returns:
- The response handler result
- Throws:
java.io.IOException
- on I/O ExceptionsTooManyRequestsException
- When HTTP status 429 is encounteredResourceNotFoundException
- When HTTP status 404 is encountered
-
-