Refactor, change to RestClient

Author: jorge-romero

external-service-aap/src/main/java/org/opendevstack/apiservice/externalservice/aap/config/ExternalServiceConfig.java

@@ -1,29 +1,20 @@
 package org.opendevstack.apiservice.externalservice.aap.config;
 
+import lombok.extern.slf4j.Slf4j;
+import org.opendevstack.apiservice.externalservice.api.http.RestClientFactory;
 import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
-import org.springframework.boot.web.client.RestTemplateBuilder;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.http.client.SimpleClientHttpRequestFactory;
 import org.springframework.scheduling.annotation.EnableAsync;
-import org.springframework.util.StringUtils;
-import org.springframework.web.client.RestTemplate;
-
-import lombok.extern.slf4j.Slf4j;
-
-import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManagerFactory;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.net.HttpURLConnection;
-import java.security.GeneralSecurityException;
-import java.security.KeyStore;
-import java.security.SecureRandom;
+import org.springframework.web.client.RestClient;
 
 /**
- * Configuration class for external service components.
+ * Configuration class for the Ansible Automation Platform external service.
+ *
+ * <p>SSL wiring is delegated to {@link RestClientFactory} in {@code external-service-api};
+ * no SSL boilerplate lives here.
  */
 @Configuration
 @EnableAsync
@@ -33,59 +24,25 @@ public class ExternalServiceConfig {
 
     private final SslProperties sslProperties;
 
+    @Value("${automation.platform.ansible.timeout:30000}")
+    private int timeoutMs;
+
     public ExternalServiceConfig(@Qualifier("aapSslProperties") SslProperties sslProperties) {
         this.sslProperties = sslProperties;
     }
 
     /**
-     * Creates a RestTemplate bean for HTTP client operations with configurable SSL settings.
+     * {@link RestClient} bean for the Ansible Automation Platform.
+     *
+     * <p>SSL and timeouts are configured via {@code automation.platform.ansible.ssl.*}
+     * and {@code automation.platform.ansible.timeout} properties respectively.
      *
-     * @return RestTemplate instance with SSL configuration
+     * @param builder Spring prototype builder (injected fresh per bean definition)
+     * @return configured {@link RestClient}
      */
     @Bean
-    public RestTemplate restTemplate(RestTemplateBuilder restTemplateBuilder) {
-        log.info("SSL certificate verification is ENABLED");
-        return createSecureRestTemplate();
-    }
-
-    private RestTemplate createSecureRestTemplate() {
-        if (!StringUtils.hasText(sslProperties.getTrustStorePath())) {
-            log.info("No custom trust store configured, using JVM default trust store");
-            return new RestTemplate();
-        }
-
-        try {
-            log.info("Loading custom trust store from: {}", sslProperties.getTrustStorePath());
-            KeyStore trustStore = KeyStore.getInstance(sslProperties.getTrustStoreType());
-            try (FileInputStream fis = new FileInputStream(sslProperties.getTrustStorePath())) {
-                char[] password = StringUtils.hasText(sslProperties.getTrustStorePassword())
-                        ? sslProperties.getTrustStorePassword().toCharArray()
-                        : new char[0];
-                trustStore.load(fis, password);
-            }
-
-            TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-            tmf.init(trustStore);
-
-            SSLContext sslContext = SSLContext.getInstance("TLS");
-            sslContext.init(null, tmf.getTrustManagers(), new SecureRandom());
-
-            SimpleClientHttpRequestFactory requestFactory = new SimpleClientHttpRequestFactory() {
-                @Override
-                protected void prepareConnection(HttpURLConnection connection, String httpMethod) throws IOException {
-                    if (connection instanceof HttpsURLConnection httpsConnection) {
-                        httpsConnection.setSSLSocketFactory(sslContext.getSocketFactory());
-                    }
-                    super.prepareConnection(connection, httpMethod);
-                }
-            };
-
-            return new RestTemplate(requestFactory);
-
-        } catch (GeneralSecurityException | IOException e) {
-            log.error("Failed to load custom trust store '{}', falling back to JVM default: {}",
-                    sslProperties.getTrustStorePath(), e.getMessage());
-            return new RestTemplate();
-        }
+    public RestClient aapRestClient(RestClient.Builder builder) {
+        log.info("Creating AAP RestClient (connect/read timeout={}ms)", timeoutMs);
+        return RestClientFactory.build(builder, sslProperties, timeoutMs, timeoutMs);
     }
 }

external-service-aap/src/main/java/org/opendevstack/apiservice/externalservice/aap/config/SslProperties.java

@@ -1,67 +1,16 @@
 package org.opendevstack.apiservice.externalservice.aap.config;
 
+import org.opendevstack.apiservice.externalservice.api.http.ExternalServiceSslProperties;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.stereotype.Component;
 
 /**
- * Configuration properties for SSL settings in external service calls.
+ * SSL configuration properties for the Ansible Automation Platform external service.
+ * Binds to the {@code automation.platform.ansible.ssl} prefix.
  */
 @Component("aapSslProperties")
 @ConfigurationProperties(prefix = "automation.platform.ansible.ssl")
-public class SslProperties {
-    
-    /**
-     * Whether to verify SSL certificates when making external service calls.
-     * Default is true for security.
-     */
-    private boolean verifyCertificates = true;
-    
-    /**
-     * Path to the trust store file for SSL certificate validation.
-     * Optional - if not provided, uses system default trust store.
-     */
-    private String trustStorePath;
-    
-    /**
-     * Password for the trust store.
-     */
-    private String trustStorePassword;
-    
-    /**
-     * Type of the trust store (JKS, PKCS12, etc.).
-     * Default is JKS.
-     */
-    private String trustStoreType = "JKS";
-
-    public boolean isVerifyCertificates() {
-        return verifyCertificates;
-    }
-
-    public void setVerifyCertificates(boolean verifyCertificates) {
-        this.verifyCertificates = verifyCertificates;
-    }
-
-    public String getTrustStorePath() {
-        return trustStorePath;
-    }
-
-    public void setTrustStorePath(String trustStorePath) {
-        this.trustStorePath = trustStorePath;
-    }
-
-    public String getTrustStorePassword() {
-        return trustStorePassword;
-    }
-
-    public void setTrustStorePassword(String trustStorePassword) {
-        this.trustStorePassword = trustStorePassword;
-    }
-
-    public String getTrustStoreType() {
-        return trustStoreType;
-    }
-
-    public void setTrustStoreType(String trustStoreType) {
-        this.trustStoreType = trustStoreType;
-    }
-}
+public class SslProperties extends ExternalServiceSslProperties {
+    // All fields inherited from ExternalServiceSslProperties.
+    // Add AAP-specific SSL overrides here if ever needed.
+}