HTTP Built-ins - New Client and Client Context¶

The HTTP New Client and Client Context Built-ins create new clients and client contexts. By default, the HTTP New Client function trusts all hostnames and certificate chains when making requests. However, two optional functions, trustStrategyFunction and hostnameVerifier, may be passed to the newClient Built-in, to control SSL hostname and certificate verification.

HTTP New Client ¶

The newClient() function returns a new client. The model should include an additional function that calls a client's execute method, as described in the Apache documentation. Optional SSL hostname and certificate functions may be passed to the new client.

Syntax

1	Http.newClient(<trustStrategyFunction (List<X509Certificate>, String) → Boolean>, <hostNameVerifierFunction (String, SslSession) → Boolean>)

Returns

The new HTTP Client.

Parameters

trustStrategyFunction (Optional) - A function that takes a list of X509X509Certificate certificates and an authType String
- If the trustStrategyFunction is not passed, the client will trust all certificates
- Returns a Boolean, with true meaning the certificate chain has passed validation and is trusted
- false otherwise, meaning the the HTTP Client will not accept the connection
hostNameVerifierFunction (Optional) - A function that takes a hostname String and an SslSession String
- If the hostNameVerifierFunction is not passed, the client will trust all hostnames
- Returns a Boolean, with true meaning the hostname has been verified and the connection will be accepted
- false otherwise, meaning the HTTP Client will not accept the connection

Example 1 - New Client without SSL Configurations

stepdef "http client"
    client := Http.newClient()
    clientContext := Http.newHttpClientContext()
    request := Http
        .get("http://www.anywebpage.com/yourTools/yourPath/")
        .build()
    response := client.execute(request, clientContext )
    responseBody := Http.getContentString(response)
    println(responseBody)
end

Example 2 - New Client with SSL Configurations

client  := Http.newClient(SslConfigurationModel::trustStrategy,
                          SslConfigurationModel::hostnameVerifier)

request := Http.get("https://www.qitasc.com")
                    .addHeader("Content-Type", "application/json; charset=utf-8")
                     .setConfig(Http.configure().setConnectTimeout(30000).setSocketTimeout(30000).build()).build()
response := client.execute(request)
println("Response: " + response.getContentString())

model SslConfigurationModel
    func trustStrategy(chain, authType)
        return chain.size().equals(1) # only accept self-signed certificates
    end

    func hostnameVerifier(hostname, sslSession)
        return hostname.equals("www.qitasc.com")
    end
end

In the example above, client connections will only accept certificates with the matching hostname (www.qitasc.com), and only trusts certificates with a chain of 1, for example, self-signed certificates.

HTTP New Client Context ¶

The newHttpClientContext() function returns a new client context. It may be used with any of the non-static HttpClientContext methods as described in the Apache documentation.

Syntax

1	<newClientContext HttpClientContext> := Http.newHttpClientContext()

Returns

The new client context.

New Client Context Use Case with Cookie Store Example

stepdef "cookie test"
    client := Http.newClient()
    cookieStore := Http.newCookieStore()
    cookie := Http.newCookie("YourName", "YourAge")
    cookie.setDomain("www.anywebpage.com")
    cookie.setPath("/yourTools/yourPath/")
    cookieStore.addCookie(cookie)

    clientContext := Http.newHttpClientContext()
    clientContext.setCookieStore(cookieStore)
    request := Http
        .get("http://www.anywebpage.com/yourTools/yourPath/")
        .build()
    response := client.execute(request, clientContext )
    responseBody := Http.getContentString(response)
    println(responseBody)
end