refactored the creation of the HttpUrlConnection objects to a factory

Former-commit-id: 984968995bf68ad9889bac843770a0d615d4478c

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusSearch.java

@@ -27,9 +27,9 @@ import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.xpath.XPath;
 import javax.xml.xpath.XPathFactory;
-import org.owasp.dependencycheck.utils.Downloader;
 import org.owasp.dependencycheck.utils.InvalidSettingException;
 import org.owasp.dependencycheck.utils.Settings;
+import org.owasp.dependencycheck.utils.URLConnectionFactory;
 import org.w3c.dom.Document;
 
 /**
@@ -102,7 +102,7 @@ public class NexusSearch {
         // or proxy is specifically
         // set to false
         URLConnection conn = null;
-        conn = Downloader.getConnection(url, useProxy);
+        conn = URLConnectionFactory.createHttpURLConnection(url, useProxy);
 
         conn.setDoOutput(true);
 
@@ -151,7 +151,7 @@ public class NexusSearch {
      */
     public boolean preflightRequest() {
         try {
-            HttpURLConnection conn = Downloader.getConnection(new URL(rootURL, "status"));
+            HttpURLConnection conn = URLConnectionFactory.createHttpURLConnection(new URL(rootURL, "status"));
             conn.addRequestProperty("Accept", "application/xml");
             conn.connect();
             if (conn.getResponseCode() != 200) {

dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/Downloader.java

@@ -22,12 +22,7 @@ import java.io.File;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.net.Authenticator;
 import java.net.HttpURLConnection;
-import java.net.InetSocketAddress;
-import java.net.PasswordAuthentication;
-import java.net.Proxy;
-import java.net.SocketAddress;
 import java.net.URISyntaxException;
 import java.net.URL;
 import java.util.logging.Level;
@@ -58,7 +53,7 @@ public final class Downloader {
     public static void fetchFile(URL url, File outputPath) throws DownloadFailedException {
         HttpURLConnection conn = null;
         try {
-            conn = Downloader.getConnection(url);
+            conn = URLConnectionFactory.createHttpURLConnection(url);
             conn.setRequestProperty("Accept-Encoding", "gzip, deflate");
             conn.connect();
         } catch (IOException ex) {
@@ -149,11 +144,13 @@ public final class Downloader {
         } else {
             HttpURLConnection conn = null;
             try {
-                conn = Downloader.getConnection(url);
+                conn = URLConnectionFactory.createHttpURLConnection(url);
                 conn.setRequestMethod("HEAD");
                 conn.connect();
                 timestamp = conn.getLastModified();
-            } catch (Exception ex) {
+            } catch (URLConnectionFailureException ex) {
+                throw new DownloadFailedException("Error creating URL Connection for HTTP HEAD request.", ex);
+            } catch (IOException ex) {
                 throw new DownloadFailedException("Error making HTTP HEAD request.", ex);
             } finally {
                 if (conn != null) {
@@ -167,80 +164,4 @@ public final class Downloader {
         }
         return timestamp;
     }
-
-    /**
-     * Utility method to get an HttpURLConnection. If the app is configured to use a proxy this method will retrieve the
-     * proxy settings and use them when setting up the connection.
-     *
-     * @param url the url to connect to
-     * @return an HttpURLConnection
-     * @throws DownloadFailedException thrown if there is an exception
-     */
-    public static HttpURLConnection getConnection(URL url) throws DownloadFailedException {
-        HttpURLConnection conn = null;
-        Proxy proxy = null;
-        final String proxyUrl = Settings.getString(Settings.KEYS.PROXY_URL);
-        try {
-            if (proxyUrl != null) {
-                final int proxyPort = Settings.getInt(Settings.KEYS.PROXY_PORT);
-                final SocketAddress addr = new InetSocketAddress(proxyUrl, proxyPort);
-
-                final String username = Settings.getString(Settings.KEYS.PROXY_USERNAME);
-                final String password = Settings.getString(Settings.KEYS.PROXY_PASSWORD);
-                if (username != null && password != null) {
-                    final Authenticator auth = new Authenticator() {
-                        @Override
-                        public PasswordAuthentication getPasswordAuthentication() {
-                            if (getRequestorType().equals(RequestorType.PROXY)) {
-                                return new PasswordAuthentication(username, password.toCharArray());
-                            }
-                            return super.getPasswordAuthentication();
-                        }
-                    };
-                    Authenticator.setDefault(auth);
-                }
-
-                proxy = new Proxy(Proxy.Type.HTTP, addr);
-                conn = (HttpURLConnection) url.openConnection(proxy);
-            } else {
-                conn = (HttpURLConnection) url.openConnection();
-            }
-            final int timeout = Settings.getInt(Settings.KEYS.CONNECTION_TIMEOUT, 60000);
-            conn.setConnectTimeout(timeout);
-        } catch (IOException ex) {
-            if (conn != null) {
-                try {
-                    conn.disconnect();
-                } finally {
-                    conn = null;
-                }
-            }
-            throw new DownloadFailedException("Error getting connection.", ex);
-        }
-        return conn;
-    }
-    
-    /**
-     * Utility method to get an HttpURLConnection. The use of a proxy here is optional as there
-     * may be cases where a proxy is configured but we don't want to use it (for example, if there's
-     * an internal repository configured)
-     * 
-     * @param url the url to connect to
-     * @parem proxy whether to use the proxy (if configured)
-     * @throws DownloadFailedException thrown if there is an exception
-     */
-    public static HttpURLConnection getConnection(URL url, boolean proxy) throws DownloadFailedException {
-        if (proxy) {
-            return getConnection(url);
-        }
-        HttpURLConnection conn = null;
-        try {
-            conn = (HttpURLConnection)url.openConnection();
-            final int timeout = Settings.getInt(Settings.KEYS.CONNECTION_TIMEOUT, 60000);
-            conn.setConnectTimeout(timeout);
-        } catch (IOException ioe) {
-            throw new DownloadFailedException("Error getting connection.", ioe);
-        }
-        return conn;
-    }
 }

dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/URLConnectionFactory.java

@@ -0,0 +1,118 @@
+/*
+ * This file is part of dependency-check-core.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Copyright (c) 2014 Jeremy Long. All Rights Reserved.
+ */
+package org.owasp.dependencycheck.utils;
+
+import java.io.IOException;
+import java.net.Authenticator;
+import java.net.HttpURLConnection;
+import java.net.InetSocketAddress;
+import java.net.PasswordAuthentication;
+import java.net.Proxy;
+import java.net.SocketAddress;
+import java.net.URL;
+
+/**
+ * A URLConnection Factory to create new connections. This encapsulates several configuration checks to ensure that the
+ * connection uses the correct proxy settings.
+ *
+ * @author Jeremy Long <jeremy.long@owasp.org>
+ */
+public class URLConnectionFactory {
+
+    /**
+     * Private constructor for this factory.
+     */
+    private URLConnectionFactory() {
+    }
+
+    /**
+     * Utility method to create an HttpURLConnection. If the application is configured to use a proxy this method will
+     * retrieve the proxy settings and use them when setting up the connection.
+     *
+     * @param url the url to connect to
+     * @return an HttpURLConnection
+     * @throws URLConnectionFailureException thrown if there is an exception
+     */
+    public static HttpURLConnection createHttpURLConnection(URL url) throws URLConnectionFailureException {
+        HttpURLConnection conn = null;
+        Proxy proxy = null;
+        final String proxyUrl = Settings.getString(Settings.KEYS.PROXY_URL);
+        try {
+            if (proxyUrl != null) {
+                final int proxyPort = Settings.getInt(Settings.KEYS.PROXY_PORT);
+                final SocketAddress addr = new InetSocketAddress(proxyUrl, proxyPort);
+
+                final String username = Settings.getString(Settings.KEYS.PROXY_USERNAME);
+                final String password = Settings.getString(Settings.KEYS.PROXY_PASSWORD);
+                if (username != null && password != null) {
+                    final Authenticator auth = new Authenticator() {
+                        @Override
+                        public PasswordAuthentication getPasswordAuthentication() {
+                            if (getRequestorType().equals(Authenticator.RequestorType.PROXY)) {
+                                return new PasswordAuthentication(username, password.toCharArray());
+                            }
+                            return super.getPasswordAuthentication();
+                        }
+                    };
+                    Authenticator.setDefault(auth);
+                }
+
+                proxy = new Proxy(Proxy.Type.HTTP, addr);
+                conn = (HttpURLConnection) url.openConnection(proxy);
+            } else {
+                conn = (HttpURLConnection) url.openConnection();
+            }
+            final int timeout = Settings.getInt(Settings.KEYS.CONNECTION_TIMEOUT, 60000);
+            conn.setConnectTimeout(timeout);
+        } catch (IOException ex) {
+            if (conn != null) {
+                try {
+                    conn.disconnect();
+                } finally {
+                    conn = null;
+                }
+            }
+            throw new URLConnectionFailureException("Error getting connection.", ex);
+        }
+        return conn;
+    }
+
+    /**
+     * Utility method to create an HttpURLConnection. The use of a proxy here is optional as there may be cases where a
+     * proxy is configured but we don't want to use it (for example, if there's an internal repository configured)
+     *
+     * @param url the url to connect to
+     * @param proxy whether to use the proxy (if configured)
+     * @return a newly constructed HttpURLConnection
+     * @throws URLConnectionFailureException thrown if there is an exception
+     */
+    public static HttpURLConnection createHttpURLConnection(URL url, boolean proxy) throws URLConnectionFailureException {
+        if (proxy) {
+            return createHttpURLConnection(url);
+        }
+        HttpURLConnection conn = null;
+        try {
+            conn = (HttpURLConnection) url.openConnection();
+            final int timeout = Settings.getInt(Settings.KEYS.CONNECTION_TIMEOUT, 60000);
+            conn.setConnectTimeout(timeout);
+        } catch (IOException ioe) {
+            throw new URLConnectionFailureException("Error getting connection.", ioe);
+        }
+        return conn;
+    }
+}

dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/URLConnectionFailureException.java

@@ -0,0 +1,68 @@
+/*
+ * This file is part of dependency-check-core.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Copyright (c) 2014 Jeremy Long. All Rights Reserved.
+ */
+package org.owasp.dependencycheck.utils;
+
+import java.io.IOException;
+
+/**
+ * An exception used when the creation of an URLConnection fails.
+ *
+ * @author Jeremy Long <jeremy.long@owasp.org>
+ */
+public class URLConnectionFailureException extends IOException {
+
+    /**
+     * The serial version UID.
+     */
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * Creates a new URLConnectionFailureException.
+     */
+    public URLConnectionFailureException() {
+        super();
+    }
+
+    /**
+     * Creates a new URLConnectionFailureException.
+     *
+     * @param msg a message for the exception.
+     */
+    public URLConnectionFailureException(String msg) {
+        super(msg);
+    }
+
+    /**
+     * Creates a new URLConnectionFailureException.
+     *
+     * @param ex the cause of the download failure.
+     */
+    public URLConnectionFailureException(Throwable ex) {
+        super(ex);
+    }
+
+    /**
+     * Creates a new URLConnectionFailureException.
+     *
+     * @param msg a message for the exception.
+     * @param ex the cause of the download failure.
+     */
+    public URLConnectionFailureException(String msg, Throwable ex) {
+        super(msg, ex);
+    }
+}