added HTTPS for localhost

src/de/deadlocker8/budgetmaster/logic/ServerConnection.java

@@ -3,8 +3,14 @@ package de.deadlocker8.budgetmaster.logic;
 import java.lang.reflect.Type;
 import java.net.HttpURLConnection;
 import java.net.URL;
+import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
 import com.google.gson.Gson;
 import com.google.gson.reflect.TypeToken;
 
@@ -15,20 +21,42 @@ public class ServerConnection
 	private Settings settings;
 	private Gson gson;
 
-	public ServerConnection(Settings settings)
+	public ServerConnection(Settings settings) throws Exception
 	{
 		this.settings = settings;
 		this.gson = new Gson();
+		
+		TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager()
+		{
+			public java.security.cert.X509Certificate[] getAcceptedIssuers()
+			{
+				return null;
+			}
+
+			public void checkClientTrusted(X509Certificate[] certs, String authType)
+			{
+			}
+
+			public void checkServerTrusted(X509Certificate[] certs, String authType)
+			{
+			}
+		} };
+
+		// Install the all-trusting trust manager
+		SSLContext sc = SSLContext.getInstance("SSL");
+		sc.init(null, trustAllCerts, new java.security.SecureRandom());
+		HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+		HttpsURLConnection.setDefaultHostnameVerifier((hostname, sslSession) -> hostname.equals("localhost"));
 	}
 	
 	public ArrayList<Category> getCategories() throws Exception
 	{
 		URL url = new URL(settings.getUrl() + "/category?secret=" + settings.getSecret());
-		HttpURLConnection httpCon = (HttpURLConnection)url.openConnection();
-		httpCon.setDoOutput(true);
-		httpCon.setRequestMethod("GET");		
+		HttpsURLConnection httpsCon = (HttpsURLConnection)url.openConnection();
+		httpsCon.setDoOutput(true);
+		httpsCon.setRequestMethod("GET");		
 		
-		String result = Read.getStringFromInputStream(httpCon.getInputStream());
+		String result = Read.getStringFromInputStream(httpsCon.getInputStream());
 		//required by GSON
 		Type listType = new TypeToken<ArrayList<Category>>(){}.getType();		
 		return gson.fromJson(result, listType);		

src/de/deadlocker8/budgetmaster/ui/SettingsController.java

@@ -34,7 +34,7 @@ public class SettingsController
 		labelSecret.setStyle("-fx-text-fill: " + controller.getBundle().getString("color.text"));
 		labelURL.setStyle("-fx-text-fill: " + controller.getBundle().getString("color.text"));
 		buttonSave.setStyle("-fx-background-color: #2E79B9; -fx-text-fill: white; -fx-font-weight: bold; -fx-font-size: 16;");	
-		textFieldURL.setPromptText("z.B. http://yourdomain.de");
+		textFieldURL.setPromptText("z.B. https://yourdomain.de");
 	}
 	
 	public void save()

src/de/deadlocker8/budgetmasterserver/server/SparkServer.java

 package de.deadlocker8.budgetmasterserver.server;
 
-import static spark.Spark.before;
-import static spark.Spark.get;
-import static spark.Spark.halt;
-import static spark.Spark.port;
+import static spark.Spark.*;
 
 import java.io.IOException;
 import java.net.URISyntaxException;
@@ -44,8 +41,7 @@ public class SparkServer
 		Settings settings = Utils.loadSettings();
 		
 		port(settings.getServerPort());	
-		//TODO HTTPS
-		//secure("", "", null, null);	
+		secure("certs/keystore.jks", "geheim", null, null);	
 		
 		before((request, response) -> {
 			

src/de/deadlocker8/budgetmasterserver/test/Test.java

 package de.deadlocker8.budgetmasterserver.test;
 
-import java.io.OutputStreamWriter;
 import java.net.HttpURLConnection;
 import java.net.URL;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
+import tools.Read;
 
 public class Test
 {
 	public static void main(String[] args) throws Exception
 	{
-		URL url = new URL("http://localhost:8000");
-		HttpURLConnection httpCon = (HttpURLConnection)url.openConnection();
+		TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager()
+		{
+			public java.security.cert.X509Certificate[] getAcceptedIssuers()
+			{
+				return null;
+			}
+
+			public void checkClientTrusted(X509Certificate[] certs, String authType)
+			{
+			}
+
+			public void checkServerTrusted(X509Certificate[] certs, String authType)
+			{
+			}
+		} };
+
+		// Install the all-trusting trust manager
+		SSLContext sc = SSLContext.getInstance("SSL");
+		sc.init(null, trustAllCerts, new java.security.SecureRandom());
+		HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+		HttpsURLConnection.setDefaultHostnameVerifier((hostname, sslSession) -> hostname.equals("localhost"));
+		
+		URL url = new URL("https://localhost:9000/category?secret=geheim");
+		HttpsURLConnection httpCon = (HttpsURLConnection)url.openConnection();
 		httpCon.setDoOutput(true);
-		httpCon.setRequestMethod("PUT");
-		OutputStreamWriter out = new OutputStreamWriter(httpCon.getOutputStream());
-		out.write("Resource content");
-		out.close();
-		httpCon.getInputStream();
+		httpCon.setRequestMethod("GET");		
+		
+		String result = Read.getStringFromInputStream(httpCon.getInputStream());
+		System.out.println(result);	
 	}
 }
\ No newline at end of file