Java tutorial
package org.curriki.tools.tests; import com.sun.crypto.provider.SunJCE; import org.apache.commons.httpclient.ConnectTimeoutException; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.HttpClientError; import org.apache.commons.httpclient.UsernamePasswordCredentials; import org.apache.commons.httpclient.auth.AuthScope; import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.httpclient.params.HttpConnectionParams; import org.apache.commons.httpclient.protocol.Protocol; import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import sun.security.jgss.wrapper.SunNativeProvider; import sun.security.provider.Sun; import sun.security.rsa.SunRsaSign; import javax.net.SocketFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; import java.io.IOException; import java.io.PrintWriter; import java.io.StringWriter; import java.net.*; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; public class TryAnOpenIDRequestAtGoogle { //private static final Log LOG = LogFactory.getLog(EasyX509TrustManager.class); //private static String merchant="669895943580289", key="Ea0jLLapBsYxX2hRvapowg", host="hoplahup.homeip.net"; public static void main(String[] args) { Object o = null; String error = null; try { System.out.println("java.home is " + System.getProperty("java.home")); /* HttpClient client = new HttpClient(); URL checkoutURL = new URL("https://www.google.com/accounts/o8/ud");//new URL("https://checkout.google.com/api/checkout/v2/reports/Merchant/MERCHANT_ID"); Protocol myhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443); client.getHostConfiguration().setHost("www.google.com", 443, myhttps); //client.getParams().setAuthenticationPreemptive(true); //client.getState().setCredentials( // new AuthScope(checkoutURL.getHost(), checkoutURL.getPort(), AuthScope.ANY_REALM), // new UsernamePasswordCredentials(merchant, key)); GetMethod get = new GetMethod(checkoutURL.toExternalForm()); client.executeMethod(get); System.out.println("Status " + get.getStatusCode() + " " + get.getStatusText()); System.out.println("Obtained: " + get.getResponseBodyAsString()); */ URL url = new URL("https://checkout.google.com/api/checkout/v2/reports/Merchant/MERCHANT_ID"); o = url.getContent(); } catch (Exception ex) { StringWriter w = new StringWriter(); ex.printStackTrace(new PrintWriter(w)); error = w.toString(); } System.out.println("error " + error); System.out.println("obtained " + o); } // =========================================================================== /* * $HeadURL$ * $Revision$ * $Date$ * * ==================================================================== * * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * <http://www.apache.org/>. * */ /** * <p> * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s * that accept self-signed certificates. * </p> * <p> * This socket factory SHOULD NOT be used for productive systems * due to security reasons, unless it is a concious decision and * you are perfectly aware of security implications of accepting * self-signed certificates * </p> * * <p> * Example of using custom protocol socket factory for a specific host: * <pre> * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443); * * URI uri = new URI("https://localhost/", true); * // use relative url only * GetMethod httpget = new GetMethod(uri.getPathQuery()); * HostConfiguration hc = new HostConfiguration(); * hc.setHost(uri.getHost(), uri.getPort(), easyhttps); * HttpClient client = new HttpClient(); * client.executeMethod(hc, httpget); * </pre> * </p> * <p> * Example of using custom protocol socket factory per default instead of the standard one: * <pre> * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443); * Protocol.registerProtocol("https", easyhttps); * * HttpClient client = new HttpClient(); * GetMethod httpget = new GetMethod("https://localhost/"); * client.executeMethod(httpget); * </pre> * </p> * * @author <a href="mailto:oleg -at- ural.ru">Oleg Kalnichevski</a> * * <p> * DISCLAIMER: HttpClient developers DO NOT actively support this component. * The component is provided as a reference material, which may be inappropriate * for use without additional customization. * </p> */ public static class EasySSLProtocolSocketFactory implements SecureProtocolSocketFactory { private SSLContext sslcontext = null; /** * Constructor for EasySSLProtocolSocketFactory. */ public EasySSLProtocolSocketFactory() { super(); } private static SSLContext createEasySSLContext() { try { SSLContext context = SSLContext.getInstance("SSL", new SunJCE()); context.init(null, new TrustManager[] { new EasyX509TrustManager(null) }, null); return context; } catch (Exception e) { e.printStackTrace(); throw new HttpClientError(e.toString()); } } private SSLContext getSSLContext() { if (this.sslcontext == null) { this.sslcontext = createEasySSLContext(); } return this.sslcontext; } /** * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int) */ public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(host, port, clientHost, clientPort); } /** * Attempts to get a new socket connection to the given host within the given time limit. * <p> * To circumvent the limitations of older JREs that do not support connect timeout a * controller thread is executed. The controller thread attempts to create a new socket * within the given limit of time. If socket constructor does not return until the * timeout expires, the controller terminates and throws an {@link ConnectTimeoutException} * </p> * * @param host the host name/IP * @param port the port on the host * @param params {@link HttpConnectionParams Http connection parameters} * * @return Socket a new socket * * @throws IOException if an I/O error occurs while creating the socket * @throws UnknownHostException if the IP address of the host cannot be * determined */ public Socket createSocket(final String host, final int port, final InetAddress localAddress, final int localPort, final HttpConnectionParams params) throws IOException, UnknownHostException, ConnectTimeoutException { if (params == null) { throw new IllegalArgumentException("Parameters may not be null"); } int timeout = params.getConnectionTimeout(); SocketFactory socketfactory = getSSLContext().getSocketFactory(); if (timeout == 0) { return socketfactory.createSocket(host, port, localAddress, localPort); } else { Socket socket = socketfactory.createSocket(); SocketAddress localaddr = new InetSocketAddress(localAddress, localPort); SocketAddress remoteaddr = new InetSocketAddress(host, port); socket.bind(localaddr); socket.connect(remoteaddr, timeout); return socket; } } /** * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int) */ public Socket createSocket(String host, int port) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(host, port); } /** * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean) */ public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(socket, host, port, autoClose); } public boolean equals(Object obj) { return ((obj != null) && obj.getClass().equals(EasySSLProtocolSocketFactory.class)); } public int hashCode() { return EasySSLProtocolSocketFactory.class.hashCode(); } } // EasySSLProtocolSocketFactory // ==================================================================== /** * <p> * EasyX509TrustManager unlike default {@link X509TrustManager} accepts * self-signed certificates. * </p> * <p> * This trust manager SHOULD NOT be used for productive systems * due to security reasons, unless it is a concious decision and * you are perfectly aware of security implications of accepting * self-signed certificates * </p> * * @author <a href="mailto:adrian.sutton@ephox.com">Adrian Sutton</a> * @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a> * * <p> * DISCLAIMER: HttpClient developers DO NOT actively support this component. * The component is provided as a reference material, which may be inappropriate * for use without additional customization. * </p> */ static class EasyX509TrustManager implements X509TrustManager { private X509TrustManager standardTrustManager = null; /** * Constructor for EasyX509TrustManager. */ public EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException { super(); TrustManagerFactory factory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); factory.init(keystore); TrustManager[] trustmanagers = factory.getTrustManagers(); if (trustmanagers.length == 0) { throw new NoSuchAlgorithmException("no trust manager found"); } this.standardTrustManager = (X509TrustManager) trustmanagers[0]; } /** * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType) */ public void checkClientTrusted(X509Certificate[] certificates, String authType) throws CertificateException { standardTrustManager.checkClientTrusted(certificates, authType); } /** * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType) */ public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if ((certificates != null)) { System.err.println("Server certificate chain:"); for (int i = 0; i < certificates.length; i++) { System.err.println("X509Certificate[" + i + "]=" + certificates[i]); } } if ((certificates != null) && (certificates.length == 1)) { certificates[0].checkValidity(); } else { standardTrustManager.checkServerTrusted(certificates, authType); } } /** * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers() */ public X509Certificate[] getAcceptedIssuers() { return this.standardTrustManager.getAcceptedIssuers(); } } // EasyX509TrustManager }