四大微博OAuth认证

四大微博OAuth认证  不指定

作品 , 评论(32) , 引用(0) , 阅读(2581)   |  |   

据说这两天腾讯的服务器出了问题,认证的时候报这样的错:

Java 代码复制内容到剪贴板
  1.     
  2. oauth.signpost.exception.OAuthCommunicationException: Communication with the service provider failed: Not trusted server certificate      
  3. Caused by: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate      
  4. oauth.signpost.exception.OAuthCommunicationException: Communication with the service provider failed: Nopeer certificate  

这是因为Https认证被截获导致,Client认为安全失效,很久之前就出现了这个问题了,那时候在WebView上加上下面的代码就可以解决了

Java 代码复制内容到剪贴板
  1.     
  2. public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {        
  3.      handler.proceed();      
  4. }    

没想到又出现这个问题,于是一翻研究,在stackoverflow.com上找到答案,写了一个自定义类继承SSLSocketFactory,

Java 代码复制内容到剪贴板
  1.     
  2. public class SSLSocketFactoryEx extends SSLSocketFactory {      
  3.       
  4.     SSLContext sslContext = SSLContext.getInstance("TLS");      
  5.       
  6.     public SSLSocketFactoryEx(KeyStore truststore)      
  7.             throws NoSuchAlgorithmException, KeyManagementException,      
  8.             KeyStoreException, UnrecoverableKeyException {      
  9.         super(truststore);      
  10.       
  11.         TrustManager tm = new X509TrustManager() {      
  12.       
  13.             public java.security.cert.X509Certificate[] getAcceptedIssuers() {      
  14.                 return null;      
  15.             }      
  16.       
  17.             @Override      
  18.             public void checkClientTrusted(      
  19.                     java.security.cert.X509Certificate[] chain, String authType)      
  20.                     throws java.security.cert.CertificateException {      
  21.       
  22.             }      
  23.       
  24.             @Override      
  25.             public void checkServerTrusted(      
  26.                     java.security.cert.X509Certificate[] chain, String authType)      
  27.                     throws java.security.cert.CertificateException {      
  28.       
  29.             }      
  30.         };      
  31.       
  32.         sslContext.init(nullnew TrustManager[] { tm }, null);      
  33.     }      
  34.       
  35.     @Override      
  36.     public Socket createSocket(Socket socket, String host, int port,      
  37.             boolean autoClose) throws IOException, UnknownHostException {      
  38.         return sslContext.getSocketFactory().createSocket(socket, host, port,      
  39.                 autoClose);      
  40.     }      
  41.       
  42.     @Override      
  43.     public Socket createSocket() throws IOException {      
  44.         return sslContext.getSocketFactory().createSocket();      
  45.     }      
  46. }  

调用方法,只要用认证返回的HttpCilent即可。代码:

Java 代码复制内容到剪贴板
  1.     
  2. public HttpClient getNewHttpClient() {      
  3.         try {      
  4.             KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());      
  5.             trustStore.load(nullnull);      
  6.       
  7.             SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore);      
  8.             sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);      
  9.       
  10.             HttpParams params = new BasicHttpParams();      
  11.             HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);      
  12.             HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);      
  13.       
  14.             SchemeRegistry registry = new SchemeRegistry();      
  15.             registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));      
  16.             registry.register(new Scheme("https", sf, 443));      
  17.       
  18.             ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);      
  19.       
  20.             return new DefaultHttpClient(ccm, params);      
  21.         } catch (Exception e) {      
  22.             return new DefaultHttpClient();      
  23.         }      
  24.     }  

这样就解决了问题,有网友说把腾讯认证的地址https去掉改成http,那是不可取的做法。

我已经把代码集成到signpost中,如果有需要的同学可自行下载,有不明白或者不好的地方给我评论留言。

点击在新窗口中浏览此图片

源码下载:

2011-12-11日更新了oauth-signpost-1211.jar包,把原来打jar包时也一起打的commons-codec.jar去掉了。

阅读更多
想对作者说点什么? 我来说一句

没有更多推荐了,返回首页

加入CSDN,享受更精准的内容推荐,与500万程序员共同成长!
关闭
关闭