OK,
Looks like I finally got it. Ill post my solution just in case anyone else (or
me in the future haha) has trouble. It appears to be some bug/feature in Java.
I tried the prerelease of Java 8, it seemed to have no effect. I tried
bouncycastle, it seemed to have no effect. Although its still installed so I'm
not sure. The big glaring incompatibility with Java and openlibrary seemed to
be the _DHE_ system cipher suites in Java. So I basically removed them, then
evidently Java and openlibrary negotiate around it.
Heres the routines that do appear to work :
private boolean logOnOpenLibrary(java.lang.String username, java.lang.String
password)
{
TurnOff_DHE_();
String data="{\"username\": \""+username+"\", \"password\":
\""+password+"\"}";//.getBytes("UTF-8");
// data="{}";//.getBytes("UTF-8");
//URL url = new URL("http://openlibrary.org/account/login";);
HttpsURLConnection conn = null;
try {
conn =
createOpenAPIConnection2("https://openlibrary.org/account/login",data);
} catch (NoSuchAlgorithmException | IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
this.print_content2(conn);
return true;
}
private void TurnOff_DHE_()
{
SSLContext context = null;
// context.init(null, new TrustManager[] { tm }, null);
try {
context = SSLContext.getInstance("TLS");
context.init(null, new TrustManager[] { }, null);
} catch (KeyManagementException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
SSLParameters params = context.getSupportedSSLParameters();
String[] suites = params.getCipherSuites();
System.out.println("Connecting with " + suites.length + " cipher
suites supported:");
for (int i = 0; i < suites.length; i++) {
// System.out.print(' ');
// System.out.println(suites[i]);
;
}
//get rid of all _DHE_ so we can negotiate with openlibrary
// Security.insertProviderAt(new BouncyCastleProvider(),1);
// System.setProperty("https.cipherSuites", "SSL_RSA_WITH_NULL_MD5,
SSL_RSA_WITH_NULL_SHA");
String aSHCS="";
for (int i = 0; i < suites.length; i++)
{
if(suites[i].contains("_DHE_"))
continue;
// if(suites[i].contains("_DH_"))
// continue;
aSHCS+=suites[i]+",";
}
System.setProperty("https.cipherSuites",aSHCS);
}
public HttpsURLConnection createOpenAPIConnection2(String httpsURL, String
body) throws IOException, NoSuchAlgorithmException {
HttpsURLConnection con = null;
// PrivateKey privKey = SecurityHolder.getPrivateKey();
// if (privKey != null) {
// OAuthParameters oAuthparams = SecurityHolder.getDefaultOAuthParam();
String method = "GET";
if (body != null) {
method = "POST";
// MessageDigest digest = MessageDigest.getInstance("SHA-1");
// digest.reset();
// byte[] hash = digest.digest(body.getBytes("UTF-8"));
// String encodedHash = Base64.encode(hash);
// oAuthparams.addCustomBaseParameter("oauth_body_hash", encodedHash);
}
// String baseString = OAuthUtil.getSignatureBaseString(httpsURL, method,
oAuthparams.getBaseParameters());
// System.out.println(baseString);
// OAuthRsaSha1Signer rsaSigner = new OAuthRsaSha1Signer();
/// rsaSigner.setPrivateKey(privKey);
// String signature = rsaSigner.getSignature(baseString, oAuthparams);
// oAuthparams.addCustomBaseParameter("oauth_signature", signature);
URL url = new URL(httpsURL);
con = (HttpsURLConnection) url.openConnection();
con.setRequestMethod(method);
con.setSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault());
con.setDoOutput(true);
con.setDoInput(true);
// con.addRequestProperty("Authorization",
buildAuthHeaderString(oAuthparams));
// System.out.println(buildAuthHeaderString(oAuthparams));
if (body != null) {
con.addRequestProperty("content-type", "application/json");
con.addRequestProperty("content-length", Integer.toString(body.length()));
}
con.connect();
if (body != null) {
OutputStreamWriter request = new
OutputStreamWriter(con.getOutputStream());
request.append(body);
request.flush();
request.close();
}
return con;
}
// }
private void print_content2(HttpsURLConnection con){
if(con!=null){
try {
System.out.println("****** Content of the URL ********");
BufferedReader br =
new BufferedReader(
new InputStreamReader(con.getInputStream()));
String input;
System.out.println("****** headers ********");
Map<String,List<String>> headers = con.getHeaderFields();
for (String key:headers.keySet())
{
List<String> value=headers.get(key);
for (int i=0;i<value.size();i++)
{
String strdbg1=value.get(i);
System.out.println(strdbg1);
// if(value.get(i).compareTo("HTTP/1.1 200 OK")==0)
// {
// bAuthenticated=true;
// }
}
}
while ((input = br.readLine()) != null){
System.out.println(input);
}
br.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
________________________________________
From: [email protected] [[email protected]] on behalf of
Mark Klarer
Sent: Friday, October 25, 2013 12:31 PM
To: Open Library -- technical discussion
Subject: Re: [ol-tech] openlibrary SSL DH with Java
Whoops I spoke too soon. There is no official eclipse release with Java 8, but
looks like it can be done if you want to try early access, and some
reconfiguring on your own. But anyhow thanks again guys, ill get it fixed
eventually.
________________________________________
From: [email protected] [[email protected]] on behalf of
Mark Klarer
Sent: Friday, October 25, 2013 11:47 AM
To: Open Library -- technical discussion
Subject: Re: [ol-tech] openlibrary SSL DH with Java
OK thanks guys. I tried the latest version of eclipse, there is no Java 8
support in it yet. That's what all of my projects are built with, and I just
don't have the time or motivation to convert everything just for this.
I think I can get a good solution going, or cobble a rube goldberg thing a ma
bob to get it going eventually, thanks for all your help again.
________________________________________
From: [email protected] [[email protected]] on behalf of
Anand Chitipothu [[email protected]]
Sent: Thursday, October 24, 2013 4:31 PM
To: Open Library -- technical discussion
Subject: Re: [ol-tech] openlibrary SSL DH with Java
On 24-Oct-2013, at 11:43 AM, Mark Klarer wrote:
>
> This isn't really a problem with openlibrary, but a problem with implementing
> a project using openlibrary in Java. I'm just hoping someone else is in the
> same boat and already fixed it.
>
> Since the SSL change to openlibrary.org, my little project isn't working.
[...]
What is the URL that you are trying to access? If it is an API, it should
continue to work.
Anand
_______________________________________________
Ol-tech mailing list
[email protected]
http://mail.archive.org/cgi-bin/mailman/listinfo/ol-tech
Archives: http://www.mail-archive.com/[email protected]/
To unsubscribe from this mailing list, send email to
[email protected]
_______________________________________________
Ol-tech mailing list
[email protected]
http://mail.archive.org/cgi-bin/mailman/listinfo/ol-tech
Archives: http://www.mail-archive.com/[email protected]/
To unsubscribe from this mailing list, send email to
[email protected]
_______________________________________________
Ol-tech mailing list
[email protected]
http://mail.archive.org/cgi-bin/mailman/listinfo/ol-tech
Archives: http://www.mail-archive.com/[email protected]/
To unsubscribe from this mailing list, send email to
[email protected]
_______________________________________________
Ol-tech mailing list
[email protected]
http://mail.archive.org/cgi-bin/mailman/listinfo/ol-tech
Archives: http://www.mail-archive.com/[email protected]/
To unsubscribe from this mailing list, send email to
[email protected]
