读书人
栏目

腾讯微博oauth认证,该如何处理

发布时间: 2012-04-15 18:39:21 作者: rapoo

腾讯微博oauth认证
请求request_token出现如下异常,求解

Java code
11-08 15:08:43.516: W/System.err(2770): oauth.signpost.exception.OAuthCommunicationException: Communication with the service provider failed: Not trusted server certificate11-08 15:08:43.525: W/System.err(2770):     at oauth.signpost.AbstractOAuthProvider.retrieveToken(AbstractOAuthProvider.java:215)11-08 15:08:43.525: W/System.err(2770):     at oauth.signpost.AbstractOAuthProvider.retrieveRequestToken(AbstractOAuthProvider.java:69)11-08 15:08:43.525: W/System.err(2770):     at com.mypack.oauth.OAuthAsyncTask.doInBackground(OAuthAsyncTask.java:27)11-08 15:08:43.525: W/System.err(2770):     at com.mypack.oauth.OAuthAsyncTask.doInBackground(OAuthAsyncTask.java:1)11-08 15:08:43.536: W/System.err(2770):     at android.os.AsyncTask$2.call(AsyncTask.java:185)11-08 15:08:43.546: W/System.err(2770):     at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)11-08 15:08:43.546: W/System.err(2770):     at java.util.concurrent.FutureTask.run(FutureTask.java:137)11-08 15:08:43.556: W/System.err(2770):     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1068)11-08 15:08:43.556: W/System.err(2770):     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:561)11-08 15:08:43.566: W/System.err(2770):     at java.lang.Thread.run(Thread.java:1096)11-08 15:08:43.566: W/System.err(2770): Caused by: javax.net.ssl.SSLException: Not trusted server certificate11-08 15:08:43.566: W/System.err(2770):     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:371)11-08 15:08:43.566: W/System.err(2770):     at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:92)11-08 15:08:43.576: W/System.err(2770):     at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:381)11-08 15:08:43.586: W/System.err(2770):     at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:164)11-08 15:08:43.595: W/System.err(2770):     at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)11-08 15:08:43.606: W/System.err(2770):     at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)11-08 15:08:43.616: W/System.err(2770):     at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:348)11-08 15:08:43.616: W/System.err(2770):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)11-08 15:08:43.616: W/System.err(2770):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)11-08 15:08:43.637: W/System.err(2770):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)11-08 15:08:43.637: W/System.err(2770):     at oauth.signpost.commonshttp.CommonsHttpOAuthProvider.sendRequest(CommonsHttpOAuthProvider.java:92)11-08 15:08:43.686: W/System.err(2770):     at oauth.signpost.AbstractOAuthProvider.retrieveToken(AbstractOAuthProvider.java:178)11-08 15:08:43.686: W/System.err(2770):     ... 9 more11-08 15:08:43.686: W/System.err(2770): Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Could not validate certificate signature.11-08 15:08:43.696: W/System.err(2770):     at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:168)11-08 15:08:43.706: W/System.err(2770):     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:366)11-08 15:08:43.706: W/System.err(2770):     ... 20 more11-08 15:08:43.706: W/System.err(2770): Caused by: java.security.cert.CertPathValidatorException: Could not validate certificate signature.11-08 15:08:43.726: W/System.err(2770):     at org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:342)11-08 15:08:43.726: W/System.err(2770):     at java.security.cert.CertPathValidator.validate(CertPathValidator.java:202)11-08 15:08:43.726: W/System.err(2770):     at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:164)11-08 15:08:43.726: W/System.err(2770):     ... 21 more11-08 15:08:43.737: W/System.err(2770): Caused by: java.security.SignatureException: Signature was not verified.11-08 15:08:43.756: W/System.err(2770):     at org.apache.harmony.security.provider.cert.X509CertImpl.fastVerify(X509CertImpl.java:601)11-08 15:08:43.756: W/System.err(2770):     at org.apache.harmony.security.provider.cert.X509CertImpl.verify(X509CertImpl.java:544)11-08 15:08:43.766: W/System.err(2770):     at org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:337)11-08 15:08:43.766: W/System.err(2770):     ... 23 more


[解决办法]
这个是腾讯的问题
[解决办法]
(1)添加类
public class _FakeX509TrustManager implements X509TrustManager {

private static TrustManager[] trustManagers;
private static final X509Certificate[] _AcceptedIssuers = new
X509Certificate[] {};

@Override
public void checkClientTrusted(X509Certificate[] chain, String
authType) throws CertificateException {
}

@Override
public void checkServerTrusted(X509Certificate[] chain, String
authType) throws CertificateException {
}

public boolean isClientTrusted(X509Certificate[] chain) {
return true;
}

public boolean isServerTrusted(X509Certificate[] chain) {
return true;
}

@Override
public X509Certificate[] getAcceptedIssuers() {
return _AcceptedIssuers;
}

public static void allowAllSSL() {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier(){

@Override
public boolean verify(String arg0, SSLSession arg1) {
// TODO Auto-generated method stub
return true;
}

});

SSLContext context = null;
if (trustManagers == null) {
trustManagers = new TrustManager[] { new _FakeX509TrustManager() };
}

try {
context = SSLContext.getInstance("TLS");
context.init(null, trustManagers, new SecureRandom());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}

HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
}

}


(2)在你要联网的地方调用,示例如下

_FakeX509TrustManager.allowAllSSL();
HttpURLConnection con =null;
URL postUrl = new URL("https://open.t.qq.com/cgi-bin/request_token?"+params);
con = (HttpURLConnection) postUrl.openConnection();
con.setRequestMethod("GET");


本人授权使用HttpURLConnetion方法,如上面代码所述,在联网前调用_FakeX509TrustManager.allowAllSSL()函数,便可正常联网了,直接无视 SSL证书 是否有效。

读书人网 >Android

热点推荐

触屏版 | 电脑版

读书人网 m.reader8.net