四大微博OAuth认证

阅读更多

 

新浪、腾讯、人人、豆瓣、Facebook、Twitter OAuth认证实例

 

javascript:mctmp(0);

 

http://06peng.com/archives/106


据说这两天腾讯的服务器出了问题,认证的时候报这样的错:

Java 代码 复制内容到剪贴板
        
  1. oauth.signpost.exception.OAuthCommunicationException: Communication with the service provider failed: Not trusted server certificate  
  2.     
  3. Caused by: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate  
  4.     
  5. oauth.signpost.exception.OAuthCommunicationException: Communication with the service provider failed: Nopeer certificate  

这是因为Https认证被截获导致,Client认为安全失效,很久之前就出现了这个问题了,那时候在WebView上加上下面的代码就可以解决了

Java 代码 复制内容到剪贴板
        
  1. public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {    
  2.     
  3.      handler.proceed();  
  4.     
  5. }    

没想到又出现这个问题,于是一翻研究,在stackoverflow.com上找到答案,写了一个自定义类继承SSLSocketFactory,

Java 代码 复制内容到剪贴板
        
  1. public class SSLSocketFactoryEx extends SSLSocketFactory {  
  2.     
  3.   
  4.     
  5.     SSLContext sslContext = SSLContext.getInstance("TLS");  
  6.     
  7.   
  8.     
  9.     public SSLSocketFactoryEx(KeyStore truststore)  
  10.     
  11.             throws NoSuchAlgorithmException, KeyManagementException,  
  12.     
  13.             KeyStoreException, UnrecoverableKeyException {  
  14.     
  15.         super(truststore);  
  16.     
  17.   
  18.     
  19.         TrustManager tm = new X509TrustManager() {  
  20.     
  21.   
  22.     
  23.             public java.security.cert.X509Certificate[] getAcceptedIssuers() {  
  24.     
  25.                 return null;  
  26.     
  27.             }  
  28.     
  29.   
  30.     
  31.             @Override  
  32.     
  33.             public void checkClientTrusted(  
  34.     
  35.                     java.security.cert.X509Certificate[] chain, String authType)  
  36.     
  37.                     throws java.security.cert.CertificateException {  
  38.     
  39.   
  40.     
  41.             }  
  42.     
  43.   
  44.     
  45.             @Override  
  46.     
  47.             public void checkServerTrusted(  
  48.     
  49.                     java.security.cert.X509Certificate[] chain, String authType)  
  50.     
  51.                     throws java.security.cert.CertificateException {  
  52.     
  53.   
  54.     
  55.             }  
  56.     
  57.         };  
  58.     
  59.   
  60.     
  61.         sslContext.init(nullnew TrustManager[] { tm }, null);  
  62.     
  63.     }  
  64.     
  65.   
  66.     
  67.     @Override  
  68.     
  69.     public Socket createSocket(Socket socket, String host, int port,  
  70.     
  71.             boolean autoClose) throws IOException, UnknownHostException {  
  72.     
  73.         return sslContext.getSocketFactory().createSocket(socket, host, port,  
  74.     
  75.                 autoClose);  
  76.     
  77.     }  
  78.     
  79.   
  80.     
  81.     @Override  
  82.     
  83.     public Socket createSocket() throws IOException {  
  84.     
  85.         return sslContext.getSocketFactory().createSocket();  
  86.     
  87.     }  
  88.     
  89. }  

调用方法,只要用认证返回的HttpCilent即可。代码:

Java 代码 复制内容到剪贴板
        
  1. public HttpClient getNewHttpClient() {  
  2.     
  3.         try {  
  4.     
  5.             KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());  
  6.     
  7.             trustStore.load(nullnull);  
  8.     
  9.   
  10.     
  11.             SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore);  
  12.     
  13.             sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);  
  14.     
  15.   
  16.     
  17.             HttpParams params = new BasicHttpParams();  
  18.     
  19.             HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);  
  20.     
  21.             HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);  
  22.     
  23.   
  24.     
  25.             SchemeRegistry registry = new SchemeRegistry();  
  26.     
  27.             registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));  
  28.     
  29.             registry.register(new Scheme("https", sf, 443));  
  30.     
  31.   
  32.     
  33.             ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);  
  34.     
  35.   
  36.     
  37.             return new DefaultHttpClient(ccm, params);  
  38.     
  39.         } catch (Exception e) {  
  40.     
  41.             return new DefaultHttpClient();  
  42.     
  43.         }  
  44.     
  45.     }  

这样就解决了问题,有网友说把腾讯认证的地址https去掉改成http,那是不可取的做法。

我已经把代码集成到signpost中,如果有需要的同学可自行下载,有不明白或者不好的地方给我评论留言。

 

 

你可能感兴趣的:(Android,OAuth,微博)