Veröffentlicht von Hier ein Code-Beispiel, wie man mit Java und einem Zertifikat eine Anfrage an eine ASP.NET API-Anwendung stellen kann.
Libraries
- OKHttp 4.8.1
Code
package com.indiClient.utilities;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
public class APIClientTest {
private final String url = "https://example.com:5001";
private final String pfxKeyStore = "<Location to Cert>\\cert.pfx";
private final String pfxKeyStorePW = "1234";
private final String javaTrustStorePW = "changeit"; // runtime/lib/security/cacerts
private boolean infos = false;
private boolean massage = false;
public APIClientTest() {
// Test ohne Zertifikat
getRequest(getClient(), url + "/api/Test", "GET");
getRequest(getClient(), url + "/api/Test", "POST");
getRequest(getClient(), url + "/weatherforecast", "GET");
getRequest(getClient(), url + "/weatherforecast/auth", "GET");
// Test mit Zertifikat
getRequest(getClientWithCert(), url + "/api/Test", "GET");
getRequest(getClientWithCert(), url + "/api/Test", "POST");
getRequest(getClientWithCert(), url + "/weatherforecast", "GET");
getRequest(getClientWithCert(), url + "/weatherforecast/auth", "GET");
}
private void getRequest(OkHttpClient client, String requestUrl, String method) {
System.out.println("------------------------ " + requestUrl + " - " + method +" ------------------------");
try {
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = RequestBody.create(mediaType, "");
Request request = null;
if (method.equalsIgnoreCase("get")) {
request = new Request.Builder()
.url(requestUrl)
.method(method, null)
.build();
} else {
request = new Request.Builder()
.url(requestUrl)
.method(method, body)
.build();
}
Response response = client.newCall(request).execute();
System.out.println("Status: " + response.code());
if (massage) {
System.out.println("Message: " + response.body().string());
}
System.out.println("\n");
} catch (IOException e) {
e.printStackTrace();
}
}
private OkHttpClient getClient() {
OkHttpClient client = new OkHttpClient.Builder()
.build();
return client;
}
private OkHttpClient getClientWithCert() {
try {
KeyStore keystore = getKeyStore();
X509Certificate cert = getCert(keystore);
KeyStore trustStore = getTrustStore();
// Wrap it up in an SSL context.
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keystore, pfxKeyStorePW.toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(),
new SecureRandom());
OkHttpClient client = new OkHttpClient.Builder()
.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagers[0])
.build();
return client;
} catch (NoSuchAlgorithmException | UnrecoverableKeyException | KeyStoreException | KeyManagementException e) {
e.printStackTrace();
}
return null;
}
private KeyStore getTrustStore() {
try {
File runtime = getRuntimeLocation().getParentFile().getParentFile();
String relativeCacertsPath = runtime + "/lib/security/cacerts".replace("/", File.separator);
if (!new File(relativeCacertsPath).exists()) {
System.err.println("Java KeyStore konnte nicht gefunden werden: " + relativeCacertsPath);
} else {
System.out.println("Java KeyStore gefunden: " + relativeCacertsPath);
}
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(new FileInputStream(relativeCacertsPath), javaTrustStorePW.toCharArray());
return trustStore;
} catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | IOException e) {
e.printStackTrace();
}
return null;
}
private KeyStore getKeyStore() {
try {
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
KeyStore keystore = KeyStore.getInstance("PKCS12", "SunJSSE");
keystore.load(new FileInputStream(pfxKeyStore), pfxKeyStorePW.toCharArray());
kmf.init(keystore, pfxKeyStorePW.toCharArray());
return keystore;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
private X509Certificate getCert(KeyStore keystore) {
try {
Enumeration<String> aliases = keystore.aliases();
while(aliases.hasMoreElements()){
String alias = aliases.nextElement();
if(keystore.getCertificate(alias).getType().equals("X.509")){
Date expDate = ((X509Certificate) keystore.getCertificate(alias)).getNotAfter();
Date fromDate= ((X509Certificate) keystore.getCertificate(alias)).getNotBefore();
if (infos) {
System.out.println("alias: " + keystore.getCertificate(alias) );
System.out.println("Expiray Date:-"+expDate );
System.out.println("From Date:-"+fromDate);
}
return (X509Certificate) keystore.getCertificate(alias);
}
}
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
private File getRuntimeLocation() {
final String javaLibraryPath = System.getProperty("java.library.path");
final File javaExeFile = new File(javaLibraryPath.substring(0, javaLibraryPath.indexOf(';')) + "\\java.exe");
final String javaExePath = javaExeFile.exists() ? javaExeFile.getAbsolutePath() : "java";
if (infos) {
System.out.println("javaLibraryPath: " + javaLibraryPath);
System.out.println("javaLibraryPath: " + javaExeFile);
System.out.println("javaLibraryPath: " + javaExePath);
}
if (javaExeFile.exists()) {
return javaExeFile;
} else {
return null;
}
}
public static void main(String[] args) {
new APIClientTest();
}
}
Code-Sprache: JavaScript (javascript)