我面临一个奇怪的问题。在开发应用程序时,我使用spring social向用户提供登录Facebook帐户。我现在正在使用ssl脚本忽略证书检查,如下所示。问题是,当我尝试从Facebook访问令牌时,此脚本可以正常工作,但是当我尝试访问用户配置文件时,它会抛出错误
sun.security.provider.certpath.SunCertPathBuilderException:无法找到所请求目标的有效证书路径
我还尝试为我的localhost创建一个自签名证书,并将其添加到我的java密钥库中,但没有任何帮助。
Facebook Controller.java
@RequestMapping(value = "/social/facebook")
@Component
public class FacebookController<FacebookApi> {
private static final Logger LOGGER = LoggerFactory
.getLogger(FacebookController.class);
private static final String PUBLISH_SUCCESS = "success";
private static final String FACEBOOK = "facebook";
@Autowired
private ConnectionFactoryRegistry connectionFactoryRegistry;
@Autowired
private OAuth2Parameters oAuth2Parameters;
@Autowired
@Qualifier("facebookServiceProvider")
private OAuthServiceProvider<FacebookApi> facebookServiceProvider;
@RequestMapping(value = "/signin", method = RequestMethod.GET)
public ModelAndView signin(HttpServletRequest request,
HttpServletResponse response) throws Exception {
System.out.println("Redirecting to Facebook.........");
System.out.println(System.getProperty("java.home"));
System.setProperty( "http.proxyPort", "80" );
System.setProperty( "https.proxyPort", "80" );
System.setProperty( "http.proxyHost", "10.68.248.98" );
System.setProperty( "https.proxyHost", "10.68.248.98" );
FacebookConnectionFactory facebookConnectionFactory = (FacebookConnectionFactory) connectionFactoryRegistry
.getConnectionFactory(FACEBOOK);
OAuth2Operations oauthOperations = facebookConnectionFactory
.getOAuthOperations();
oAuth2Parameters.setState("recivedfromfacebooktoken");
String authorizeUrl = oauthOperations.buildAuthorizeUrl(
GrantType.AUTHORIZATION_CODE, oAuth2Parameters);
RedirectView redirectView = new RedirectView(authorizeUrl, true, true,
true);
System.out.println("Redirecting to Facebook again.........");
return new ModelAndView(redirectView);
}
@RequestMapping(value = "/callback", method = RequestMethod.GET)
@ResponseBody
public void postOnWall(@RequestParam("code") String code,
@RequestParam("state") String state, HttpServletRequest request,
HttpServletResponse response) throws Exception {
OAuthService oAuthService = facebookServiceProvider.getService();
System.out.println(oAuthService.getVersion());
Verifier verifier = new Verifier(code);
getSSL();
Token accessToken =oAuthService.getAccessToken(Token.empty(), verifier);
//System.out.println(accessToken);
//System.out.println(accessToken.getToken());
//getSSL();
FacebookTemplate template = new FacebookTemplate(accessToken.getToken());
//System.out.println(template);
**// ERROR COMES HERE**
User facebookProfile = template.userOperations().getUserProfile();
//System.out.println(facebookProfile);
String userId = facebookProfile.getId();
//System.out.println(facebookProfile.getEmail());
//System.out.println(facebookProfile.getFirstName());
LOGGER.info("Logged in User Id : {}", userId);
response.sendRedirect("/j_spring_security_check?j_username="+userId);
//return "success";
}
@RequestMapping(value = "/callback", params = "error_reason", method = RequestMethod.GET)
@ResponseBody
public void error(@RequestParam("error_reason") String errorReason,
@RequestParam("error") String error,
@RequestParam("error_description") String description,
HttpServletRequest request, HttpServletResponse response)
throws Exception {
try {
LOGGER.error(
"Error occurred while validating user, reason is : {}",
errorReason);
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, description);
} catch (Exception e) {
e.printStackTrace();
}
}
public void getSSL(){
SSLContext sslContext=null;
try {
sslContext= SSLContext.getInstance("SSL");
// set up a TrustManager that trusts everything
sslContext.init(null, new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
System.out.println("getAcceptedIssuers =============");
return null;
}
public void checkClientTrusted(X509Certificate[] certs,
String authType) {
System.out.println("checkClientTrusted =============");
}
public void checkServerTrusted(X509Certificate[] certs,
String authType) {
System.out.println("checkServerTrusted =============");
}
} }, new SecureRandom());
} catch (KeyManagementException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch(NoSuchAlgorithmException e){
e.printStackTrace();
}
if(sslContext!=null){
HttpsURLConnection.setDefaultSSLSocketFactory(
sslContext.getSocketFactory());
HttpsURLConnection
.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String arg0, SSLSession arg1) {
System.out.println("hostnameVerifier =============");
return true;
}
});
}
}
}
错误:
Redirecting to Facebook.........
D:\Java\jdk1.8.0_92\jre
Redirecting to Facebook again.........
2.0
checkServerTrusted =============
getAcceptedIssuers =============
Jul 22, 2016 7:50:33 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [spring-dispatcher] in context with path [/CIPlatform] threw exception [Request processing failed; nested exception is org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://graph.facebook.com/v2.5/me?fields=id%2Cabout%2Cage_range%2Cbio%2Cbirthday%2Ccontext%2Ccover%2Ccurrency%2Cdevices%2Ceducation%2Cemail%2Cfavorite_athletes%2Cfavorite_teams%2Cfirst_name%2Cgender%2Chometown%2Cinspirational_people%2Cinstalled%2Cinstall_type%2Cis_verified%2Clanguages%2Clast_name%2Clink%2Clocale%2Clocation%2Cmeeting_for%2Cmiddle_name%2Cname%2Cname_format%2Cpolitical%2Cquotes%2Cpayment_pricepoints%2Crelationship_status%2Creligion%2Csecurity_settings%2Csignificant_other%2Csports%2Ctest_group%2Ctimezone%2Cthird_party_id%2Cupdated_time%2Cverified%2Cvideo_upload_limits%2Cviewer_can_send_gift%2Cwebsite%2Cwork": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target] with root cause
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:275)
at org.apache.http.impl.conn.HttpClientConnectionOperator.upgrade(HttpClientConnectionOperator.java:167)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.upgrade(PoolingHttpClientConnectionManager.java:329)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:398)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:219)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:195)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:85)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:186)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
at org.springframework.http.client.HttpComponentsClientHttpRequest.executeInternal(HttpComponentsClientHttpRequest.java:91)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
at org.springframework.social.oauth2.OAuth2RequestInterceptor.intercept(OAuth2RequestInterceptor.java:45)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:85)
at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:69)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
at org.springframework.http.client.BufferingClientHttpRequestWrapper.executeInternal(BufferingClientHttpRequestWrapper.java:56)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
at org.springframework.social.oauth2.OAuth2RequestInterceptor.intercept(OAuth2RequestInterceptor.java:45)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:85)
at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:69)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:596)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:572)
at org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:280)
at org.springframework.social.facebook.api.impl.FacebookTemplate.fetchObject(FacebookTemplate.java:225)
at org.springframework.social.facebook.api.impl.FacebookTemplate.fetchObject(FacebookTemplate.java:220)
at org.springframework.social.facebook.api.impl.UserTemplate.getUserProfile(UserTemplate.java:53)
at org.springframework.social.facebook.api.impl.UserTemplate.getUserProfile(UserTemplate.java:49)
at com.tools.infosys.ciplatform.servlets.FacebookController.postOnWall(FacebookController.java:122)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:832)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:743)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:961)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:895)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:967)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:858)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:843)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:368)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:521)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1096)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:674)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
答案 0 :(得分:0)
我终于让它在我这边工作了。
1. 我必须将Facebook Graph SSL证书导入我的服务器密钥库。
changeit。Keytool命令:
keytool -import -alias star.facebook.com -keystore <JRE_HOME>\lib\security\cacerts -file star.facebook.com
2。 JVM似乎可能正在使用不受支持的TLS版本。由于我在GNU / Linux上有openJDK,因此JCE Unlimited Strength已经存在。不需要在这里做点什么。
命令行
java -Dhttps.protocols=TLSv1.2,TLSv1.1,TLSv1 ...
系统参数
System.setProperty("https.protocols", "TLSv1.2,TLSv1.1,TLSv1");
3。如果由于不推荐使用的字段(“bio”)而尝试访问Graph API v2.8,则Spring Social 2.0.3.RELEASE将无法正常检索用户配置文件。< / p>
而不是......
User userProfile = facebook.userOperations().getUserProfile(); // Error
...使用此功能:
String [] fields = { "id", "email", "first_name", "last_name" };
User userProfile = facebook.fetchObject("me", User.class, fields);
所有参考文献: