Skip to content

Instantly share code, notes, and snippets.

@anthavio
Created September 16, 2014 18:13
Show Gist options
  • Save anthavio/98885c6155c7ec991ec9 to your computer and use it in GitHub Desktop.
Save anthavio/98885c6155c7ec991ec9 to your computer and use it in GitHub Desktop.
Spring OAuth2RestTemplate and Token Edpoint with self-signed certificate
class SSLContextRequestFactory extends SimpleClientHttpRequestFactory {
private final SSLContext sslContext;
public SSLContextRequestFactory(SSLContext sslContext) {
this.sslContext = sslContext;
}
@Override
protected void prepareConnection(HttpURLConnection connection, String httpMethod) throws IOException {
if (connection instanceof HttpsURLConnection) {
((HttpsURLConnection) connection).setSSLSocketFactory(sslContext.getSocketFactory());
}
super.prepareConnection(connection, httpMethod);
}
}
class Dumb509TrustManager implements X509TrustManager {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType)
throws CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType)
throws CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
}
@Configuration
@EnableOAuth2Client
public class OAuthResourceConfiguration {
@Resource
@Qualifier("accessTokenRequest")
private AccessTokenRequest accessTokenRequest;
@Bean
@Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES)
public OAuth2RestTemplate someOAuthRestTemplate() {
OAuth2ProtectedResourceDetails resource = ...;
OAuth2ClientContext context = ...;
OAuth2RestTemplate oauthTemplate = new OAuth2RestTemplate(resource, context);
disableCertificateChecking(oauthTemplate);
return oauthTemplate;
}
private static void disableCertificateChecks(OAuth2RestTemplate oauthTemplate) throws Exception {
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[] { new DumbX509TrustManager() }, null);
ClientHttpRequestFactory requestFactory = new SSLContextRequestFactory(sslContext);
//This is for OAuth protected resources
oauthTemplate.setRequestFactory(requestFactory);
//AuthorizationCodeAccessTokenProvider creates it's own RestTemplate for token operations
AuthorizationCodeAccessTokenProvider provider = new AuthorizationCodeAccessTokenProvider();
provider.setRequestFactory(requestFactory);
oauthTemplate.setAccessTokenProvider(provider);
}
}
@ygordanniel
Copy link

Hey man, I'm trying to use your code but it is still not working.

Here is what I tried:

public class SSLUtil {
    private static final TrustManager[] UNQUESTIONING_TRUST_MANAGER = new TrustManager[]{
        new X509TrustManager() {
            public java.security.cert.X509Certificate[] getAcceptedIssuers(){
                return null;
            }
            public void checkClientTrusted(X509Certificate[] certs, String authType ){}
            public void checkServerTrusted( X509Certificate[] certs, String authType ){}
        }
    };

    public static void turnOffSslChecking(OAuth2RestTemplate oAuth2RestTemplate) throws NoSuchAlgorithmException, KeyManagementException {
        // Install the all-trusting trust manager
        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init( null, UNQUESTIONING_TRUST_MANAGER, null );

        //This is for OAuth protected resources
        SSLContextRequestFactory requestFactory = new SSLContextRequestFactory(sc);
        oAuth2RestTemplate.setRequestFactory(requestFactory);

        //AuthorizationCodeAccessTokenProvider creates it's own RestTemplate for token operations
        AuthorizationCodeAccessTokenProvider provider = new AuthorizationCodeAccessTokenProvider();
        provider.setRequestFactory(requestFactory);
        oAuth2RestTemplate.setAccessTokenProvider(provider);
    }
}

Do you have any sugestions?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment