Skip to content

Instantly share code, notes, and snippets.

@Cyclenerd

Cyclenerd/MyHttpClient.java

Last active March 1, 2017 10:55
Show Gist options
  • Save Cyclenerd/41c737ee4b6ee4c767947af790d09e2c to your computer and use it in GitHub Desktop.
Save Cyclenerd/41c737ee4b6ee4c767947af790d09e2c to your computer and use it in GitHub Desktop.
Download ZIP
Java & Apache HttpClient 4.5: Insecure HTTP(S) Client
Raw
MyHttpClient.java
import javax.net.ssl.SSLContext;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
// https://hc.apache.org/httpcomponents-client-4.5.x/index.html
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;
public class MyHttpClient {
public final static void main(String[] args) throws Exception {
// Setup a Trust Strategy that allows all certificates.
// !!! DO NOT USE THIS IN PRODUCTION !!!
SSLContext sslcontext = SSLContexts.custom().loadTrustMaterial(null, new TrustStrategy() {
public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
return true;
}
}).build();
// Allow TLSv1 protocol only
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslcontext,
new String[] { "TLSv1" },
null,
SSLConnectionSocketFactory.getDefaultHostnameVerifier()
);
CloseableHttpClient httpclient = HttpClients.custom()
.setSSLSocketFactory(sslsf)
.build();
try {
// Get URL
HttpGet httpget = new HttpGet("https://input.livetracking.io/time");
System.out.println("Executing request " + httpget.getRequestLine());
CloseableHttpResponse response = httpclient.execute(httpget);
try {
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
System.out.println(EntityUtils.toString(entity));
} finally {
response.close();
}
} finally {
httpclient.close();
}
}
}
Raw
MyHttpClientWithBasicAuth.java
import javax.net.ssl.SSLContext;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.AuthCache;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;
public class MyHttpClient {
public final static void main(String[] args) throws Exception {
// HTTP Basic Authentication with username and password
HttpHost target = new HttpHost("input.livetracking.io", 443, "http");
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(
new AuthScope(target.getHostName(), target.getPort()),
new UsernamePasswordCredentials("USERNAME", "PASSWORD")); // Set username and password
// Setup a Trust Strategy that allows all certificates.
// !!! DO NOT USE THIS IN PRODUCTION !!!
SSLContext sslcontext = SSLContexts.custom().loadTrustMaterial(null, new TrustStrategy() {
public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
return true;
}
}).build();
// Allow TLSv1 protocol only
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslcontext,
new String[] { "TLSv1" },
null,
SSLConnectionSocketFactory.getDefaultHostnameVerifier()
);
CloseableHttpClient httpclient = HttpClients.custom()
.setDefaultCredentialsProvider(credsProvider)
.setSSLSocketFactory(sslsf)
.build();
try {
// Create AuthCache instance
AuthCache authCache = new BasicAuthCache();
// Generate BASIC scheme object and add it to the local
// auth cache
BasicScheme basicAuth = new BasicScheme();
authCache.put(target, basicAuth);
// Add AuthCache to the execution context
HttpClientContext localContext = HttpClientContext.create();
localContext.setAuthCache(authCache);
// Get URL
HttpGet httpget = new HttpGet("https://input.livetracking.io/user");
httpget.setHeader("User-Agent", "MySuperUserAgent");
System.out.println("Executing request " + httpget.getRequestLine());
CloseableHttpResponse response = httpclient.execute(httpget);
try {
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
System.out.println(EntityUtils.toString(entity));
} finally {
response.close();
}
} finally {
httpclient.close();
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment