0 Votes

Authnet Java SDK doesnt support TLS 1.2. Need to update util classes.

Status: Accepted
by TonyC ‎06-13-2017 11:45 AM - edited ‎06-13-2017 11:53 AM

Our company was having trouble with our connection to Authnet in the sandbox environment due to the recent upgrade requiring TLS 1.2. Our company's app is running with Java 1.7. We tried setting our project's http protocols to force TLS 1.2 but this didnt seem to be working. Eventually we discovered that the anet-java-sdk:1.9.3 is usign a default HTTPClient. We had to override the HttpClient and HttpCallTask classes in the util directory.  

 

Anywhere that the class set up a defaultHttpClient, we replaced that code with this:

 

SSLContext sslContext = SSLContexts.custom()
.useTLS()
.build();

SSLConnectionSocketFactory f = new SSLConnectionSocketFactory(
sslContext,
new String[]{"TLSv1.2"},
null,
SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(f)
.build();

 

 

The entire HttpClient and HttpCallTask classes are below. If we could get these changes added to a new SDK from Authnet, that may help other customers avoid this same problem. Also, it would be helpful for us as then we can continue just importing the entire file library rather than including all the anet files in our own code structure. 

 

HttpClient:

 

package net.authorize.util;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URLDecoder;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.params.ConnRoutePNames;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.CoreProtocolPNames;
import org.apache.http.params.HttpConnectionParams;
import org.apache.http.protocol.HTTP;

import net.authorize.Environment;
import net.authorize.ResponseField;
import net.authorize.Transaction;

import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.client.CloseableHttpClient;
import javax.net.ssl.SSLContext;
import org.apache.http.conn.ssl.SSLContexts;
import javax.net.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;


/**
* Transportation object used to facilitate the communication with the respective gateway.
*
*/
public class HttpClient {
private static Log logger = LogFactory.getLog(HttpClient.class);

public static final String ENCODING = "UTF-8";
static boolean proxySet = false;

static boolean UseProxy = Environment.getBooleanProperty(Constants.HTTPS_USE_PROXY);
static String ProxyHost = Environment.getProperty(Constants.HTTPS_PROXY_HOST);
static int ProxyPort = Environment.getIntProperty(Constants.HTTPS_PROXY_PORT);
static int httpConnectionTimeout = Environment.getIntProperty(Constants.HTTP_CONNECTION_TIME_OUT);
static int httpReadTimeout = Environment.getIntProperty(Constants.HTTP_READ_TIME_OUT);

static {
LogHelper.info(logger, "Use Proxy: '%s'", UseProxy);

httpConnectionTimeout = (httpConnectionTimeout == 0 ? Constants.HTTP_CONNECTION_TIME_OUT_DEFAULT_VALUE : httpConnectionTimeout );
httpReadTimeout = (httpReadTimeout == 0 ? Constants.HTTP_READ_TIME_OUT_DEFAULT_VALUE : httpReadTimeout);
}
/**
* Creates the http post object for an environment and transaction container.
*
* @param env
* @param transaction
* @return HttpPost object
*
* @throws Exception
*/
private static HttpPost createHttpPost(Environment env, Transaction transaction) throws Exception {
URI postUrl;
HttpPost httpPost = null;

if(transaction instanceof net.authorize.aim.Transaction ||
transaction instanceof net.authorize.sim.Transaction) {

if(transaction instanceof net.authorize.aim.Transaction &&
((net.authorize.aim.Transaction)transaction).isCardPresent()) {

postUrl = new URI(env.getCardPresentUrl() + "/gateway/transact.dll");
} else {
postUrl = new URI(env.getBaseUrl() + "/gateway/transact.dll");
}

httpPost = new HttpPost(postUrl);

httpPost.getParams().setBooleanParameter(CoreProtocolPNames.USE_EXPECT_CONTINUE, false);

//set the tcp connection timeout
httpPost.getParams().setIntParameter(HttpConnectionParams.CONNECTION_TIMEOUT, httpConnectionTimeout);
//set the time out on read-data request
httpPost.getParams().setIntParameter(HttpConnectionParams.SO_TIMEOUT, httpReadTimeout);

httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
httpPost.setEntity(new StringEntity(transaction.toNVPString(), HTTP.UTF_8));
} else if (transaction instanceof net.authorize.arb.Transaction ||
transaction instanceof net.authorize.cim.Transaction ||
transaction instanceof net.authorize.reporting.Transaction) {

postUrl = new URI(env.getXmlBaseUrl() + "/xml/v1/request.api");
httpPost = new HttpPost(postUrl);
httpPost.getParams().setBooleanParameter(CoreProtocolPNames.USE_EXPECT_CONTINUE, false);

//set the TCP connection timeout
httpPost.getParams().setIntParameter(HttpConnectionParams.CONNECTION_TIMEOUT, httpConnectionTimeout);
//set the time out on read-data request
httpPost.getParams().setIntParameter(HttpConnectionParams.SO_TIMEOUT, httpReadTimeout);

httpPost.setHeader("Content-Type", "text/xml; charset=utf-8");
httpPost.setEntity(new StringEntity(transaction.toXMLString(), HTTP.UTF_8));
}

return httpPost;
}

/**
* Creates a response map for a given response string and transaction container.
*
* @param transaction
* @param responseString
* @return container map containing semi-processed data after request was posted
* @throws UnsupportedEncodingException
*/
private static Map<ResponseField, String> createResponseMap(Transaction transaction, String responseString)
throws UnsupportedEncodingException {

Map<ResponseField, String> responseMap = null;

// aim/sim
if(transaction instanceof net.authorize.aim.Transaction ||
transaction instanceof net.authorize.sim.Transaction) {

String decodedResponseData = URLDecoder.decode(responseString, HTTP.UTF_8);


responseMap = ResponseParser.parseResponseString(decodedResponseData);
}

return responseMap;
}

/**
* Executes a Transaction against a given Environment.
*
* @param environment
* @param transaction
* @return container map containing semi-processed data after request was posted
*/
public static Map<ResponseField, String> execute(Environment environment, Transaction transaction) {
Map<ResponseField, String> responseMap = new HashMap<ResponseField, String>();

if(environment != null && transaction != null) {
try {
SSLContext sslContext = SSLContexts.custom()
.useTLS()
.build();

SSLConnectionSocketFactory f = new SSLConnectionSocketFactory(
sslContext,
new String[]{"TLSv1.2"},
null,
SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(f)
.build();

setProxyIfRequested(httpClient);

// create the HTTP POST object
HttpPost httpPost = createHttpPost(environment, transaction);

// execute the request
HttpResponse httpResponse = httpClient.execute(httpPost);
String rawResponseString;
if(httpResponse != null && httpResponse.getStatusLine().getStatusCode() == 200) {
HttpEntity entity = httpResponse.getEntity();

// get the raw data being received
InputStream instream = entity.getContent();
rawResponseString = convertStreamToString(instream);
}
// handle HTTP errors
else {
StringBuilder responseBuilder = new StringBuilder();
responseBuilder.append(3).append(net.authorize.aim.Transaction.TRANSACTION_FIELD_DELIMITER);
responseBuilder.append(3).append(net.authorize.aim.Transaction.TRANSACTION_FIELD_DELIMITER);
responseBuilder.append(22).append(net.authorize.aim.Transaction.TRANSACTION_FIELD_DELIMITER);
responseBuilder.append(httpResponse != null ? httpResponse.getStatusLine().getReasonPhrase() : " ");
rawResponseString = responseBuilder.toString();
}

httpClient.getConnectionManager().shutdown();

String cleanResponseString = XmlUtility.descapeStringForXml(rawResponseString);

responseMap = HttpClient.createResponseMap(transaction, cleanResponseString);
} catch (Exception e) {
LogHelper.warn(logger, "Exception getting response: '%s': '%s', '%s'", e.getMessage(), e.getCause(), Arrays.toString(e.getStackTrace()));
}
}

return responseMap;
}

/**
* Converts a response inputstream into a string.
*
* @param is
* @return String
*/
public static String convertStreamToString(InputStream is) {
BufferedReader reader = new BufferedReader(new InputStreamReader(is));
StringBuilder sb = new StringBuilder();

String line;
try {
while ((line = reader.readLine()) != null) {
sb.append(line).append("\n");
}
} catch (IOException e) {
LogHelper.warn(logger, "Exception reading data from Stream: '%s'", e.getMessage());
} finally {
if ( null != reader){
try {
reader.close();
} catch (IOException e) {
LogHelper.warn(logger, "Exception closing BufferedReader: '%s'", e.getMessage());
}
}

if ( null != is) {
try {
is.close();
} catch (IOException e) {
LogHelper.warn(logger, "Exception closing InputStream: '%s'", e.getMessage());
}
}
}
return sb.toString();
}


/**
* Executes a Transaction against a given Environment.
*
* @param environment
* @param transaction
* @return BasicXmlDocument containing semi-processed data after request was posted
*/
public static BasicXmlDocument executeXML(Environment environment, Transaction transaction) {
BasicXmlDocument response = new BasicXmlDocument();

if(environment != null && transaction != null) {
try {
SSLContext sslContext = SSLContexts.custom()
.useTLS()
.build();

SSLConnectionSocketFactory f = new SSLConnectionSocketFactory(
sslContext,
new String[]{"TLSv1.2"},
null,
SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(f)
.build();

setProxyIfRequested(httpClient);

// create the HTTP POST object
HttpPost httpPost = createHttpPost(environment, transaction);

// execute the request
HttpResponse httpResponse = httpClient.execute(httpPost);
String rawResponseString;
if(httpResponse != null && httpResponse.getStatusLine().getStatusCode() == 200) {
HttpEntity entity = httpResponse.getEntity();

// get the raw data being received
InputStream instream = entity.getContent();
rawResponseString = convertStreamToString(instream);
}
else {
StringBuilder responseBuilder = new StringBuilder();
if(transaction instanceof net.authorize.arb.Transaction ||
transaction instanceof net.authorize.cim.Transaction ||
transaction instanceof net.authorize.reporting.Transaction) {

responseBuilder.append("<?xml version=\"1.0\" ?>");
responseBuilder.append("<messages><resultCode>Error</resultCode>");
responseBuilder.append("<message><code>E00001</code>");
responseBuilder.append("<text>");
responseBuilder.append(httpResponse != null?httpResponse.getStatusLine().getReasonPhrase():"");
responseBuilder.append("</text></message></messages>");
} else {
responseBuilder.append("<?xml version=\"1.0\" ?>");
responseBuilder.append("<response>");
responseBuilder.append("<ResponseCode>3</ResponseCode>");
responseBuilder.append("<Errors><Error><ErrorCode>22</ErrorCode><ErrorText><![CDATA[");
responseBuilder.append(httpResponse != null?httpResponse.getStatusLine().getReasonPhrase():"");
responseBuilder.append("]]></ErrorText></Error></Errors></response>");
}

rawResponseString = responseBuilder.toString();
}


httpClient.getConnectionManager().shutdown();

if(rawResponseString == null) return null;


int mark = rawResponseString.indexOf("<?xml");
if(mark == -1){
return null;
}

response.parseString(rawResponseString.substring(mark,rawResponseString.length()));
if(response.IsAccessible() == false){
return null;
}
} catch (Exception e) {
LogHelper.warn(logger, "Exception getting response: '%s': '%s', '%s'", e.getMessage(), e.getCause(), Arrays.toString(e.getStackTrace()));
}
}

return response;
}

/**
* if proxy use is requested, set http-client appropriately
* @param httpClient the client to add proxy values to
*/
public static void setProxyIfRequested(CloseableHttpClient httpClient) {
if ( UseProxy)
{
if ( !proxySet) {
LogHelper.info(logger, "Setting up proxy to URL: '%s://%s:%d'", Constants.PROXY_PROTOCOL, ProxyHost, ProxyPort);
proxySet = true;
}
HttpHost proxyHttpHost = new HttpHost(ProxyHost, ProxyPort, Constants.PROXY_PROTOCOL);
httpClient.getParams().setParameter( ConnRoutePNames.DEFAULT_PROXY, proxyHttpHost);
}
}
}

 

HttpCallTask:

 

package net.authorize.util;

import java.io.IOException;
import java.io.InputStream;
import java.util.List;
import java.util.concurrent.Callable;

import javax.xml.bind.JAXBException;
import javax.xml.bind.UnmarshalException;

import net.authorize.Environment;
import net.authorize.api.contract.v1.ANetApiRequest;
import net.authorize.api.contract.v1.ANetApiResponse;
import net.authorize.api.contract.v1.MessageTypeEnum;
import net.authorize.api.contract.v1.MessagesType;
import net.authorize.api.contract.v1.MessagesType.Message;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.client.CloseableHttpClient;
import javax.net.ssl.SSLContext;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.conn.ssl.SSLContexts;
import javax.net.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
//import net.authorize.api.controller.base.ErrorResponse;

/**
* Callable task to make http calls in future
* @author ramittal
*
*/
public class HttpCallTask implements Callable<ANetApiResponse> {
private static Log logger = LogFactory.getLog(HttpCallTask.class);

Environment env = null;
ANetApiRequest request = null;
@SuppressWarnings("rawtypes")
Class classType = null;

//private static ANetApiResponse errorResponse = null;
private Message errorMessage = null;

/**
* Creates task to be called in future for making http call
* @param env Env to point to
* @param request Http request to send
* @param classType Expected response type if successful
*/
public <T> HttpCallTask(Environment env, ANetApiRequest request, Class<T> classType) {
this.env = env;
this.request = request;
this.classType = classType;
this.errorMessage = new Message();
}

@SuppressWarnings("unchecked")
/**
* Makes a http call, using the proxy if requested, and returns apiresponse
* with error code set appropriately
* @return ANetApiResponse successful or failed response
*/
public ANetApiResponse call() throws Exception {
ANetApiResponse response = null;
StringBuilder buffer = new StringBuilder();

CloseableHttpClient httpCaller = null;

try {
HttpPost httppost = HttpUtility.createPostRequest(this.env, this.request);
SSLContext sslContext = SSLContexts.custom()
.useTLS()
.build();

SSLConnectionSocketFactory f = new SSLConnectionSocketFactory(
sslContext,
new String[]{"TLSv1.2"},
null,
SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

httpCaller = HttpClients.custom()
.setSSLSocketFactory(f)
.build();
HttpClient.setProxyIfRequested(httpCaller);
HttpResponse httpResponse = httpCaller.execute(httppost);

if ( null != httpResponse) {
if ( null != httpResponse.getStatusLine()) {
if ( 200 == httpResponse.getStatusLine().getStatusCode()) {

HttpEntity entity = httpResponse.getEntity();
// get the raw data being received
InputStream instream = entity.getContent();
buffer.append(HttpUtility.convertStreamToString(instream));
}
}
}
LogHelper.debug(logger, "Raw Response: '%s'", buffer.toString());
// handle HTTP errors
if (0 == buffer.length()) {
response = createErrorResponse(httpResponse, null);
} else { // i.e. if ( StringUtils.isNotEmpty(buffer.toString()))
Object localResponse = null;

try {
localResponse = XmlUtility.create(buffer.toString(), this.classType);
} catch(UnmarshalException ume) {
try {
//try deserializing to error message
localResponse = XmlUtility.create(buffer.toString(), net.authorize.api.contract.v1.ErrorResponse.class);
} catch(JAXBException jabex) {
response = createErrorResponse(httpResponse, jabex);
}
} catch(JAXBException jabex) {
response = createErrorResponse(httpResponse, jabex);
}

//ObjectFactory factory = new ObjectFactory();
//JAXBElement<ANetApiResponse> error = factory.createErrorResponse();

//check if error
if ( null == localResponse) {
try {
response = XmlUtility.create(buffer.toString(), ANetApiResponse.class);
} catch(JAXBException jabex) {
response = createErrorResponse(httpResponse, jabex);
}
} else {
if (localResponse instanceof ANetApiResponse)
{
response = (ANetApiResponse) localResponse;
} else {
LogHelper.warn( logger, "Unknown ResponseType: '%s'", localResponse);
}
}
}
} catch (ClientProtocolException cpe) {
response = createErrorResponse(null, cpe);
} catch (IOException ioe) {
response = createErrorResponse(null, ioe);
} finally {
if ( null != httpCaller) {
httpCaller.getConnectionManager().shutdown();
}
}

return response;
}

private ANetApiResponse createErrorResponse(HttpResponse httpResponse, Exception exception) {
ANetApiResponse response = new ANetApiResponse();

MessagesType aMessage = new MessagesType();
aMessage.setResultCode(MessageTypeEnum.ERROR);
response.setMessages(aMessage);

List<Message> messages = response.getMessages().getMessage();
//clear all messages
messages.clear();

setErrorResponse(messages, httpResponse);
setErrorResponse(messages, exception);

return response;
}

private void setErrorResponse(List<Message> messages, HttpResponse httpResponse) {
if ( null != httpResponse) {
messages.add(errorMessage);
String code = "Error";
String text = "Unknown Error";
if (null != httpResponse.getStatusLine())
{
LogHelper.warn( logger, "Error deserializing response to '%s'", this.classType);

code = String.format("%d", httpResponse.getStatusLine().getStatusCode());
if (null != httpResponse.getStatusLine().getReasonPhrase()) { text = httpResponse.getStatusLine().getReasonPhrase();}
}
setErrorMessageValues(code, text);
}
}

private void setErrorResponse(List<Message> messages, Exception exception) {
if ( null != exception) {
messages.add(errorMessage);
String code = "Error";
String text = "Unknown Error";
LogHelper.error( logger, "Http request execute failed: '%s'", exception.getMessage());
code = exception.getClass().getCanonicalName();
//code = exception.getClass().getTypeName();// requires java1.8
text = exception.getMessage();

setErrorMessageValues(code, text);
}
}

private void setErrorMessageValues(String code, String text) {
errorMessage.setCode(code);
errorMessage.setText(text);
LogHelper.warn(logger, "Adding ErrorMessage: Code: '%s', Text: '%s'", code, text);
}
}

 

Hopefully this is helpful for anyone else struggling to connect to the Sandbox environment. 

 

-Tony

Status: Accepted
Comments
by Administrator Administrator
on ‎06-15-2017 02:17 PM
Status changed to: Accepted
 
by
on ‎06-22-2017 11:04 PM

Thank for the details explaination.

 

The easiest way to do this is as below:

 

final SSLContext sc = SSLContext.getInstance("TLSv1.2");
sc.init(null, null, new java.security.SecureRandom());
final SSLSocketFactory socketFactory = sc.getSocketFactory(); 
HttpsURLConnection.setDefaultSSLSocketFactory(socketFactory);