Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- body="j_username=$user&j_password=$pass"
- j_sec_check=`curl -k --silent -L -i
- -H "Content-Type: application/x-www-form-urlencoded"
- -X POST
- -A "Apache-HttpClient/4.1.1 (java 1.5)"
- -d "$body"
- https://${host}/inet/ent_logon/j_security_check`
- memberCookie=`echo "$j_sec_check" | grep -Fi "Set-Cookie: MemberGlobalSession"`
- memberCookie=${memberCookie#"Set-Cookie: "}
- memberCookie=${memberCookie%"Comment=.company.com; Secure; Path=/; Domain=.company.com"}
- jsession=`echo "$j_sec_check" | grep -Fi "Set-Cookie: JSESSIONID"`
- jsession=${jsession#"Set-Cookie: "}
- jsession=${jsession%"Secure; Path=/; Domain=.company.com; HttpOnly"}
- cookies="$memberCookie $jsession"
- login_result=`curl -k --silent -i
- -H "Content-Type: application/x-www-form-urlencoded"
- -H "cookie: $cookies"
- -X POST
- -A "Apache-HttpClient/4.1.1 (java 1.5)"
- -d "$body"
- https://${host}/inet/ent_logon/j_security_check`
- Set-Cookie: dcenv=2; Path=/; Domain=.company.com
- Set-Cookie: tgenv=prod; Path=/; Domain=.company.com
- Set-Cookie: LtpaToken2=ltpatoken2value Path=/
- Set-Cookie: LtpaToken=ltpatoken2value; Path=/
- Set-Cookie: id_token=idtokenvalue; Path=/; Domain=.company.com; HttpOnly
- Set-Cookie: id_token_marker=idtokenmarkervalue; Path=/; Domain=.company.com
- Set-Cookie: TDO_RANDOM_COOKIE=33760687320170817092545; Path=/; Domain=.company.com
- Set-Cookie: CompanyMbWebMemberLoggedIn=true; Expires=Mon, 16-Jan-18 14:25:45 GMT; Path=/; Domain=.company.com; Secure
- /**
- *
- */
- package com.example.clazz;
- import java.io.*;
- import java.net.*;
- import java.util.*;
- import org.apache.commons.codec.binary.Base64;
- /**
- * @author adbdkb
- *
- */
- public class DW_RetrieveLTPAToken
- {
- /**
- *
- */
- public DW_RetrieveLTPAToken() {
- // TODO Auto-generated constructor stub
- }
- /**
- * @param args
- * @throws IOException
- */
- public static void main(String[] args) throws IOException {
- // set up the certs - keymanager and trustmanager
- setupCertificatesSecurity();
- // CookieHandler.setDefault( new CookieManager( null,
- // CookiePolicy.ACCEPT_ALL ) );
- String secUrl = getSecurityUrl();
- String requestCookie = "";
- boolean followDirect = true;
- HttpURLConnection conn = connectToSecurityUrl(secUrl, requestCookie, followDirect);
- String cookiesToResend = getNamedCookies(conn);
- getConnResponse(conn);
- conn.disconnect();
- System.out.println("Second call");
- // HttpURLConnection.setFollowRedirects(false);
- followDirect = false;
- HttpURLConnection conn2 = connectToSecurityUrl(secUrl, cookiesToResend, followDirect);
- // conn2.setInstanceFollowRedirects(false);
- getConnResponse(conn2);
- }
- /**
- * @param conn
- * @return
- */
- private static String getNamedCookies(HttpURLConnection conn) {
- String jSessionId = "JSESSIONID";
- String jSessionCookie = extractCookieByName(conn, jSessionId);
- System.out.println("jSessionCookie : " + jSessionCookie);
- String memberSession = "GlobalSession";
- String memberSessionCookie = extractCookieByName(conn, memberSession);
- System.out.println("memberSessionCookie : " + memberSessionCookie);
- return jSessionCookie + ";" + memberSessionCookie;
- }
- /**
- * @param requestCookie
- * @param followDirect
- * @param secUrl
- * @throws IOException
- *
- */
- private static HttpURLConnection connectToSecurityUrl(String secUrlPath,
- String requestCookie, boolean followDirect) throws IOException {
- URL url = new URL(secUrlPath);
- HttpURLConnection conn = (HttpURLConnection) url.openConnection();
- if(!followDirect) {
- conn.setInstanceFollowRedirects(false);
- }
- // conn.setReadTimeout(5000);
- // setDoInput(true) is used to fetch the response and is true by default.
- // Set the DoInput flag to true if you intend to use the URL connection
- // for input, false if not. The default is true.
- conn.setDoInput(true);
- // setDoOutput(true) is used with POST to allow sending a body via the
- // connection:
- // When using a different method e.g. GET, you have nothing to pass to the
- // connection,
- // so an OutputStream is not necessary.
- // Set the DoOutput flag to true if you intend to use the URL connection
- // for output, false if not. The default is false.
- conn.setDoOutput(true);
- // Add http headers for the connection
- addHeaders(conn);
- conn.setRequestMethod(getUrlConnMethod());
- System.out.println("requestCookie " + requestCookie);
- if (requestCookie != null && !requestCookie.isEmpty()) {
- conn.addRequestProperty("cookie", requestCookie);
- }
- // Add POST parameters
- addPostParameters(conn);
- conn.connect();
- return conn;
- }
- /**
- * @param conn
- * @throws IOException
- * @throws MalformedURLException
- *
- */
- private static void getConnResponse(HttpURLConnection conn)
- throws MalformedURLException, IOException {
- int status = conn.getResponseCode();
- printAllHeaders(conn);
- System.out.println("Response Code ... " + status);
- // Read response from original call
- retrieveResponse(conn);
- System.out.println("Done");
- return;
- }
- /**
- * @param conn
- */
- private static void printAllHeaders(HttpURLConnection conn) {
- for (String s : conn.getHeaderFields().keySet()) {
- if (s == null) {
- System.out.println(" " + conn.getHeaderField(s));
- } else {
- System.out.println(" " + s + "=" + conn.getHeaderField(s));
- }
- }
- for (int i = 0;; i++) {
- String headerName = conn.getHeaderFieldKey(i);
- String headerValue = conn.getHeaderField(i);
- if (headerName == null && headerValue == null) {
- break;
- }
- System.out.println("headerName : " + headerName + " headerValue : "
- + headerValue);
- }
- return;
- }
- /**
- * @param conn
- * @throws IOException
- * @throws UnsupportedEncodingException
- */
- private static void retrieveResponse(HttpURLConnection conn)
- throws UnsupportedEncodingException, IOException {
- StringBuilder html = new StringBuilder();
- try (InputStreamReader isr = new InputStreamReader(conn.getInputStream(),
- "UTF-8"); BufferedReader in = new BufferedReader(isr)) {
- String inputLine;
- while ((inputLine = in.readLine()) != null) {
- html.append(inputLine);
- }
- }
- System.out.println("output from call " + html.toString());
- printCookies(conn);
- String jSessionId = "JSESSIONID";
- String jSessionCookie = extractCookieByName(conn, jSessionId);
- System.out.println("jSessionCookie : " + jSessionCookie);
- String memberSession = "GlobalSession";
- String memberSessionCookie = extractCookieByName(conn, memberSession);
- System.out.println("memberSessionCookie : " + memberSessionCookie);
- return;
- }
- /**
- * @param conn
- * @param jSessionId
- * @return
- */
- private static String extractCookieByName(HttpURLConnection conn,
- String cookieName) {
- String extractedCookie = "";
- Map<String, List<String>> headerFields = conn.getHeaderFields();
- Set<String> headerFieldsSet = headerFields.keySet();
- for (String headerFieldKey : headerFieldsSet) {
- if ("Set-Cookie".equalsIgnoreCase(headerFieldKey)) {
- // Get all cookies
- List<String> headerCookieValue = headerFields.get(headerFieldKey);
- for (String headerValue : headerCookieValue) {
- String[] fields = headerValue.split(";\s*");
- String cookie = fields[0];
- String[] cookieDetails = cookie.split("=");
- String headerCookieName = cookieDetails[0];
- if (cookieName.equalsIgnoreCase(headerCookieName)
- || headerCookieName.endsWith(cookieName)) {
- extractedCookie = cookie;
- }
- }
- }
- }
- return extractedCookie;
- // // Grab Set-Cookie headers:
- // List<String> cookies = conn.getHeaderFields().get("Set-Cookie");
- //
- // // ...
- //
- // // Send them back in subsequent requests:
- // for (String cookie : cookies) {
- // conn.addRequestProperty("Cookie", cookie.split(";", 2)[0]);
- // }
- //
- //
- // return null;
- }
- /**
- * @param conn
- */
- private static void printCookies(HttpURLConnection conn) {
- Map<String, List<String>> headerFields = conn.getHeaderFields();
- Set<String> headerFieldsSet = headerFields.keySet();
- Iterator<String> hearerFieldsIter = headerFieldsSet.iterator();
- while (hearerFieldsIter.hasNext()) {
- String headerFieldKey = hearerFieldsIter.next();
- if ("Set-Cookie".equalsIgnoreCase(headerFieldKey)) {
- List<String> headerFieldValue = headerFields.get(headerFieldKey);
- for (String headerValue : headerFieldValue) {
- System.out.println("Cookie Found...");
- String[] fields = headerValue.split(";\s*");
- String cookieValue = fields[0];
- String expires = null;
- String path = null;
- String domain = null;
- boolean secure = false;
- // Parse each field
- for (int j = 1; j < fields.length; j++) {
- if ("secure".equalsIgnoreCase(fields[j])) {
- secure = true;
- } else if (fields[j].indexOf('=') > 0) {
- String[] f = fields[j].split("=");
- if ("expires".equalsIgnoreCase(f[0])) {
- expires = f[1];
- } else if ("domain".equalsIgnoreCase(f[0])) {
- domain = f[1];
- } else if ("path".equalsIgnoreCase(f[0])) {
- path = f[1];
- }
- }
- }
- System.out.println("cookieValue:" + cookieValue);
- System.out.println("expires:" + expires);
- System.out.println("path:" + path);
- System.out.println("domain:" + domain);
- System.out.println("secure:" + secure);
- System.out.println("*****************************************");
- }
- }
- }
- // temporary to build request cookie header
- StringBuilder sb = new StringBuilder();
- // find the cookies in the response header from the first request
- List<String> cookies = conn.getHeaderFields().get("Set-Cookie");
- if (cookies != null) {
- for (String cookie : cookies) {
- if (sb.length() > 0) {
- sb.append("; ");
- }
- // only want the first part of the cookie header that has the value
- String value = cookie.split(";")[0];
- sb.append(value);
- }
- }
- // build request cookie header to send on all subsequent requests
- String cookieHeader = sb.toString();
- System.out.println("cookieHeader : " + cookieHeader);
- return;
- }
- /**
- * @param conn
- * @throws IOException
- *
- */
- private static void addPostParameters(HttpURLConnection conn)
- throws IOException {
- StringBuilder postParams = new StringBuilder("j_username=");
- postParams.append(Base64.encodeBase64(getUser().getBytes()));
- postParams.append("&j_password=");
- postParams.append(Base64.encodeBase64(getPassWd().getBytes()));
- conn.setDoOutput(true);
- try (OutputStreamWriter outputStreamWriter = new OutputStreamWriter(
- conn.getOutputStream())) {
- outputStreamWriter.write(postParams.toString());
- outputStreamWriter.flush();
- }
- return;
- }
- /**
- * @param conn
- */
- private static void addHeaders(HttpURLConnection conn) {
- // add headers
- final String USER_AGENT = "HttpUrlConnection (java 1.7)";
- final String keepAlivetime = "300";
- Map<String, String> header = new LinkedHashMap<String, String>();
- // header.put("REFERER", "");
- header.put("Content-Type", "application/x-www-form-urlencoded");
- header.put("Connection", "keep-alive");
- // header.put("Keep-Alive", keepAlivetime);
- header.put("User-Agent", USER_AGENT);
- // header.put("Accept-Language", "en-US,en;q=0.5");
- // header.put("Accept",
- // "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8");
- for (String key : header.keySet()) {
- conn.addRequestProperty(key, header.get(key));
- }
- return;
- }
- /**
- * @return
- */
- private static String getUrlConnMethod() {
- String connMethod = "POST";
- return connMethod;
- }
- /**
- * @return
- */
- private static String getHost() {
- String host = "test.company.com";
- return host;
- }
- /**
- * @return
- */
- private static String getUser() {
- String user = "validUser";
- return user;
- }
- /**
- * @return
- */
- private static String getPassWd() {
- String pw = "validPass";
- return pw;
- }
- /**
- * @return
- */
- private static String getPin() {
- String pin = "1234";
- return pin;
- }
- /**
- * @return
- */
- private static String getSecurityUrl() {
- StringBuilder sb = new StringBuilder();
- sb.append("https://").append(getHost()).append(getSecCheckPath());
- String securityUrl = sb.toString();
- return securityUrl;
- }
- /**
- * @return
- */
- private static String getSecCheckPath() {
- String secCheckPath = "/logon/j_security_check";
- return secCheckPath;
- }
- /**
- *
- */
- private static void setupCertificatesSecurity() {
- System.setProperty("javax.net.ssl.trustStore",
- "C:\TestBed\TestStandaloneConnTrustStore.jks");
- System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
- System.setProperty("javax.net.ssl.keyStoreType", "JKS");
- System.setProperty("javax.net.ssl.keyStore",
- "C:\TestBed\TestStandaloneConnKeyStore.jks");
- System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
- return;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement