Java Paypal 集成 SOAP JAX-WS - SSL 握手异常

Posted

技术标签:

【中文标题】Java Paypal 集成 SOAP JAX-WS - SSL 握手异常【英文标题】:Java Paypal Integration SOAP JAX-WS - SSL Handshakeexception 【发布时间】:2014-02-20 02:43:00 【问题描述】:

这个问题与使用 SOAP 请求/响应模型将 PayPal API 与 Java 集成有关。

以下方法包括建立请求参数并返回响应字符串,在本例中为令牌。我看了几个关于如何进行请求调用的示例,但这些方法是为更少的版本创建的(这个版本是“109.0”,我看到的其他示例是 80、60 甚至 40)。

无论如何,我从 PayPal 下载了 .wsdl 文件,使用 SOAPUI 和 JAX-WS Web 服务样式创建了客户端 Java 类,保存了项目并使用 MyEclipse 打开。我也在我的 Java TomCat 服务器上导入了 PayPal 证书,在 java 的 cacerts 文件上使用 keytool 导入。

下面的方法假设是返回字符串值的请求方法:

public String setExpressCheckout(String returnURL, String cancelURL) throws ErrorGeneral 

    PayPalAPIInterfaceService pp = new PayPalAPIInterfaceService();
    UserIdPasswordType login = new UserIdPasswordType();
    login.setUsername("carlos.martinez_api1.netijam.com");
    login.setPassword("1389974315");
    login.setSignature("AFcWxV21C7fd0v3bYYYRCps-s-rl31AI-ujedgZR8zf1CorgeJpph2tssY");
    String token = "";
    String ackString;   
    // following class is generated by wsdl2java utility Service class

    final PayPalAPIAAInterface expressCheckoutPort = pp.getPayPalAPIAA();
    final Binding binding = ((BindingProvider) expressCheckoutPort).getBinding();
    List<Handler> handlersList = new ArrayList<Handler>();

    // now, adding instance of Handler to handlersList which should do our job:
    // creating header instance
    CustomSecurityHeaderType headerObj = new CustomSecurityHeaderType();
    UserIdPasswordType credentials = new UserIdPasswordType();
    credentials.setUsername("carlos.martinez_api1.netijam.com");
    credentials.setPassword("1389974315");
    credentials.setSignature("AFcWxV21C7fd0v3bYYYRCps-s-rl31AI-ujedgZR8zf1CorgeJpph2tssY");
    headerObj.setCredentials(credentials);


    ObjectFactory objectFactory = new ObjectFactory();
    // creating JAXBElement from headerObj
    final JAXBElement<CustomSecurityHeaderType> requesterCredentials = objectFactory.createRequesterCredentials(headerObj);

    handlersList.add(new SOAPHandler<SOAPMessageContext>() 
        @Override
        public boolean handleMessage(final SOAPMessageContext context)         
            try 
                // checking whether handled message is outbound one as per Martin Strauss answer
                final Boolean outbound = (Boolean) context.get("javax.xml.ws.handler.message.outbound");
                if (outbound != null && outbound) 
                    // obtaining marshaller which should marshal instance to xml
                    final Marshaller marshaller = JAXBContext.newInstance(CustomSecurityHeaderType.class).createMarshaller();
                    // adding header because otherwise it's null
                    final SOAPHeader soapHeader = context.getMessage().getSOAPPart().getEnvelope().addHeader();
                    // marshalling instance (appending) to SOAP header's xml node
                    marshaller.marshal(requesterCredentials, soapHeader);
                
             catch (final Exception e) 
                throw new RuntimeException(e);
            
            return true;
        

        @Override
        public boolean handleFault(SOAPMessageContext context) 
            // TODO Auto-generated method stub
            return false;
        

        @Override
        public void close(MessageContext context) 
            // TODO Auto-generated method stub

        

        @Override
        public Set<QName> getHeaders() 
            // TODO Auto-generated method stub
            return null;
        

        // ... default implementations of other methods go here

    );
    // as per Jean-Bernard Pellerin's comment setting handlerChain list here, after all handlers were added to list

    binding.setHandlerChain(handlersList);


    try 

        SetExpressCheckoutReq sECR = new SetExpressCheckoutReq();
        SetExpressCheckoutRequestType sECRDT = new SetExpressCheckoutRequestType();
        sECRDT.setVersion("109.0");
        SetExpressCheckoutRequestDetailsType details = new SetExpressCheckoutRequestDetailsType();
        PaymentDetailsType paymentDetails = new PaymentDetailsType();
        paymentDetails.setOrderDescription("Integrating Stuff Test Order");
        paymentDetails.setInvoiceID("INVOICE-" + Math.random());
        BasicAmountType orderTotal = new BasicAmountType();
        orderTotal.setCurrencyID(CurrencyCodeType.EUR);
        orderTotal.setValue("120.00");
        paymentDetails.setOrderTotal(orderTotal);
        paymentDetails.setPaymentAction(PaymentActionCodeType.SALE);
        List<PaymentDetailsType> listaDetallesPago = new ArrayList<PaymentDetailsType>();
        listaDetallesPago.add(paymentDetails);
        details.setPaymentDetails(listaDetallesPago);
        details.setReturnURL(returnURL);
        details.setCancelURL(cancelURL);

        sECRDT.setSetExpressCheckoutRequestDetails(details);


        sECR.setSetExpressCheckoutRequest(sECRDT);


        SetExpressCheckoutResponseType response = expressCheckoutPort.setExpressCheckout(sECR);

        ackString = response.getAck().value();
        System.out.println(ackString);
        token = response.getToken();

        for (ErrorType msg : response.getErrors()) 
            System.out.println(msg.getLongMessage());
        
     catch (Exception ex) 
        System.out.println(ex.getMessage());
    

    // get the token from the response
    return token;

这是我收到的错误:

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1959)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
at com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:92)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:110)
at com.sun.xml.ws.protocol.soap.ClientMUPipe.process(ClientMUPipe.java:72)
at com.sun.xml.ws.handler.HandlerPipe.process(HandlerPipe.java:134)
at com.sun.xml.ws.handler.HandlerPipe.process(HandlerPipe.java:134)
at com.sun.xml.ws.client.Stub.process(Stub.java:125)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:127)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:238)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:212)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:110)
at com.sun.proxy.$Proxy39.setExpressCheckout(Unknown Source)
at capsula.SetExpressCheckoutService.setExpressCheckout(SetExpressCheckoutService.java:168)
at capsula.SetExpressCheckoutService.main(SetExpressCheckoutService.java:56)

我试图搜索网络的每个部分以找到解决方案,但我找不到。我从 PayPal 阅读了很多示例,但它并没有说明任何关于新版本的信息,因为在旧版本中,有一种简单的方法可以发出请求,包括请求中的凭据,而不是做那些糟糕的部分:

ObjectFactory objectFactory = new ObjectFactory();
// creating JAXBElement from headerObj
final JAXBElement<CustomSecurityHeaderType> requesterCredentials = objectFactory.createRequesterCredentials(headerObj);

handlersList.add(new SOAPHandler<SOAPMessageContext>() 
    @Override
    public boolean handleMessage(final SOAPMessageContext context)         
        try 
            // checking whether handled message is outbound one as per Martin Strauss answer
            final Boolean outbound = (Boolean) context.get("javax.xml.ws.handler.message.outbound");
            if (outbound != null && outbound) 
                // obtaining marshaller which should marshal instance to xml
                final Marshaller marshaller = JAXBContext.newInstance(CustomSecurityHeaderType.class).createMarshaller();
                // adding header because otherwise it's null
                final SOAPHeader soapHeader = context.getMessage().getSOAPPart().getEnvelope().addHeader();
                // marshalling instance (appending) to SOAP header's xml node
                marshaller.marshal(requesterCredentials, soapHeader);
            
         catch (final Exception e) 
            throw new RuntimeException(e);
        
        return true;
    

    @Override
    public boolean handleFault(SOAPMessageContext context) 
        // TODO Auto-generated method stub
        return false;
    

    @Override
    public void close(MessageContext context) 
        // TODO Auto-generated method stub

    

    @Override
    public Set<QName> getHeaders() 
        // TODO Auto-generated method stub
        return null;
    

    // ... default implementations of other methods go here

);
// as per Jean-Bernard Pellerin's commententer code here setting handlerChain list here, after all handlers were added to list

binding.setHandlerChain(handlersList);

因为我不确定这是否正确解决。

所有帮助将不胜感激。谢谢! =)

【问题讨论】:

【参考方案1】:

问题出在我自己生成的类中,当我尝试调用 web 服务时,我无法传递 CustomSecurityHeader,这是因为类 APIService 没有正确生成。对于这个案例,经过调查,我弄清楚了发生了什么。

起初我使用soapUI 程序自动生成发送Paypal 提供给开发人员的.wsdl 文件的类。但是,我没有做的重要事情是建立一个自定义参数来生成正确的代码:

-XadditionalHeaders -Xnocompile

这是为使用“wsimport”命令(用于 Jax-WS 库生成的代码)的其他教程提取的,使用此命令的人也添加了这些参数。完整的线路是。我可以使用这样的终端控制台命令:

wsimport -keep -XadditionalHeaders -Xnocompile -p paypal.test Desktop/PayPalSvc.wsdl/

生成正确的类并传递 CustomSecurityHeader。

我目前执行正确请求的代码是:

String usuario = "carlos.martinez_api1.netijam.com";
String password = "XEDdsafXSCE4";
String firma = "A6aFJz-KhDsdf7f-668iCsdfweFplAcbDlof-vWP5wsdfsdEAy9T-d.";
//Make encapsulated object of my own class cabeceraPeticiones
CabeceraPeticiones cabeceraPeticiones = CabeceraPeticiones.getInstanceCabecera(usuario, password, firma);
//Call the method that takes the header in the format that webservice needs
Holder<CustomSecurityHeaderType> cabeceraSeguridad = cabeceraPeticiones.getCabecera();      

//Set the connection params to work properly and the webservice method that I want to execute
PayPalAPIInterfaceService pp = new PayPalAPIInterfaceService();
GetExpressCheckoutDetailsReq gECR = new GetExpressCheckoutDetailsReq();
GetExpressCheckoutDetailsRequestType gECDRT = new GetExpressCheckoutDetailsRequestType();
PayPalAPIAAInterface expressCheckoutPort = pp.getPayPalAPIAA(); 
((BindingProvider) expressCheckoutPort).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,  "https://api-aa-3t.sandbox.paypal.com/2.0/");

//I take the response from the webservice operation that I execute, passing the header and the webservice request param
GetExpressCheckoutDetailsResponseType response = expressCheckoutPort.getExpressCheckoutDetails(gECR, cabeceraSeguridad);

【讨论】:

以上是关于Java Paypal 集成 SOAP JAX-WS - SSL 握手异常的主要内容,如果未能解决你的问题,请参考以下文章

Paypal Adaptive Payments PHP Soap SDK 未定义定义

Paypal 与 java 的集成

网站集成paypal问题

使用 PayPal Payments Pro 记录 SOAP API 操作

使用 paypal api 时无法建立 SOAP 连接

Java / PayPal 集成指向错误的端点