Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

403 Forbibben in API Rest Call

Tags:

java

rest

I am writing a small program in java which makes a rest call to an endpoint to verify a reference id. I have written this program in two different ways and each work when I run it from my PC but when I deploy the jar file on the test Linux CentOs Server, I get a 403 forbidden error from the end point, So I thought maybe the ip was blocked and then I tried the same thing with curl and it worked perfectly.

What could be the issue? could it be ssl certificate version error?

Way 1 :

public String sendGet(String id) {
    restTemplate = new RestTemplate();
    log.info("Authorization :::: {}", "Bearer " + this.getApiAuth());

    HttpHeaders headers = new HttpHeaders();

    headers.set("Authorization", "Bearer " + this.getApiAuth());

    List<MediaType> acceptableMediaTypes = new ArrayList<>();

    acceptableMediaTypes.add(MediaType.APPLICATION_JSON);
    headers.setAccept(acceptableMediaTypes);
    headers.setContentType(MediaType.APPLICATION_JSON);

    HttpEntity<String> httpRequestEntity = new HttpEntity<>(headers);
    ResponseEntity<String> exchange = getRestTemplate().exchange(this.getUrl() + id, HttpMethod.GET, httpRequestEntity, String.class);

    log.info("Status Code :::: {}", exchange.getStatusCode());
    log.info("Status Code :::: {}", exchange.getBody());
    return exchange.getBody(); 
}

Way 2 :

 public String sendGet(String message) throws Exception {
    infoLogger.info("GOING HERE " + url + message);

    java.lang.System.setProperty("https.protocols", "TLSv1,TLSv1.1,TLSv1.2");
    URL obj = new URL(url + message);
    HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();

    con.setRequestMethod("GET");

    infoLogger.info("Setting Authorization: Bearer " + this.getApiAuth());
    con.setRequestProperty("Authorization", "Bearer " +this.getApiAuth());
    con.setRequestProperty("Content-Type", MediaType.APPLICATION_JSON_VALUE);
    con.setRequestProperty("accept", MediaType.APPLICATION_JSON_VALUE);

    int responseCode = con.getResponseCode();
    infoLogger.info("\nSending 'GET' request to URL : " + url);
    infoLogger.info("Response Code : " + responseCode);

    BufferedReader in = null;
    String inputLine;
    StringBuilder response = new StringBuilder();

    if ((200 <= con.getResponseCode()) && (con.getResponseCode() <= 299)) {
        if (con.getInputStream() != null) {
            in = new BufferedReader(new InputStreamReader(con.getInputStream()));
        }
    } else if (con.getErrorStream() != null) {
        in = new BufferedReader(new InputStreamReader(con.getErrorStream()));
    } else {
        infoLogger.info("GOT NOTHING ");
    }

    while ((inputLine = in.readLine()) != null) {
        response.append(inputLine);
    }
    in.close();

    //print result
    System.out.println(response.toString());
    return response.toString();

}

So I did a .getResponseMessage as asked and I got the following error:

Access denied | api.paystack.co used Cloudflare to restrict accessbody{margin:0;padding:0} Please enable cookies.

Error 1010 Ray ID: 49f12b9b9bb6c5fa • 2019-01-26 07:12:17 UTC

Access denied What happened?

The owner of this website (api.paystack.co) has banned your access based on your browser's signature (49f12b9b9bb6c5fa-ua21).

Cloudflare Ray ID: 49f12b9b9bb6c5fa • Your IP: 104.248.9.123 • Performance & security by Cloudflare

window._cf_translation = {}; `
like image 300
DaviesTobi alex Avatar asked Jan 25 '19 14:01

DaviesTobi alex


2 Answers

The supplyer of the service you are trying to access is using CloudFlare. They are using some sort of browser integrity check (see https://support.cloudflare.com/hc/en-us/articles/200171806-Error-1010-The-owner-of-this-website-has-banned-your-access-based-on-your-browser-s-signature).

You can change the signature in your java code:

con.setRequestProperty("User-Agent", "My own REST client");

You seem to use a different JDK on your PC than on your CentOS server, so the signatures of the Java HttpsURLConnection are different. They are of course different from curl.

like image 148
Jens Dibbern Avatar answered Oct 07 '22 06:10

Jens Dibbern


For Way 1, this will work:

headers.add("user-agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36");
like image 27
Miguel O Avatar answered Oct 07 '22 05:10

Miguel O