I am writing a small program in java which makes a rest call to an endpoint to verify a reference id. I have written this program in two different ways and each work when I run it from my PC but when I deploy the jar file on the test Linux CentOs Server
, I get a 403 forbidden error
from the end point, So I thought maybe the ip was blocked and then I tried the same thing with curl and it worked perfectly.
What could be the issue? could it be ssl certificate version error?
Way 1 :
public String sendGet(String id) {
restTemplate = new RestTemplate();
log.info("Authorization :::: {}", "Bearer " + this.getApiAuth());
HttpHeaders headers = new HttpHeaders();
headers.set("Authorization", "Bearer " + this.getApiAuth());
List<MediaType> acceptableMediaTypes = new ArrayList<>();
acceptableMediaTypes.add(MediaType.APPLICATION_JSON);
headers.setAccept(acceptableMediaTypes);
headers.setContentType(MediaType.APPLICATION_JSON);
HttpEntity<String> httpRequestEntity = new HttpEntity<>(headers);
ResponseEntity<String> exchange = getRestTemplate().exchange(this.getUrl() + id, HttpMethod.GET, httpRequestEntity, String.class);
log.info("Status Code :::: {}", exchange.getStatusCode());
log.info("Status Code :::: {}", exchange.getBody());
return exchange.getBody();
}
Way 2 :
public String sendGet(String message) throws Exception {
infoLogger.info("GOING HERE " + url + message);
java.lang.System.setProperty("https.protocols", "TLSv1,TLSv1.1,TLSv1.2");
URL obj = new URL(url + message);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
con.setRequestMethod("GET");
infoLogger.info("Setting Authorization: Bearer " + this.getApiAuth());
con.setRequestProperty("Authorization", "Bearer " +this.getApiAuth());
con.setRequestProperty("Content-Type", MediaType.APPLICATION_JSON_VALUE);
con.setRequestProperty("accept", MediaType.APPLICATION_JSON_VALUE);
int responseCode = con.getResponseCode();
infoLogger.info("\nSending 'GET' request to URL : " + url);
infoLogger.info("Response Code : " + responseCode);
BufferedReader in = null;
String inputLine;
StringBuilder response = new StringBuilder();
if ((200 <= con.getResponseCode()) && (con.getResponseCode() <= 299)) {
if (con.getInputStream() != null) {
in = new BufferedReader(new InputStreamReader(con.getInputStream()));
}
} else if (con.getErrorStream() != null) {
in = new BufferedReader(new InputStreamReader(con.getErrorStream()));
} else {
infoLogger.info("GOT NOTHING ");
}
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
//print result
System.out.println(response.toString());
return response.toString();
}
So I did a .getResponseMessage
as asked and I got the following error:
Access denied | api.paystack.co used Cloudflare to restrict accessbody{margin:0;padding:0} Please enable cookies.
Error 1010 Ray ID: 49f12b9b9bb6c5fa • 2019-01-26 07:12:17 UTC
Access denied What happened?The owner of this website (api.paystack.co) has banned your access based on your browser's signature (49f12b9b9bb6c5fa-ua21).
Cloudflare Ray ID: 49f12b9b9bb6c5fa • Your IP: 104.248.9.123 • Performance & security by Cloudflare
window._cf_translation = {}; `
The supplyer of the service you are trying to access is using CloudFlare. They are using some sort of browser integrity check (see https://support.cloudflare.com/hc/en-us/articles/200171806-Error-1010-The-owner-of-this-website-has-banned-your-access-based-on-your-browser-s-signature).
You can change the signature in your java code:
con.setRequestProperty("User-Agent", "My own REST client");
You seem to use a different JDK on your PC than on your CentOS server, so the signatures of the Java HttpsURLConnection are different. They are of course different from curl.
For Way 1, this will work:
headers.add("user-agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36");
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With