1

I'm trying to acces the Stackexchange API via OAuth 2.0 implicit flow in a simple java Desktop application. I already got an non_expiry acces_token via URL.

I'm not into OAuth and everything I've tried so far didn't get me any further. Here's what I got so far:

private static final String bearerToken = "foobarbaz";  // acces_token

private static void useBearerToken(String bearerToken, String url_str) throws IOException {
    BufferedReader reader = null;
   
    URL url = new URL(url_str);
    HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
    connection.setRequestProperty("Authorization", "Bearer" + bearerToken);
    connection.setDoOutput(true);
    
    connection.setRequestMethod("GET");
    reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
    String line = null;
    StringWriter out = new StringWriter(connection.getContentLength() > 0 ? connection.getContentLength() : 2048);
    while ((line = reader.readLine()) != null) {
        out.append(line);
    }
    String response = out.toString();
    System.out.println(response);
    
}

public static void main(String[] args) throws IOException {
   
    useBearerToken(bearerToken,"https://api.stackexchange.com/2.2/posts/4308554?site=stackoverflow" );

}

I get following exception:

Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

What am I missing? I also registered my application. Client side flow enabled. Do I have to pass my Client ID or key somewhere?

fischbrot
  • 33
  • 7

1 Answers1

1

I found out that the exception was due to missing certificate, so I put the updated cacerts file to the corresponding path: jre\lib\security\cacerts.

After that I received this as response for my request:

���n�0�_%�!'բH��� ͡� =E!,ĕ��D*�ʪa��K9r�co�w��"�q��yn��Es����Y��z_'b�[2�)T�+��<�h�l=)0z4"�w=��U~c�B��˲�N��w���c��e���(��d�iY��\�}]>�C��Gs ���s��^��$Ca��ZנW7N���4�}�';0t��r_���N:�ݼ&"t�G;��n��83]�����4�N��^Tu)c�*��û��L�+�����Ս�nj�z��s-��ȣ��K�uh�������/ߟ�N�OϏt3�_�x�Ў�z=����~ǟ��~�8Y�Lj�*�   �� dW�%

However, the API response is compressed:

During normal operation, we guarantee that all responses are compressed, either with GZIP or DEFLATE.

Finally, I got it working by setting InputStreamReader as GZIPInputStream:

private static void useBearerToken(String bearerToken, String url_str) throws IOException {
    BufferedReader reader = null;
   
    URL url = new URL(url_str);
    HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
    connection.setRequestProperty("Authorization", "Bearer" + bearerToken);
    connection.setRequestProperty("Accept-Encoding", "gzip");
    connection.setDoOutput(true);
    
    connection.setRequestMethod("GET");
    reader = reader = new BufferedReader(new InputStreamReader(new GZIPInputStream(connection.getInputStream())));
    String line = null;
    StringWriter out = new StringWriter(connection.getContentLength() > 0 ? connection.getContentLength() : 2048);
    while ((line = reader.readLine()) != null) {
        out.append(line);
    }
    String response = out.toString();
    System.out.println(response);
    
}
double-beep
  • 5,031
  • 17
  • 33
  • 41
fischbrot
  • 33
  • 7