https请求之绕过证书安全校验工具类(原)
Posted hmhhz
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了https请求之绕过证书安全校验工具类(原)相关的知识,希望对你有一定的参考价值。
package com.isoftstone.core.util; import java.io.BufferedReader; import java.io.ByteArrayOutputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStream; import java.io.PrintWriter; import java.io.UnsupportedEncodingException; import java.net.HttpURLConnection; import java.net.URL; import java.text.SimpleDateFormat; import java.util.Date; import java.util.Map; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLSession; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; /** * https post发送工具 * * @author 超神之巅 * */ public class HttpsTool { private static final String LINE_SEPARATOR = System.getProperty("line.separator"); static HostnameVerifier hv = new HostnameVerifier() { public boolean verify(String urlHostName, SSLSession session) { System.out.println("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost()); return true; } }; private static void trustAllHttpsCertificates() throws Exception { javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1]; javax.net.ssl.TrustManager tm = new miTM(); trustAllCerts[0] = tm; javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext .getInstance("SSL"); sc.init(null, trustAllCerts, null); javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc .getSocketFactory()); } static class miTM implements javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public boolean isServerTrusted( java.security.cert.X509Certificate[] certs) { return true; } public boolean isClientTrusted( java.security.cert.X509Certificate[] certs) { return true; } public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) throws java.security.cert.CertificateException { return; } public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) throws java.security.cert.CertificateException { return; } } /** * 发送报文 * * 通信失败时返回分两种:一种是抛异常,一种是返回"",本方法取前者 * * @param requestData * 请求报文 * @param headMap * head请求头参数 conn.setRequestProperty(key,value) * @param urlStr * 请求地址 * @param sendEncoding * 请求编码 * @param recvEncoding * 返回编码 * @param connectionTimeout * 链接超时时间 1000代表 1秒 * @param readTimeout * 读取超时时间 1000代表1秒 * @return * @throws IOException * @author 超神之巅 */ public static String send(String requestData,Map<String,String> headMap, String urlStr, String sendEncoding, String recvEncoding, int connectionTimeout, int readTimeout,String contentType) throws Exception { URL url = null; HttpsURLConnection conn = null; ByteArrayOutputStream byteOut = null; BufferedReader readInfo = null; StringBuilder retBuilder = new StringBuilder();// 这里用不着多线程安全的StringBuffer OutputStream out = null; String line = null; StringBuilder reqDetailProcedure = new StringBuilder();// 这里用不着多线程安全的StringBuffer Date startTime = new Date(); reqDetailProcedure.append("请求时间:【" + DATE_FORMATER.format(startTime) + "】").append(" "); reqDetailProcedure.append("请求地址:【" + urlStr + "】").append(" "); reqDetailProcedure.append("真实请求方式及编码:【post " + sendEncoding + "】").append(" "); reqDetailProcedure.append("期望返回编码:【" + recvEncoding + "】").append(" "); reqDetailProcedure.append("请求超时时间:【" + readTimeout / 1000 + "s】").append(" "); reqDetailProcedure.append("请求报文:【" + requestData + "】").append(" "); try { // 如有必要,给?后的参数加encode(xxx,"UTF-8"),不然目标系统可能收到的request.getParameter()是乱码 // String arg = java.net.URLEncoder.encode("中国","UTF-8"); // url = new URL(urlStr+"?deptname="+arg); url = new URL(urlStr); trustAllHttpsCertificates(); HttpsURLConnection.setDefaultHostnameVerifier(hv); conn = (HttpsURLConnection) url.openConnection(); conn.setRequestMethod("POST"); // 新增部分 //conn.setHostnameVerifier(new TrustAnyHostnameVerifier()); conn.setRequestProperty("SOAPAction", """"); conn.setRequestProperty("Accept", "application/xml, application/json,application/dime, multipart/related, text/*"); // 如果没有下面这一行代码,服务器端可以通过request.getParameter()和request.getInputStream()都接收到相同信息 // Content-Type相关知识链接: http://www.cnblogs.com/whatlonelytear/p/6187575.html // conn如果不设Content-Type,则默认成application/x-www-form-urlencoded // 当然也可以配置成application/x-www-form-urlencoded;charset=UTF-8,此时要求服务端返回UTF-8编码,如果本地还用gbk去解码,有可能得到乱码 conn.setRequestProperty("Content-Type", contentType); // 如果把Content-Type的类型改变成非application/x-www-form-urlencoded,如改成text/xml, // 则目标服务器端仅能通过request.getInputStream()接收信息, 如conn.setRequestProperty("Content-Type", "text/xml;charset=GBK"); // Content-Type各类型解释: http://blog.csdn.net/blueheart20/article/details/45174399 // conn.setRequestProperty("Accept-Charset", "utf-8");//未知 //Cache-Control说明链接:http://huangyunbin.iteye.com/blog/1943310 或 http://www.cnblogs.com/whatlonelytear/articles/6385390.html conn.setRequestProperty("Cache-Control", "no-cache"); //设置head头,如果已存在,则覆盖之前的head配置 if(headMap != null){ for(Map.Entry<String, String > entry : headMap.entrySet()){ conn.setRequestProperty(entry.getKey(),entry.getValue()); } } // conn.setRequestProperty("appName", appName);//各系统需要设置应用系统名,如电销为telesales(无意义,本人自定义) conn.setUseCaches(false); // 忽略缓存 // get请求用不到conn.getOutputStream(),因为参数直接追加在地址后面,因此默认是false. // post请求(比如:文件上传)需要往服务区传输大量的数据,这些数据是放在http的body里面的,因此需要在建立连接以后,往服务端写数据. // 因为总是使用conn.getInputStream()获取服务端的响应,因此默认值是true. conn.setDoOutput(true); // 使用 URL // 连接进行输出,允许使用conn.getOutputStream().write() conn.setDoInput(true); // 使用 URL // 连接进行输入,允许使用conn.getInputStream().read(); conn.setConnectTimeout(connectionTimeout);// 链接超时 conn.setReadTimeout(readTimeout);// 读取超时 conn.connect();// 建立链接 byteOut = new ByteArrayOutputStream(); byteOut.write(requestData.getBytes(sendEncoding));// 以指定编码发送,如果有乱码,修改之 byte[] buf = byteOut.toByteArray(); out = conn.getOutputStream(); out.write(buf); out.flush(); reqDetailProcedure.append("响应码和状态:【" + conn.getResponseCode() + "/" + conn.getResponseMessage() + "】").append(" "); if (HttpURLConnection.HTTP_OK == conn.getResponseCode()) {// 正确返回 InputStream tempStream = conn.getInputStream(); readInfo = new BufferedReader(new java.io.InputStreamReader(tempStream, recvEncoding));// 以指定编码读取返回信息,如果有乱码,修改之 while ((line = readInfo.readLine()) != null) { retBuilder.append(line).append(LINE_SEPARATOR); } } else {// 没有正确返回 // 这个else分支有冗余代码,一来代码不多,二来这个分支是经过长时间思考,还是保留了下来,方便我以后对错误做不抛异常处理等 InputStream tempStream = conn.getInputStream();// 如果响应码不是200,一般在这里就开始报异常,不会走到下面几行中去的. readInfo = new BufferedReader(new java.io.InputStreamReader(tempStream, recvEncoding));// cannotReach while ((line = readInfo.readLine()) != null) {// cannotReach retBuilder.append(line);// cannotReach }// cannotReach reqDetailProcedure.append("@@返回异常报文:【" + retBuilder + "】").append(" ");// cannotReach } } catch (IOException e) { e.printStackTrace(); throw e; } finally { // 目标服务端用response.setContentType("text/html;charset=UTF-8");然后源调用方可以用conn.getContentType()获取到[猜测,暂未测试] // conn.getContentType()包含在Head返回的内容中. // 返回如果带编码,可以做成动态编码去把流转成字符串,暂不优化.这是极好的l优化点. reqDetailProcedure.append("返回内容类型及编码:【" + conn.getContentType() + "】").append(" "); reqDetailProcedure.append("返回HEAD头信息:【" + conn.getHeaderFields() + "】").append(" "); reqDetailProcedure.append("返回报文:【" + retBuilder.toString() + "】").append(" "); Date endTime = new Date(); reqDetailProcedure.append("返回时间:【" + DATE_FORMATER.format(endTime) + "】").append(" "); long diffMilliSecond = endTime.getTime() - startTime.getTime(); long diffSecond = (diffMilliSecond / 1000); reqDetailProcedure.append("耗时:【" + diffMilliSecond + "】毫秒,大约" + "【" + diffSecond + "】秒").append(" "); System.out.println(reqDetailProcedure.toString()); //ThreadLocalListContainer.put(reqDetailProcedure.toString()); // ThreadLocalMapContainer.put(KingConstants.REQ_DETAIL_PROCEDURE,reqDetailProcedure.toString()) try { if (readInfo != null) { readInfo.close(); } if (byteOut != null) { byteOut.close(); } if (out != null) { out.close(); } if (conn != null) { conn.disconnect(); } } catch (Exception e) { System.out.println("关闭链接出错!" + e.getMessage()); } } return retBuilder.toString(); } /** * 发送报文 * * 通信失败时返回分两种:一种是抛异常,一种是返回"",本方法取前者 * * @param requestData * 请求报文 * @param urlStr * 请求地址 * @param sendEncoding * 请求编码 * @param recvEncoding * 返回编码 * @param connectionTimeout * 链接超时时间 1000代表 1秒 * @param readTimeout * 读取超时时间 1000代表1秒 * @return * @throws IOException * @author 超神之巅 */ public static String send(String requestData, String urlStr, String sendEncoding, String recvEncoding, int connectionTimeout, int readTimeout) throws Exception { boolean flag = isJson(requestData);//是否JSON String contentType="application/soap+xml"; if(flag) { contentType = "application/json"; } return send( requestData,null, urlStr, sendEncoding, recvEncoding, connectionTimeout, readTimeout,contentType); } /** * * @param filePath * 文件绝对路径 * @param encoding * 读取文件的编码 * @return * @author 超神之巅 * @throws Exception */ public static String readStringFromFile(String filePath, String encoding) { File file = new File(filePath); // System.out.println("文件 "+filePath+"存在与否?: "+ file.exists()); String tempLine = null; String retStr = ""; InputStreamReader isr = null;// way1: // FileReader fr = null;//way2 StringBuilder sb = new StringBuilder(); try { if (file.exists()) { isr = new InputStreamReader(new FileInputStream(file), encoding);// way1: // fr = new FileReader(file);//way2 BufferedReader br = new BufferedReader(isr);// way1: // BufferedReader br = new BufferedReader(fr);;//way2: tempLine = br.readLine(); while (tempLine != null) { sb.append(tempLine).append(System.getProperty("line.separator")); tempLine = br.readLine(); } retStr = sb.toString(); } } catch (UnsupportedEncodingException e) { e.printStackTrace(); } catch (FileNotFoundException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } finally { try { if (isr != null) isr.close(); } catch (Exception e) { e.printStackTrace(); } } // System.out.println("读到的文件内容如下:"); // System.out.println(retStr); return retStr; } /** * 判断字符串是否为JSON格式 * @param str * @return */ public static boolean isJson(String str){ if (StringUtils.isBlank(str)) { return false; } boolean flag1 = (str.startsWith("{") && str.endsWith("}")); boolean flag2 = (str.startsWith("[") && str.endsWith("]")); return (flag1 || flag2); } /*public static final void writeInfo(HttpServletResponse resp, String errorCode, String respInfo, Map<String, Object> map) { map.put("errorCode", errorCode); map.put("respInfo", respInfo); String detail = ThreadLocalListContainer.getAll(); map.put(KingConstants.DETAIL_PROCEDURE, detail); ThreadLocalListContainer.clearAll(); // map.put(KingConstants.DETAIL_PROCEDURE, detail); try { // String gsonInfo = new Gson().toJson(map);//old Gson gson = new GsonBuilder().setPrettyPrinting().create();//new String gsonInfo = gson.toJson(map); PrintWriter pw = resp.getWriter(); pw.print(gsonInfo); pw.flush(); pw.close(); } catch (IOException e) { e.printStackTrace(); } }*/ /** * * @param resp * @param errorCode * @param respInfo * @param map * ...... * @time 2017年4月23日 上午9:12:43 * @author 超神之巅 */ /*public static final void writeInfo(HttpServletResponse resp, KingResp result) { String detail = ThreadLocalListContainer.getAll(); result.setDetailProcedure(detail); ThreadLocalListContainer.clearAll(); try { // String gsonInfo = new Gson().toJson(map);//old Gson gson = new GsonBuilder().setPrettyPrinting().create();//new String gsonInfo = gson.toJson(result); FileTool.writeStringToFile("d:/temp/myinfo.txt", gsonInfo, "gbk", false); PrintWriter pw = resp.getWriter(); pw.print(gsonInfo); pw.flush(); pw.close(); } catch (IOException e) { e.printStackTrace(); } }*/ public static final void writeInfo(HttpServletResponse resp, String respInfo) { try { PrintWriter pw = resp.getWriter(); pw.print(respInfo); pw.flush(); pw.close(); } catch (IOException e) { e.printStackTrace(); } } public static final SimpleDateFormat DATE_FORMATER = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss:sss"); public static void main(String[] args) throws Exception { String requestUrl = "https://bx.zhcgs.gov.cn:8060/NewBxInfo/BxInfo.asmx"; //把cacerts20181015文到该目录 System.setProperty("javax.net.ssl.trustStore", "K:\\myprogram\\jdk\\jdk8\\jdk1.8.0_141\\jre\\lib\\security\\cacerts20181015"); String requestData = readStringFromFile("d:/file/send.xml", "UTF-8");// 有乱码,请修改指定编码 String sencXml = HttpsTool.send(requestData, requestUrl, "utf-8", "utf-8", 300 * 1000, 300 * 1000);// 大家最终只要使用这一句代码就可调用 } }
以上是关于https请求之绕过证书安全校验工具类(原)的主要内容,如果未能解决你的问题,请参考以下文章