前言
上篇文章介绍了 java 发送 http 请求,大家都知道发送http是不安全的 。我也是由于对接了其他企业后总结了一套发送 https的工具。大家网上找方法很多的,但是可不是你粘过来就能用啊,我也是踩过坑的,所以我这个工具,只要粘贴到你们自己项目里就可以用。我的工具跟网上没什么区别,唯一的区别是我亲身实战过,把需要注意的细节列出来,不让大家浪费时间。
正文
本文只介绍 发送 post 请求,既然选择了 https 就不会用get,因为get也是不安全的。
读前须知
我会把需要依赖的包和引入的包先贴给大家,防止大家引用错误。
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
<version>4.4.8</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.3</version>
</dependency>
<dependency>
<groupId>org.testng</groupId>
<artifactId>testng</artifactId>
<version>6.11</version>
<scope>test</scope>
</dependency>
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient; import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate; <----工具类---->
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.HttpStatus;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost; import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
HTTPS 发送 POST 请求
一共需要两个类,不要问为什么,复制过去就能用。
public class SSLClient extends DefaultHttpClient {
public SSLClient() throws Exception {
super();
//传输协议需要根据自己的判断
SSLContext ctx = SSLContext.getInstance("TLS");
X509TrustManager tm = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
ctx.init(null, new TrustManager[]{tm}, null);
SSLSocketFactory ssf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
ClientConnectionManager ccm = this.getConnectionManager();
SchemeRegistry sr = ccm.getSchemeRegistry();
sr.register(new Scheme("https", 443, ssf));
}
}
这里发送 https 的操作有两个,一个是传 json ,一个是传 map ,大家根据自己需要自行复制使用
第一种是传 json 作为参数
参数说明:
url:url
map:json参数
charset:写死 utf-8
public String doPost(String url, String map, String charset) {
org.apache.http.client.HttpClient httpClient = null;
HttpPost httpPost = null;
String result = null;
try {
httpClient = new SSLClient();
httpPost = new HttpPost(url);
//设置参数
httpPost.addHeader("Accept", "application/json");
httpPost.addHeader("Content-Type", "application/json;charset=UTF-8");
StringEntity stringEntity = new StringEntity(map);
stringEntity.setContentEncoding("UTF-8");
stringEntity.setContentType("application/json");
httpPost.setEntity(stringEntity);
HttpResponse response = httpClient.execute(httpPost);
if (response != null) {
HttpEntity resEntity = response.getEntity();
if (resEntity != null) {
result = EntityUtils.toString(resEntity, charset);
}
}
} catch (Exception ex) {
ex.printStackTrace();
}
return result;
}
测试类,送大家一个MD5加密,其实我就懒得删掉了。
private String url = "https://www.xxxxxxxx.com/openapi/page/gettoken";
private String charset = "utf-8";
private HttpClient httpClientUtil = new HttpClient(); @Test
public void HttpsPostTest() throws Exception {
String ver = "1.0";
String msgId = "91b024e3-06ca-4a79-9993-1472d0fdb973";
String appId = "300011853779";
String timestamp = new SimpleDateFormat("yyyyMMddHHmmssSSS").format(new Date());
String appKey = "A0702827F21C9CC7DDC93AEF24B6B16B";
String sign = md5(ver + appId + msgId + timestamp + appKey).toUpperCase(); result.put("ver", ver);
result.put("msgId", msgId);
result.put("appId", appId);
result.put("timestamp", timestamp);
result.put("openType", "1");
result.put("message", "");
result.put("abilityId", "");
result.put("expandParams", "");
result.put("signType", "1");
result.put("sign", sign);
String encryptStr = result.toString();
System.out.println("encryptStr:" + encryptStr);
String httpOrgCreateTestRtn = httpClientUtil.doPost(url, encryptStr, charset);
System.out.println("result:" + httpOrgCreateTestRtn); }
public static String md5(String text) {
String result="";
try {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(text.getBytes("UTF-8"));
byte b[] = md.digest();
int i;
StringBuffer buf = new StringBuffer("");
for (int offset = 0; offset < b.length; offset++) {
i = b[offset];
if (i < 0)
i += 256;
if (i < 16)
buf.append("0");
buf.append(Integer.toHexString(i));
}
result = buf.toString();
// System.out.println("result: " + buf.toString());// 32位的加密
// System.out.println("result: " + buf.toString().substring(8, 24));// 16位的加密
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
}
return result;
}
第二种传map作为参数
public String doPost(String url, Map<String,String> map, String charset) {
org.apache.http.client.HttpClient httpClient = null;
HttpPost httpPost = null;
String result = null;
try {
httpClient = new SSLClient();
httpPost = new HttpPost(url);
//设置参数
List<NameValuePair> list = new ArrayList<NameValuePair>();
Iterator iterator = map.entrySet().iterator();
while (iterator.hasNext()) {
Map.Entry<String, String> elem = (Map.Entry<String, String>) iterator.next();
list.add(new BasicNameValuePair(elem.getKey(), elem.getValue()));
}
if (list.size() > 0) {
UrlEncodedFormEntity entity = new UrlEncodedFormEntity(list, charset);
entity.setContentType("application/json");
httpPost.setHeader("Accept", "application/json");
httpPost.setHeader("Content-type", "application/json;charset=utf-8");
httpPost.setEntity(entity);
}
HttpResponse response = httpClient.execute(httpPost);
if (response != null) {
HttpEntity resEntity = response.getEntity();
if (resEntity != null) {
result = EntityUtils.toString(resEntity, charset);
}
}
} catch (Exception ex) {
ex.printStackTrace();
}
return result;
}
发送的时候 大家把上面 json 测试的demo 中 JSONObject 改成Map 就可以。