2024-06-06 朱宝民 生产环境版本

Administrator

2024-06-06 400af57e240a4c0d74c81ffc8b3417226b51345a

 pipIrr-platform/pipIrr-common/src/main/java/com/dy/common/util/HttpUtils.java

@@ -6,6 +6,7 @@
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;

@@ -17,15 +18,25 @@
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.AuthSchemes;
import org.apache.http.client.config.CookieSpecs;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.ByteArrayEntity;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
@@ -255,40 +266,77 @@
   }

   private static HttpClient wrapClient(String host) {
      CloseableHttpClient httpClient = HttpClients.createDefault();
      if (host.startsWith("https://")) {
         sslClient(httpClient);
         return sslClient();
      }else{
         return HttpClients.createDefault();
      }

      return httpClient;
   }
//
//   private static void sslClient(HttpClient httpClient) {
//      try {
//         SSLContext ctx = SSLContext.getInstance("TLS");
//         X509TrustManager tm = new X509TrustManager() {
//            public X509Certificate[] getAcceptedIssuers() {
//               return null;
//            }
//
//            public void checkClientTrusted(X509Certificate[] xcs, String str) {
//
//            }
//
//            public void checkServerTrusted(X509Certificate[] xcs, String str) {
//
//            }
//         };
//         ctx.init(null, new TrustManager[] { tm }, null);
//         SSLSocketFactory ssf = new SSLSocketFactory(ctx);
//         ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
//         ClientConnectionManager ccm = httpClient.getConnectionManager();
//         SchemeRegistry registry = ccm.getSchemeRegistry();
//         registry.register(new Scheme("https", 443, ssf));
//      } catch (KeyManagementException ex) {
//         throw new RuntimeException(ex);
//      } catch (NoSuchAlgorithmException ex) {
//         throw new RuntimeException(ex);
//      }
//   }

   private static void sslClient(HttpClient httpClient) {
   /**
    * 在调用SSL之前需要重写验证方法，取消检测SSL
    * 创建ConnectionManager，添加Connection配置信息
    * @return HttpClient 支持https
    */
   private static HttpClient sslClient() {
      try {
         SSLContext ctx = SSLContext.getInstance("TLS");
         X509TrustManager tm = new X509TrustManager() {
            public X509Certificate[] getAcceptedIssuers() {
         // 在调用SSL之前需要重写验证方法，取消检测SSL
         X509TrustManager trustManager = new X509TrustManager() {
            @Override public X509Certificate[] getAcceptedIssuers() {
               return null;
            }

            public void checkClientTrusted(X509Certificate[] xcs, String str) {

            }

            public void checkServerTrusted(X509Certificate[] xcs, String str) {

            }
            @Override public void checkClientTrusted(X509Certificate[] xcs, String str) {}
            @Override public void checkServerTrusted(X509Certificate[] xcs, String str) {}
         };
         ctx.init(null, new TrustManager[] { tm }, null);
         SSLSocketFactory ssf = new SSLSocketFactory(ctx);
         ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
         ClientConnectionManager ccm = httpClient.getConnectionManager();
         SchemeRegistry registry = ccm.getSchemeRegistry();
         registry.register(new Scheme("https", 443, ssf));
         SSLContext ctx = SSLContext.getInstance(SSLConnectionSocketFactory.TLS);
         ctx.init(null, new TrustManager[] { trustManager }, null);
         SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(ctx, NoopHostnameVerifier.INSTANCE);
         // 创建Registry
         RequestConfig requestConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD_STRICT)
               .setExpectContinueEnabled(Boolean.TRUE).setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.NTLM, AuthSchemes.DIGEST))
               .setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC)).build();
         Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
               .register("http", PlainConnectionSocketFactory.INSTANCE)
               .register("https",socketFactory).build();
         // 创建ConnectionManager，添加Connection配置信息
         PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
         CloseableHttpClient closeableHttpClient = HttpClients.custom().setConnectionManager(connectionManager)
               .setDefaultRequestConfig(requestConfig).build();
         return closeableHttpClient;
      } catch (KeyManagementException ex) {
         throw new RuntimeException(ex);
      } catch (NoSuchAlgorithmException ex) {
         throw new RuntimeException(ex);
      }
   }

}