我正在尝试使用trustAllCertificates通过Https连接获取一些数据。
我的目的是首先抓住" Set-Cookie"在loginsite上使用GET请求的值(低于4),之后我使用它们对同一个loginsite执行真正的POST但在请求完成后我总是得到500响应代码。正确的响应应该是302给我.ASPXAUTH cookie,通过它我知道我已经正确登录(虽然我不知道这个假设是正确的吗?)。
如果有人可以指出正确的方向或帮助我,那就太好了,现在已经敲了一段时间。
GetCookies: ASP.NET_SessionId=xjfnvccto5ttvwlhnfoypg5j
GetCookies: _culture_sc=nl
GetCookies: __RequestVerificationToken=tT8uFrYYGeFh8gk57wrc0WRsEFaodG4T5imvoohJC5_wFrkkUt_tyGpWniXHhawFnyCVmxqm5F8XKL0EZFDjVsL89tsuDXBD3GiGpA8yKLY1
GetCookies: AWSELB="8531CF6912558C4E64C6A46FDD46D2677B2558E852A91BEA8383D429952CE6042E8FD08CBE9912A67B0A1ACDCB474BBF0863366F22F2E637C7C9DF353DCC76C43A6CC30545";$Path="/";$Domain="mobiel.host.nl"
答案 0 :(得分:1)
编辑:我现在正在使用它,事实上我正在错误地获取令牌,我需要从loginsite本身获取它而不是来自Set-Cookie标头的值。结果,服务器收到了错误的数据并给出了500响应代码。 如果有人遇到同样的问题,我发布了工作代码。
我使用静态HttpsURLConnection将此全部包含在 HttpUtility类中。
/** * Represents an HTTP connection */ private static HttpsURLConnection httpConn;
从Loginsite获取令牌:
private String getToken() { String result = ""; try { Document doc = Jsoup.connect("https://mobiel.host.nl/login").get(); Element inputElements = doc.getElementsByTag("input").first(); result = inputElements.attr("value"); } catch (IOException e) { e.printStackTrace(); } return result; }
处理cookies:
final public void saveCookies(HttpURLConnection connection, Context context) {
CookieHandler.setDefault(myCookies);
Map<String, List<String>> headerFields = connection.getHeaderFields();
List<String> cookiesHeader = null;
try {
cookiesHeader = headerFields.get("Set-Cookie");
} catch (Exception e) {
e.printStackTrace();
}
if (cookiesHeader != null && myCookies != null) {
for (String cookie : cookiesHeader) {
try {
cookie = cookie.replace("\"", "");
myCookies.getCookieStore().add(connection.getURL().toURI(), HttpCookie.parse(cookie).get(0));
new_cookie = TextUtils.join(";", myCookies.getCookieStore().getCookies());
PreferenceManager.getDefaultSharedPreferences(LoginActivity.myContext).edit().putString("cookie", new_cookie).commit();
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
}
final public void loadCookies(HttpURLConnection connection, Context context) {
if (myCookies != null && myCookies.getCookieStore().getCookies().size() > 0) {
connection.setRequestProperty("Cookie", TextUtils.join(";", myCookies.getCookieStore().getCookies()));
Log.w("NewCookies: ", myCookies.getCookieStore().getCookies().toString());
} else {
new_cookie = PreferenceManager.getDefaultSharedPreferences(LoginActivity.myContext).getString("cookie" , "");
connection.setRequestProperty("Cookie", new_cookie);
}
}
禁用SSL证书检查,仅用于测试目的:
private static void disableSSLCertificateChecking() { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { // Not implemented } @Override public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { // Not implemented } } }; try { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (KeyManagementException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } }
GET请求:
public void sendGetRequest(String requestURL, Context context) { try { URL url = new URL(requestURL); disableSSLCertificateChecking(); // Call this only once httpConn = (HttpsURLConnection) url.openConnection(); httpConn.setUseCaches(false); loadCookies(httpConn, context); httpConn.setRequestProperty("User-Agent", USER_AGENT); httpConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); httpConn.setDoInput(true); httpConn.setRequestMethod("GET"); int responseCode = httpConn.getResponseCode(); if (responseCode == HttpsURLConnection.HTTP_OK) { InputStream in = httpConn.getInputStream(); if (httpConn.getContentEncoding() != null && httpConn.getContentEncoding().contains("gzip")) { GZIPInputStream inn = new GZIPInputStream(in); saveCookies(httpConn, context); // Save SET-Cookies } else { saveCookies(httpConn, context); //--// } } } catch (IOException e) { e.printStackTrace(); } }
POST请求:
public HttpsURLConnection sendPostRequest(String requestURL, Context context) throws IOException { int TIMEOUT_VALUE = 10000; token = getToken(); // Get token from Loginsite Uri.Builder builder = new Uri.Builder() .appendQueryParameter("__RequestVerificationToken", token) .appendQueryParameter("ReturnUrl", "") .appendQueryParameter("Username", user) .appendQueryParameter("Password", pass); String query = builder.build().getEncodedQuery(); try { boolean redirect = false; URL url = new URL(requestURL); HttpsURLConnection httpConn = null; httpConn = (HttpsURLConnection) url.openConnection(); httpConn.setRequestMethod("POST"); httpConn.setDoInput(true); httpConn.setDoOutput(true); httpConn.setUseCaches(false); httpConn.setReadTimeout(TIMEOUT_VALUE); httpConn.setConnectTimeout(TIMEOUT_VALUE); httpConn.setInstanceFollowRedirects(false); System.out.println("Request URL ... " + url); httpConn.setRequestProperty("User-Agent", USER_AGENT); httpConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); httpConn.setRequestProperty("Content-Length", Integer.toString(query.length())); // sends POST data OutputStream os = httpConn.getOutputStream(); BufferedWriter writer = new BufferedWriter( new OutputStreamWriter(os, "UTF-8")); writer.write(query); writer.flush(); writer.close(); os.close(); // Handle servererror code int status = httpConn.getResponseCode(); if (status > 400) { InputStream errorstream = httpConn.getErrorStream(); BufferedReader br = null; if (errorstream == null) { InputStream inputstream = httpConn.getInputStream(); br = new BufferedReader(new InputStreamReader(inputstream)); } else { br = new BufferedReader(new InputStreamReader(errorstream)); } String response = ""; String message; while ((nachricht = br.readLine()) != null) { response += message; } } // Handle redirects, normally, 3xx is redirect if (status != HttpsURLConnection.HTTP_OK) { if (status == HttpsURLConnection.HTTP_MOVED_TEMP || status == HttpsURLConnection.HTTP_MOVED_PERM || status == HttpsURLConnection.HTTP_SEE_OTHER) redirect = true; } if (redirect) { // get redirect url from "location" header field String newUrl = httpConn.getHeaderField("Location"); // Get the cookie if needed, for login saveCookies(httpConn, context); // Open the new connnection again httpConn = (HttpsURLConnection) url.openConnection(); loadCookies(httpConn, context); //Include the cookies httpConn.setRequestProperty("User-Agent", USER_AGENT); httpConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); Log.w("Redirected to URL : ", newUrl); } } catch (SocketTimeoutException e) { Log.e("More than ", TIMEOUT_VALUE + " elapsed."); } // Check if correctly logged in httpConn.getHeaderFields().toString(); List<HttpCookie> cookies = myCookies.getCookieStore().getCookies(); for (HttpCookie cookie : cookies) { if (cookie.getName().equals(".ASPXAUTH")) { Log.e(".ASPXAUTH-Session: ", "Logged in!"); } } saveCookies(httpConn, context); // Save Set-Cookies for next session return httpConn; }