握手使用okHttp但使用HttpURLConnection工作失败

时间:2017-08-22 14:12:47

标签: android ssl httpurlconnection okhttp

我正在尝试将get请求发送到服务器(发送get请求进行测试,实际上我需要向同一服务器发送一个post请求。如果得到有效,post会工作)

链接到服务器是 https://bits-bosm.org/2017/registrations/signup/

问题是当我使用okHttp发送请求时,我收到失败回应,说握手失败。

以下是我使用okHttp(在kotlin中)发送请求的代码

val request = Request.Builder()
            .url("https://bits-bosm.org/2017/registrations/signup/")
            .build()

    okHttpClient.newCall(request).enqueue(object : Callback {
        override fun onFailure(call: Call?, e: IOException?) {
            val mMessage = e?.message?.toString()
            Log.w("failure Response", mMessage)
        }

        override fun onResponse(call: Call?, response: Response?) {
            val mMessage = response?.body()?.string()
            Log.e("Message", mMessage)
        }
    })

但是如果我使用HttpUrlConnection将get请求发送到同一个服务器,我会得到响应。

以下是相同(java)

的代码 
private static final String USER_AGENT = "Mozilla/5.0";

private static final String GET_URL = "https://bits-bosm.org/2017/registrations/signup/";



static void sendGET() throws IOException {
    URL obj = new URL(GET_URL);
    HttpURLConnection con = (HttpURLConnection) obj.openConnection();
    con.setRequestMethod("GET");
    con.setRequestProperty("User-Agent", USER_AGENT);
    int responseCode = con.getResponseCode();
    System.out.println("GET Response Code :: " + responseCode);
    if (responseCode == HttpURLConnection.HTTP_OK) { // success
        BufferedReader in = new BufferedReader(new InputStreamReader(
                con.getInputStream()));
        String inputLine;
        StringBuffer response = new StringBuffer();

        while ((inputLine = in.readLine()) != null) {
            response.append(inputLine);
        }
        in.close();

        // print result
        Log.e("Result", response.toString());
    } else {
        System.out.println("GET request not worked");
    }

}

从我搜索到的互联网以及我可以推断出的内容来看,问题是该网站是使用自我证书签名的,而okHttp不允许这样做。我甚至尝试使用我在Internet上找到的代码片段,它不检查证书(Custom SSLSocketFactory)和一些其他解决方案,但没有一个工作。我现在也不关心安全问题,我只想让它发挥作用。但我无法访问后端,无法更改/删除ssl安全性。

有什么办法可以让它发挥作用?有什么我想念的吗?

1 个答案:

答案 0 :(得分:3)

这里有一个广泛用作解决方法的不安全的OkHttpClient。

不要在生产中使用它,它只是用于开发目的。

import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import okhttp3.OkHttpClient;

public class Http {

    private final static String SSL = "SSL";

    private static OkHttpClient InsecureHttpClient;

    public static OkHttpClient client () {
        if (InsecureHttpClient == null) {
            try {
                InsecureHttpClient = insecureOkHttpClient ();
            } catch (Exception e) {
                e.printStackTrace ();
            }
        }

        return InsecureHttpClient;
    }

    private static OkHttpClient insecureOkHttpClient () throws Exception {
        TrustManager [] trustAllCerts       = new TrustManager [] { trustManager () };

        SSLContext sslContext               = SSLContext.getInstance (SSL);
        sslContext.init (null, trustAllCerts, new SecureRandom ());

        SSLSocketFactory sslSocketFactory   = sslContext.getSocketFactory ();

        OkHttpClient.Builder builder        = new OkHttpClient.Builder ();
        builder.sslSocketFactory (sslSocketFactory, (X509TrustManager)trustAllCerts [0]);
        builder.hostnameVerifier (hostnameVerifier ());

        return builder.build ();
    }

    private static TrustManager trustManager () {
        return new X509TrustManager () {

            @Override
            public void checkClientTrusted (X509Certificate [] chain, String authType) throws CertificateException {  }

            @Override
            public void checkServerTrusted (X509Certificate[] chain, String authType) throws CertificateException {  }

            @Override
            public X509Certificate [] getAcceptedIssuers () {
                return new X509Certificate [] {  };
            }
        };
    }

    private static HostnameVerifier hostnameVerifier () {
        return new HostnameVerifier () {

            @Override
            public boolean verify (String hostname, SSLSession session) {
                return true;
            }
        };
    }
}

然后您显然使用上面的客户端,例如以下测试代码:(顺便说一下,它与您的网址一起使用)

final Request request = new Request.Builder ()
    .url ("https://bits-bosm.org/2017/registrations/signup/")
    .get ()
    .addHeader ("Accept", "text/html")
    .build ();

final OkHttpClient httpClient = Http.client ();

new Thread (new Runnable () {

    @Override
    public void run () {
        try {
            Response response = httpClient.newCall (request).execute ();

            Logger.error (MainActivity.class.getSimpleName () + " --> Http Response", response.body ().string ());

        } catch (IOException e) {
            e.printStackTrace ();
        }
    }

}).start ();
相关问题
最新问题