我有一个API实现,它接受加密的数据字符串作为参数,解密数据并将响应发回到加密的数据字符串中提供的url。该程序位于测试服务器上,可供API团队进行测试。
现在,他们正在以加密字符串的形式提供用于回调的localhost Url,尽管服务器能够解密和处理响应,但它在尝试将响应发布到localhost URL时抛出了Connection拒绝错误。
这是试图发布响应并使用Apache HttpClient的代码部分:
public String sendPost(String url, List<NameValuePair> postParams)
throws IOException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
logger.debug("Post URL: " + url);
logger.error("Post parameters : " + postParams);
SSLContext sslContext = new SSLContextBuilder()
.loadTrustMaterial(null, (certificate, authType) -> true).build();
CloseableHttpClient httpclient = HttpClients.custom()
.setSSLContext(sslContext)
.setSSLHostnameVerifier(new NoopHostnameVerifier())
.build();
HttpPost post = new HttpPost(url);
// add header
post.setHeader("User-Agent", USER_AGENT);
post.setEntity(new UrlEncodedFormEntity(postParams));
try (CloseableHttpResponse response = httpclient.execute(post)) {
logger.debug("Response : " + response);
if (response.getFirstHeader("Location") != null) {
logger.debug("Redirect Location required from response: " + response.getFirstHeader("Location"));
return response.getFirstHeader("Location").getValue();
} else {
logger.debug("Redirect location not found in response. Please wait for some time and try again later.");
HttpEntity entity = response.getEntity();
logger.debug("Entity : " + entity);
if (entity != null) {
logger.error(EntityUtils.toString(entity));
}
return null;
}
} finally {
httpclient.close();
}
}
我的理解是,服务器正在将回调URL本地主机混淆,并试图在其中发布响应,但该响应被拒绝了。