Java发送HTTPS请求

前言

上篇文章介绍了 java 发送 http 请求，大家都知道发送http是不安全的 。我也是由于对接了其他企业后总结了一套发送 https的工具。大家网上找方法很多的，但是可不是你粘过来就能用啊，我也是踩过坑的，所以我这个工具，只要粘贴到你们自己项目里就可以用。我的工具跟网上没什么区别，唯一的区别是我亲身实战过，把需要注意的细节列出来，不让大家浪费时间。

 

正文

本文只介绍 发送 post 请求，既然选择了 https 就不会用get，因为get也是不安全的。

 

读前须知

我会把需要依赖的包和引入的包先贴给大家，防止大家引用错误。

<dependency>
            <groupId>org.apache.httpcomponents</groupId>
            <artifactId>httpcore</artifactId>
            <version>4.4.8</version>
        </dependency>
        <dependency>
            <groupId>org.apache.httpcomponents</groupId>
            <artifactId>httpclient</artifactId>
            <version>4.5.3</version>
        </dependency>
        <dependency>
            <groupId>org.testng</groupId>
            <artifactId>testng</artifactId>
            <version>6.11</version>
            <scope>test</scope>
        </dependency>

import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

<----工具类---->
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.HttpStatus;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;

import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

HTTPS 发送 POST 请求

 

一共需要两个类，不要问为什么，复制过去就能用。

public class SSLClient extends DefaultHttpClient {

    public SSLClient() throws Exception {
        super();
        //传输协议需要根据自己的判断
        SSLContext ctx = SSLContext.getInstance("TLS");
        X509TrustManager tm = new X509TrustManager() {
            @Override
            public void checkClientTrusted(X509Certificate[] chain,
                                           String authType) throws CertificateException {
            }

            @Override
            public void checkServerTrusted(X509Certificate[] chain,
                                           String authType) throws CertificateException {
            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        ctx.init(null, new TrustManager[]{tm}, null);
        SSLSocketFactory ssf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        ClientConnectionManager ccm = this.getConnectionManager();
        SchemeRegistry sr = ccm.getSchemeRegistry();
        sr.register(new Scheme("https", 443, ssf));
    }
}

这里发送 https 的操作有两个，一个是传 json ，一个是传 map ，大家根据自己需要自行复制使用

 

第一种是传 json 作为参数

参数说明：

url：url

map：json参数

charset：写死 utf-8

public String doPost(String url, String map, String charset) {
        org.apache.http.client.HttpClient httpClient = null;
        HttpPost httpPost = null;
        String result = null;
        try {
            httpClient = new SSLClient();
            httpPost = new HttpPost(url);
            //设置参数
            httpPost.addHeader("Accept", "application/json");
httpPost.addHeader("Content-Type", "application/json;charset=UTF-8");
            StringEntity stringEntity = new StringEntity(map);
            stringEntity.setContentEncoding("UTF-8");
            stringEntity.setContentType("application/json");
            httpPost.setEntity(stringEntity);
            HttpResponse response = httpClient.execute(httpPost);
            if (response != null) {
                HttpEntity resEntity = response.getEntity();
                if (resEntity != null) {
                  result = EntityUtils.toString(resEntity, charset);
                }
            }
        } catch (Exception ex) {
            ex.printStackTrace();
        }
        return result;
    }

测试类，送大家一个MD5加密，其实我就懒得删掉了。

private String url = "https://www.xxxxxxxx.com/openapi/page/gettoken";
private String charset = "utf-8";
private HttpClient httpClientUtil = new HttpClient();


@Test
    public void HttpsPostTest() throws Exception {
        String ver = "1.0";
        String msgId = "91b024e3-06ca-4a79-9993-1472d0fdb973";
        String appId = "300011853779";
        String timestamp = new SimpleDateFormat("yyyyMMddHHmmssSSS").format(new Date());
        String appKey = "A0702827F21C9CC7DDC93AEF24B6B16B";
        String sign = md5(ver + appId + msgId + timestamp + appKey).toUpperCase();

        result.put("ver", ver);
        result.put("msgId", msgId);
        result.put("appId", appId);
        result.put("timestamp", timestamp);
        result.put("openType", "1");
        result.put("message", "");
        result.put("abilityId", "");
        result.put("expandParams", "");
        result.put("signType", "1");
        result.put("sign", sign);
        String encryptStr = result.toString();
        System.out.println("encryptStr：" + encryptStr);
        String httpOrgCreateTestRtn = httpClientUtil.doPost(url, encryptStr, charset);
        System.out.println("result:" + httpOrgCreateTestRtn);

    }
    public static String md5(String text) {
        String result="";
        try {
            MessageDigest md = MessageDigest.getInstance("MD5");
            md.update(text.getBytes("UTF-8"));
            byte b[] = md.digest();
            int i;
            StringBuffer buf = new StringBuffer("");
            for (int offset = 0; offset < b.length; offset++) {
                i = b[offset];
                if (i < 0)
                    i += 256;
                if (i < 16)
                    buf.append("0");
                buf.append(Integer.toHexString(i));
            }
            result = buf.toString();
//       System.out.println("result: " + buf.toString());// 32位的加密
//       System.out.println("result: " + buf.toString().substring(8, 24));// 16位的加密
        } catch (NoSuchAlgorithmException e) {
            // TODO Auto-generated catch block
        } catch (UnsupportedEncodingException e) {
            // TODO Auto-generated catch block
        }
        return result;
    }

第二种传map作为参数

public String doPost(String url, Map<String,String> map, String charset) {
        org.apache.http.client.HttpClient httpClient = null;
        HttpPost httpPost = null;
        String result = null;
        try {
            httpClient = new SSLClient();
            httpPost = new HttpPost(url);
            //设置参数
            List<NameValuePair> list = new ArrayList<NameValuePair>();
            Iterator iterator = map.entrySet().iterator();
            while (iterator.hasNext()) {
                Map.Entry<String, String> elem = (Map.Entry<String, String>) iterator.next();
       list.add(new BasicNameValuePair(elem.getKey(), elem.getValue()));
            }
            if (list.size() > 0) {
      UrlEncodedFormEntity entity = new UrlEncodedFormEntity(list, charset);
                entity.setContentType("application/json");
                httpPost.setHeader("Accept", "application/json");
  httpPost.setHeader("Content-type", "application/json;charset=utf-8");
                httpPost.setEntity(entity);
            }
            HttpResponse response = httpClient.execute(httpPost);
            if (response != null) {
                HttpEntity resEntity = response.getEntity();
                if (resEntity != null) {
                    result = EntityUtils.toString(resEntity, charset);
                }
            }
        } catch (Exception ex) {
            ex.printStackTrace();
        }
        return result;
    }

发送的时候 大家把上面 json 测试的demo 中 JSONObject  改成Map 就可以。