摘要:最近有一个需求,为客户提供一些Restful API 接口,QA使用postman进行测试,但是postman的测试接口与java调用的相似但并不相同,于是想自己写一个程序去测试Restful API接口,由于使用的是HTTPS,所以还要考虑到对于HTTPS的处理。由于我也是首次使用Java调用restful接口,所以还要研究一番,自然也是查阅了一些资料。
分析:这个问题与模块之间的调用不同,比如我有两个模块front end 和back end,front end提供前台展示,back end提供数据支持。之前使用过Hession去把back end提供的服务注册成远程服务,在front end端可以通过这种远程服务直接调到back end的接口。但这对于一个公司自己的一个项目耦合性比较高的情况下使用,没有问题。但是如果给客户注册这种远程服务,似乎不太好,耦合性太高。所以就考虑用一下方式进行处理。
HttpClient大家也许比较熟悉但又比较陌生,熟悉是知道他可以远程调用比如请求一个URL,然后在response里获取到返回状态和返回信息,但是今天讲的稍微复杂一点,因为今天的主题是HTTPS,这个牵涉到证书或用户认证的问题。
确定使用HttpClient之后,查询相关资料,发现HttpClient的新版本与老版本不同,随然兼容老版本,但已经不提倡老版本是使用方式,很多都已经标记为过时的方法或类。今天就分别使用老版本4.2和最新版本4.5.3来写代码。
在准备证书阶段选择的是使用证书认证
- package com.darren.test.https.v42;
- import java.io.File;
- import java.io.FileInputStream;
- import java.security.KeyStore;
- import org.apache.http.conn.ssl.SSLSocketFactory;
- public class HTTPSCertifiedClient extends HTTPSClient {
- public HTTPSCertifiedClient() {
- }
- @Override
- public void prepareCertificate() throws Exception {
- // 获得密匙库
- KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
- FileInputStream instream = new FileInputStream(
- new File("C:/Users/zhda6001/Downloads/software/xxx.keystore"));
- // FileInputStream instream = new FileInputStream(new File("C:/Users/zhda6001/Downloads/xxx.keystore"));
- // 密匙库的密码
- trustStore.load(instream, "password".toCharArray());
- // 注册密匙库
- this.socketFactory = new SSLSocketFactory(trustStore);
- // 不校验域名
- socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
- }
- }
在准备证书阶段选择的是跳过认证
- package com.darren.test.https.v42;
- import java.security.cert.CertificateException;
- import java.security.cert.X509Certificate;
- import javax.net.ssl.SSLContext;
- import javax.net.ssl.TrustManager;
- import javax.net.ssl.X509TrustManager;
- import org.apache.http.conn.ssl.SSLSocketFactory;
- public class HTTPSTrustClient extends HTTPSClient {
- public HTTPSTrustClient() {
- }
- @Override
- public void prepareCertificate() throws Exception {
- // 跳过证书验证
- SSLContext ctx = SSLContext.getInstance("TLS");
- X509TrustManager tm = new X509TrustManager() {
- @Override
- public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
- }
- @Override
- public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
- }
- @Override
- public X509Certificate[] getAcceptedIssuers() {
- return null;
- }
- };
- // 设置成已信任的证书
- ctx.init(null, new TrustManager[] { tm }, null);
- // 穿件SSL socket 工厂,并且设置不检查host名称
- this.socketFactory = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
- }
- }
现在发现这两个类都继承了同一个类HTTPSClient,并且HTTPSClient继承了DefaultHttpClient类,可以发现,这里使用了模板方法模式。
- package com.darren.test.https.v42;
- import org.apache.http.conn.ClientConnectionManager;
- import org.apache.http.conn.scheme.Scheme;
- import org.apache.http.conn.scheme.SchemeRegistry;
- import org.apache.http.conn.ssl.SSLSocketFactory;
- import org.apache.http.impl.client.DefaultHttpClient;
- public abstract class HTTPSClient extends DefaultHttpClient {
- protected SSLSocketFactory socketFactory;
- /**
- * 初始化HTTPSClient
- *
- * @return 返回当前实例
- * @throws Exception
- */
- public HTTPSClient init() throws Exception {
- this.prepareCertificate();
- this.regist();
- return this;
- }
- /**
- * 准备证书验证
- *
- * @throws Exception
- */
- public abstract void prepareCertificate() throws Exception;
- /**
- * 注册协议和端口, 此方法也可以被子类重写
- */
- protected void regist() {
- ClientConnectionManager ccm = this.getConnectionManager();
- SchemeRegistry sr = ccm.getSchemeRegistry();
- sr.register(new Scheme("https", 443, socketFactory));
- }
- }
- package com.darren.test.https.v42;
- import java.util.ArrayList;
- import java.util.List;
- import java.util.Map;
- import java.util.Set;
- import org.apache.http.HttpEntity;
- import org.apache.http.HttpResponse;
- import org.apache.http.NameValuePair;
- import org.apache.http.client.entity.UrlEncodedFormEntity;
- import org.apache.http.client.methods.HttpGet;
- import org.apache.http.client.methods.HttpPost;
- import org.apache.http.client.methods.HttpRequestBase;
- import org.apache.http.message.BasicNameValuePair;
- import org.apache.http.util.EntityUtils;
- public class HTTPSClientUtil {
- private static final String DEFAULT_CHARSET = "UTF-8";
- public static String doPost(HTTPSClient httpsClient, String url, Map<String, String> paramHeader,
- Map<String, String> paramBody) throws Exception {
- return doPost(httpsClient, url, paramHeader, paramBody, DEFAULT_CHARSET);
- }
- public static String doPost(HTTPSClient httpsClient, String url, Map<String, String> paramHeader,
- Map<String, String> paramBody, String charset) throws Exception {
- String result = null;
- HttpPost httpPost = new HttpPost(url);
- setHeader(httpPost, paramHeader);
- setBody(httpPost, paramBody, charset);
- HttpResponse response = httpsClient.execute(httpPost);
- if (response != null) {
- HttpEntity resEntity = response.getEntity();
- if (resEntity != null) {
- result = EntityUtils.toString(resEntity, charset);
- }
- }
- return result;
- }
- public static String doGet(HTTPSClient httpsClient, String url, Map<String, String> paramHeader,
- Map<String, String> paramBody) throws Exception {
- return doGet(httpsClient, url, paramHeader, paramBody, DEFAULT_CHARSET);
- }
- public static String doGet(HTTPSClient httpsClient, String url, Map<String, String> paramHeader,
- Map<String, String> paramBody, String charset) throws Exception {
- String result = null;
- HttpGet httpGet = new HttpGet(url);
- setHeader(httpGet, paramHeader);
- HttpResponse response = httpsClient.execute(httpGet);
- if (response != null) {
- HttpEntity resEntity = response.getEntity();
- if (resEntity != null) {
- result = EntityUtils.toString(resEntity, charset);
- }
- }
- return result;
- }
- private static void setHeader(HttpRequestBase request, Map<String, String> paramHeader) {
- // 设置Header
- if (paramHeader != null) {
- Set<String> keySet = paramHeader.keySet();
- for (String key : keySet) {
- request.addHeader(key, paramHeader.get(key));
- }
- }
- }
- private static void setBody(HttpPost httpPost, Map<String, String> paramBody, String charset) throws Exception {
- // 设置参数
- if (paramBody != null) {
- List<NameValuePair> list = new ArrayList<NameValuePair>();
- Set<String> keySet = paramBody.keySet();
- for (String key : keySet) {
- list.add(new BasicNameValuePair(key, paramBody.get(key)));
- }
- if (list.size() > 0) {
- UrlEncodedFormEntity entity = new UrlEncodedFormEntity(list, charset);
- httpPost.setEntity(entity);
- }
- }
- }
- }
- package com.darren.test.https.v42;
- import java.util.HashMap;
- import java.util.Map;
- public class HTTPSClientTest {
- public static void main(String[] args) throws Exception {
- HTTPSClient httpsClient = null;
- httpsClient = new HTTPSTrustClient().init();
- //httpsClient = new HTTPSCertifiedClient().init();
- String url = "https://1.2.6.2:8011/xxx/api/getToken";
- //String url = "https://1.2.6.2:8011/xxx/api/getHealth";
- Map<String, String> paramHeader = new HashMap<>();
- //paramHeader.put("Content-Type", "application/json");
- paramHeader.put("Accept", "application/xml");
- Map<String, String> paramBody = new HashMap<>();
- paramBody.put("client_id", "ankur.tandon.ap@xxx.com");
- paramBody.put("client_secret", "P@ssword_1");
- String result = HTTPSClientUtil.doPost(httpsClient, url, paramHeader, paramBody);
- //String result = HTTPSClientUtil.doGet(httpsClient, url, null, null);
- System.out.println(result);
- }
- }
- <?xml version="1.0" encoding="utf-8"?>
- <token>jkf8RL0sw+Skkflj8RbKI5hP1bEQK8PrCuTZPpBINqMYKRMxY1kWCjmCfT191Zpp88VV1aGHW8oYNWjEYS0axpLuGAX89ejCoWNbikCc1UvfyesXHLktcJqyUFiVjevhrEQxJPHncLQYWP+Xse5oD9X8vKFKk7InNTMRzQK7YBTZ/e3U7gswM/5cvAHFl6o9rEq9cWPXavZNohyvnXsohSzDo+BXAtXxa1xpEDLy/8h/UaP4n4dlZDJJ3B8t1Xh+CRRIoMOPxf7c5wKhHtOkEOeXW+xoPQKKSx5CKWwJpPuGIIFWF/PaqWg+JUOsVT7QGdPv8PMWJ9DwEwjTdxguDg==</token>
- package com.darren.test.https.v45;
- import java.io.File;
- import java.io.FileInputStream;
- import java.security.KeyStore;
- import javax.net.ssl.SSLContext;
- import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
- import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
- import org.apache.http.ssl.SSLContexts;
- public class HTTPSCertifiedClient extends HTTPSClient {
- public HTTPSCertifiedClient() {
- }
- @Override
- public void prepareCertificate() throws Exception {
- // 获得密匙库
- KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
- FileInputStream instream = new FileInputStream(
- new File("C:/Users/zhda6001/Downloads/software/xxx.keystore"));
- // FileInputStream instream = new FileInputStream(new File("C:/Users/zhda6001/Downloads/xxx.keystore"));
- try {
- // 密匙库的密码
- trustStore.load(instream, "password".toCharArray());
- } finally {
- instream.close();
- }
- SSLContext sslcontext = SSLContexts.custom().loadTrustMaterial(trustStore, TrustSelfSignedStrategy.INSTANCE)
- .build();
- this.connectionSocketFactory = new SSLConnectionSocketFactory(sslcontext);
- }
- }
- package com.darren.test.https.v45;
- import java.security.cert.CertificateException;
- import java.security.cert.X509Certificate;
- import javax.net.ssl.SSLContext;
- import javax.net.ssl.TrustManager;
- import javax.net.ssl.X509TrustManager;
- import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
- public class HTTPSTrustClient extends HTTPSClient {
- public HTTPSTrustClient() {
- }
- @Override
- public void prepareCertificate() throws Exception {
- // 跳过证书验证
- SSLContext ctx = SSLContext.getInstance("TLS");
- X509TrustManager tm = new X509TrustManager() {
- @Override
- public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
- }
- @Override
- public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
- }
- @Override
- public X509Certificate[] getAcceptedIssuers() {
- return null;
- }
- };
- // 设置成已信任的证书
- ctx.init(null, new TrustManager[] { tm }, null);
- this.connectionSocketFactory = new SSLConnectionSocketFactory(ctx);
- }
- }
- package com.darren.test.https.v45;
- import org.apache.http.config.Registry;
- import org.apache.http.config.RegistryBuilder;
- import org.apache.http.conn.socket.ConnectionSocketFactory;
- import org.apache.http.conn.socket.PlainConnectionSocketFactory;
- import org.apache.http.impl.client.CloseableHttpClient;
- import org.apache.http.impl.client.HttpClientBuilder;
- import org.apache.http.impl.client.HttpClients;
- import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
- public abstract class HTTPSClient extends HttpClientBuilder {
- private CloseableHttpClient client;
- protected ConnectionSocketFactory connectionSocketFactory;
- /**
- * 初始化HTTPSClient
- *
- * @return 返回当前实例
- * @throws Exception
- */
- public CloseableHttpClient init() throws Exception {
- this.prepareCertificate();
- this.regist();
- return this.client;
- }
- /**
- * 准备证书验证
- *
- * @throws Exception
- */
- public abstract void prepareCertificate() throws Exception;
- /**
- * 注册协议和端口, 此方法也可以被子类重写
- */
- protected void regist() {
- // 设置协议http和https对应的处理socket链接工厂的对象
- Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
- .register("http", PlainConnectionSocketFactory.INSTANCE)
- .register("https", this.connectionSocketFactory)
- .build();
- PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
- HttpClients.custom().setConnectionManager(connManager);
- // 创建自定义的httpclient对象
- this.client = HttpClients.custom().setConnectionManager(connManager).build();
- // CloseableHttpClient client = HttpClients.createDefault();
- }
- }
- package com.darren.test.https.v45;
- import java.util.ArrayList;
- import java.util.List;
- import java.util.Map;
- import java.util.Set;
- import org.apache.http.HttpEntity;
- import org.apache.http.HttpResponse;
- import org.apache.http.NameValuePair;
- import org.apache.http.client.HttpClient;
- import org.apache.http.client.entity.UrlEncodedFormEntity;
- import org.apache.http.client.methods.HttpGet;
- import org.apache.http.client.methods.HttpPost;
- import org.apache.http.client.methods.HttpRequestBase;
- import org.apache.http.message.BasicNameValuePair;
- import org.apache.http.util.EntityUtils;
- public class HTTPSClientUtil {
- private static final String DEFAULT_CHARSET = "UTF-8";
- public static String doPost(HttpClient httpClient, String url, Map<String, String> paramHeader,
- Map<String, String> paramBody) throws Exception {
- return doPost(httpClient, url, paramHeader, paramBody, DEFAULT_CHARSET);
- }
- public static String doPost(HttpClient httpClient, String url, Map<String, String> paramHeader,
- Map<String, String> paramBody, String charset) throws Exception {
- String result = null;
- HttpPost httpPost = new HttpPost(url);
- setHeader(httpPost, paramHeader);
- setBody(httpPost, paramBody, charset);
- HttpResponse response = httpClient.execute(httpPost);
- if (response != null) {
- HttpEntity resEntity = response.getEntity();
- if (resEntity != null) {
- result = EntityUtils.toString(resEntity, charset);
- }
- }
- return result;
- }
- public static String doGet(HttpClient httpClient, String url, Map<String, String> paramHeader,
- Map<String, String> paramBody) throws Exception {
- return doGet(httpClient, url, paramHeader, paramBody, DEFAULT_CHARSET);
- }
- public static String doGet(HttpClient httpClient, String url, Map<String, String> paramHeader,
- Map<String, String> paramBody, String charset) throws Exception {
- String result = null;
- HttpGet httpGet = new HttpGet(url);
- setHeader(httpGet, paramHeader);
- HttpResponse response = httpClient.execute(httpGet);
- if (response != null) {
- HttpEntity resEntity = response.getEntity();
- if (resEntity != null) {
- result = EntityUtils.toString(resEntity, charset);
- }
- }
- return result;
- }
- private static void setHeader(HttpRequestBase request, Map<String, String> paramHeader) {
- // 设置Header
- if (paramHeader != null) {
- Set<String> keySet = paramHeader.keySet();
- for (String key : keySet) {
- request.addHeader(key, paramHeader.get(key));
- }
- }
- }
- private static void setBody(HttpPost httpPost, Map<String, String> paramBody, String charset) throws Exception {
- // 设置参数
- if (paramBody != null) {
- List<NameValuePair> list = new ArrayList<NameValuePair>();
- Set<String> keySet = paramBody.keySet();
- for (String key : keySet) {
- list.add(new BasicNameValuePair(key, paramBody.get(key)));
- }
- if (list.size() > 0) {
- UrlEncodedFormEntity entity = new UrlEncodedFormEntity(list, charset);
- httpPost.setEntity(entity);
- }
- }
- }
- }
测试类:
- package com.darren.test.https.v45;
- import java.util.HashMap;
- import java.util.Map;
- import org.apache.http.client.HttpClient;
- public class HTTPSClientTest {
- public static void main(String[] args) throws Exception {
- HttpClient httpClient = null;
- //httpClient = new HTTPSTrustClient().init();
- httpClient = new HTTPSCertifiedClient().init();
- String url = "https://1.2.6.2:8011/xxx/api/getToken";
- //String url = "https://1.2.6.2:8011/xxx/api/getHealth";
- Map<String, String> paramHeader = new HashMap<>();
- paramHeader.put("Accept", "application/xml");
- Map<String, String> paramBody = new HashMap<>();
- paramBody.put("client_id", "ankur.tandon.ap@xxx.com");
- paramBody.put("client_secret", "P@ssword_1");
- String result = HTTPSClientUtil.doPost(httpClient, url, paramHeader, paramBody);
- //String result = HTTPSClientUtil.doGet(httpsClient, url, null, null);
- System.out.println(result);
- }
- }
- <?xml version="1.0" encoding="utf-8"?>
- <token>RxitF9//7NxwXJS2cjIjYhLtvzUNvMZxxEQtGN0u07sC9ysJeIbPqte3hCjULSkoXPEUYGUVeyI9jv7/WikLrzxYKc3OSpaTSM0kCbCKphu0TB2Cn/nfzv9fMLueOWFBdyz+N0sEiI9K+0Gp7920DFEncn17wUJVmC0u2jwvM5FAjQKmilwodXZ6a0Dq+D7dQDJwVcwxBvJ2ilhyIb3pr805Vppmi9atXrVAKO0ODa006wEJFOfcgyG5p70wpJ5rrBL85vfy9WCvkd1R7j6NVjhXgH2gNimHkjEJorMjdXW2gKiUsiWsELi/XPswao7/CTWNwTnctGK8PX2ZUB0ZfA==</token>
二、HttpURLConnection
三、Spring的RestTemplate
其它方式以后补充
参考:
JAVA利用HttpClient进行POST请求(HTTPS)
CloseableHttpClient加载证书来访问https网站
联系客服
