秒懂HTTPS接口(接口测试篇)
版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/zuozewei/article/details/84727450
前言
下面我们来测试下我们秒懂HTTPS接口(实现篇)写的HTTPS接口(Java版)
技术选型:
- HTTP工具包:HttpClient 4.5.5
- 测试框架:TestNG
- Json序列化库:fastjson
具体实现
引包
引入相关包
<!--引入接口测试相关包-->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.5</version>
</dependency>
<dependency>
<groupId>org.testng</groupId>
<artifactId>testng</artifactId>
<version>6.14.3</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.47</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-configuration-processor</artifactId>
<optional>true</optional>
</dependency>
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
测试HTTPS接口可以通过以下两种方式:
- 采用绕过证书验证实现HTTPS
- 采用设置信任自签名证书实现HTTPS
采用绕过证书验证测试HTTPS接口
在src/test/util下创建HttpUtil工具类
实现绕过SSL验证方法
/**
* 绕过SSL验证
*
* @return
* @throws NoSuchAlgorithmException
* @throws KeyManagementException
*/
public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sslContext = SSLContext.getInstance("SSLv3");
// 实现一个X509TrustManager接口,用于绕过验证,不用修改里面的方法
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] paramArrayOfX509Certificate,
String paramString) throws CertificateException {
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] paramArrayOfX509Certificate,
String paramString) throws CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
};
sslContext.init(null, new TrustManager[] { trustManager }, null);
return sslContext;
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
实现绕过SSL证书,发送Get请求方法
/**
* 绕过SSL证书,发送Get请求
* @param url
* @param params
* @return
* @throws IOException
* @throws KeyManagementException
* @throws NoSuchAlgorithmException
*/
public static String doIgnoreVerifySSLGet(String url, Map<String,Object> params)
throws IOException, KeyManagementException, NoSuchAlgorithmException {
//采用绕过验证的方式处理https请求
SSLContext sslContext = createIgnoreVerifySSL();
final SSLConnectionSocketFactory sslsf;
//设置协议http和https对应的处理socket链接工厂的对象
sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", new PlainConnectionSocketFactory())
.register("https", sslsf)
.build();
final PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(registry);
cm.setMaxTotal(100);
//创建自定义的httpclient对象
CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(sslsf)
.setConnectionManager(cm)
.build();
String result = null;
//装填参数
StringBuffer param = new StringBuffer();
if (params != null && !params.isEmpty()) {
int i = 0;
for (String key : params.keySet()) {
if (i == 0) {
param.append("?");
} else {
param.append("&");
}
param.append(key).append("=").append(params.get(key));
i++;
}
url += param;
}
//创建get方式请求对象
HttpGet httpGet = new HttpGet(url);
//执行请求操作,并拿到结果(同步阻塞)
CloseableHttpResponse response = httpClient.execute(httpGet);
if (response.getStatusLine().getStatusCode() == 200){
//获取结果实体
HttpEntity httpEntity = response.getEntity();
//按指定编码转换结果实体为String类型
result = EntityUtils.toString(httpEntity,"UTF-8");
}
//释放链接
response.close();
return result;
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
实现绕过SSL证书,发送Post请求(Json形式)方法
/**
* 绕过SSL证书,发送Post请求(Json形式)
* @param url
* @param param
* @return
* @throws IOException
* @throws KeyManagementException
* @throws NoSuchAlgorithmException
*/
public static String doIgnoreVerifySSLPost(String url, JSONObject param)
throws IOException, KeyManagementException, NoSuchAlgorithmException {
//采用绕过验证的方式处理https请求
SSLContext sslContext = createIgnoreVerifySSL();
final SSLConnectionSocketFactory sslsf;
//设置协议http和https对应的处理socket链接工厂的对象
sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", new PlainConnectionSocketFactory())
.register("https", sslsf)
.build();
final PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(registry);
cm.setMaxTotal(100);
//创建自定义的httpclient对象
CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(sslsf)
.setConnectionManager(cm)
.build();
String result = null;
//创建post方式请求对象
HttpPost httpPost = new HttpPost(url);
//装填参数
StringEntity entity = new StringEntity(param.toString(),"utf-8");
entity.setContentEncoding("UTF-8");
entity.setContentType("application/json");
//设置参数到请求对象中
httpPost.setEntity(entity);
//执行请求操作,并拿到结果(同步阻塞)
CloseableHttpResponse response = httpClient.execute(httpPost);
if (response.getStatusLine().getStatusCode() == 200){
//获取结果实体
HttpEntity httpEntity = response.getEntity();
//按指定编码转换结果实体为String类型
result = EntityUtils.toString(httpEntity,"UTF-8");
}
//释放链接
response.close();
return result;
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
在src/test/cases下创建HttpTest测试类
实现测试方法
@Test(enabled = true,description = "测试绕过SSL证书Post方法")
public void doIgnoreVerifySSLPostTest() throws IOException, NoSuchAlgorithmException, KeyManagementException {
String url = "https://localhost/springboot/person";
//装填参数
JSONObject param = new JSONObject();
param.put("name","doIgnoreVerifySSLPost");
param.put("age",20);
//调用方法
String response = HttpUtil.doIgnoreVerifySSLPost(url,param);
//断言返回结果是否为空
Assert.assertNotNull(response);
System.out.println("【doIgnoreVerifySSLPost】"+response);
}
@Test(enabled = true,description = "测试绕过SSL证书Get方法")
public void doIgnoreVerifySSLGetTest() throws IOException, NoSuchAlgorithmException, KeyManagementException {
String url = "https://localhost/springboot/person";
//调用方法
String response = HttpUtil.doIgnoreVerifySSLGet(url,null);
//断言返回结果是否为空
Assert.assertNotNull(response);
System.out.println("【doIgnoreVerifySSLGet】"+response);
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
运行测试结果
采用设置信任自签名证书测试HTTPS接口
在HttpUtil工具类实现验证SSL证书,发送Get请求方法
/**
* 验证SSL证书,发送Get请求
* @param url
* @param params
* @return
* @throws IOException
*/
public static String doVerifySSLGet(String url, Map<String,Object> params) throws IOException {
//采用验证的SSL证书方式处理https请求
SSLContext sslContext = SSLCustom("./src/main/resources/keystore.p12","zuozewei");
final SSLConnectionSocketFactory sslsf;
// 设置协议http和https对应的处理socket链接工厂的对象
sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", new PlainConnectionSocketFactory())
.register("https", sslsf)
.build();
final PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(registry);
cm.setMaxTotal(100);
//创建自定义的httpclient对象
CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(sslsf)
.setConnectionManager(cm)
.build();
String result = null;
//装填参数
StringBuffer param = new StringBuffer();
if (params != null && !params.isEmpty()) {
int i = 0;
for (String key : params.keySet()) {
if (i == 0) {
param.append("?");
} else {
param.append("&");
}
param.append(key).append("=").append(params.get(key));
i++;
}
url += param;
}
//创建get方式请求对象
HttpGet httpGet = new HttpGet(url);
//执行请求操作,并拿到结果(同步阻塞)
CloseableHttpResponse response = httpClient.execute(httpGet);
if (response.getStatusLine().getStatusCode() == 200){
//获取结果实体
HttpEntity httpEntity = response.getEntity();
//按指定编码转换结果实体为String类型
result = EntityUtils.toString(httpEntity,"UTF-8");
}
//释放链接
response.close();
return result;
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
实现验证SSL证书,发送Post请求(Json形式)方法
/**
* 验证SSL证书,发送Post请求(Json形式)
* @param url
* @param param
* @return
* @throws IOException
*/
public static String doVerifySSLPost(String url, JSONObject param) throws IOException {
//采用验证的SSL证书方式处理https请求
SSLContext sslContext = SSLCustom("./src/main/resources/keystore.p12","zuozewei");
final SSLConnectionSocketFactory sslsf;
//设置协议http和https对应的处理socket链接工厂的对象
sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", new PlainConnectionSocketFactory())
.register("https", sslsf)
.build();
final PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(registry);
cm.setMaxTotal(100);
//创建自定义的httpclient对象
CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(sslsf)
.setConnectionManager(cm)
.build();
String result = null;
//创建post方式请求对象
HttpPost httpPost = new HttpPost(url);
//装填参数
StringEntity entity = new StringEntity(param.toString(),"utf-8");
entity.setContentEncoding("UTF-8");
entity.setContentType("application/json");
//设置参数到请求对象中
httpPost.setEntity(entity);
//执行请求操作,并拿到结果(同步阻塞)
CloseableHttpResponse response = httpClient.execute(httpPost);
if (response.getStatusLine().getStatusCode() == 200){
//获取结果实体
HttpEntity httpEntity = response.getEntity();
//按指定编码转换结果实体为String类型
result = EntityUtils.toString(httpEntity,"UTF-8");
}
//释放链接
response.close();
return result;
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
在HttpTest测试类,实现测试方法
@Test(enabled = true,description = "测试验证SSL证书Post方法")
public void doVerifySSLPostTest() throws IOException {
String url = "https://localhost/springboot/person";
//装填参数
JSONObject param = new JSONObject();
param.put("name","doVerifySSLPost");
param.put("age",20);
//调用方法
String response = HttpUtil.doVerifySSLPost(url,param);
//断言返回结果是否为空
Assert.assertNotNull(response);
System.out.println("【doVerifySSLPost】"+response);
}
@Test(enabled = true,description = "测试验证SSL证书Get方法")
public void doVerifySSLGetTest() throws IOException {
String url = "https://localhost/springboot/person";
//调用方法
String response = HttpUtil.doVerifySSLGet(url,null);
//断言返回结果是否为空
Assert.assertNotNull(response);
System.out.println("【doVerifySSLGet】"+response);
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
运行测试结果
验证数据库
查询数据库结果
完整项目结构
秒懂HTTPS接口系列源码:
https://github.com/zuozewei/Java-API-Test-Examples
761
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
