网络请求Https双向认证
本章讲解Weex双向认证网络请求
新建一个类WXHttpAdapter,实现DefaultWXHttpAdapter接口
@Override
protected HttpURLConnection createConnection(URL url) throws IOException {
HttpURLConnection conn;
//https请求头,说明需要双向认证
if (url.getProtocol().toLowerCase().equals("https")) {
//设置双向认证的SocketFactory
SSLSocketFactory socketFactory = SSLFactory.getSocketFactory(WXApplication.getInstance());
if (socketFactory != null) {
HttpsURLConnection.setDefaultSSLSocketFactory(socketFactory);
}
//不校验hostName 服务端https的证书没有过审
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
conn = (HttpsURLConnection) url.openConnection();
} else {
conn = (HttpURLConnection) url.openConnection();
}
conn.setRequestProperty("Content-type", "application/json;charset=utf-8");
//设置编码语言
conn.setRequestProperty("Accept-Charset", "utf-8");
return conn;
}
温馨提示:不能再本代码中设置超时时间,到后面还是会被覆盖掉,之后超时时间就只会是3秒,最后通过查看Weex代码,发现直接可以再Weex设置超时时间,
设置timeout: '20000'即可
双向认证的SocketFactory
public class SSLFactory {
private final static String CLIENT_KEY = "client.p12";
private final static String TRUST_STORE_KEY = "server.bks";
public static SSLSocketFactory getSocketFactory(Context context) {
SSLSocketFactory sslSocketFactory = null;
try {
// 服务器端需要验证的客户端证书,其实就是客户端的keystore
KeyStore keyStore = KeyStore.getInstance("PKCS12");
// 客户端信任的服务器端证书
KeyStore trustStore = KeyStore.getInstance("bks");
//读取证书
InputStream ksIn = context.getAssets().open(CLIENT_KEY);
InputStream tsIn = context.getAssets().open(TRUST_STORE_KEY);
//客户端证书密码
String client = "11111111";
//加载客户端公钥证书
keyStore.load(ksIn, client.toCharArray());
//加载服务端端私钥证书
trustStore.load(tsIn, "11111111".toCharArray());
ksIn.close();
tsIn.close();
//初始化SSLContext
SSLContext sslContext = SSLContext.getInstance("TLS");
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("X509");
trustManagerFactory.init(trustStore);
keyManagerFactory.init(keyStore, client.toCharArray());
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
sslSocketFactory = sslContext.getSocketFactory();
} catch (Exception e) {
e.printStackTrace();
}
return sslSocketFactory;
}
}
//当然咯,还是要向Weex注册
WXSDKEngine.initialize(application,
new InitConfig.Builder()
.setHttpAdapter(new WXHttpAdapter())
.build());
双向认证最重要的是服务端提供的证书不能有问题
下一篇:模块(Module)