调用HTTPS与HTTP接口区别
调用HTTPS与HTTP接口
1 http与https
-
http是一种普通的传输协议,在互联网上,所有的文件都要遵守这个HTTP协议,同时超文本也是http传输的基本部分,实现客户端和服务器的相互请求。
-
https是http的安全版本 就是http+ssl,也叫超文本安全传输,https是有加密传输协议的通道,并且SSL提供了安全加密基础 SSL需要证书,https主要是用于http的传输,并且在HTTP与TCP之间有一个特殊的加密/身份验证。
2 https和http的区别
- 1、https的端口是443,而http的端口是80,且两者的连接方式不同;
- 2、http传输是明文的,而https是用ssl进行加密的,https的安全性更高;
- 3、https是需要申请证书的,而http不需要。
3 HttpClient方式调用https接口实现
3.1 正常使用HttpClient调用http接口
//此处使用DefaultHttpClient为了在之后体现与HttpClient调用HTTPS的区别DefaultHttpClient client = new DefaultHttpClient();HttpPost post = new HttpPost("https://autumnfish.cn/api/joke/list?num=2");try {HttpResponse res = client.execute(post);String result = EntityUtils.toString(res.getEntity());System.out.println("result==>"+result);} catch (IOException e) {e.printStackTrace();}
3.1.1正常调HTTP方式调用HTTPS接口结果
3.2 httpClient调用https接口实现具体步骤
3.2.1 创建SSLClient类继承DefaultHttpClient(重新DefaultHttpClient)
为了避免需要证书,所以用一个类继承DefaultHttpClient类,忽略校验过程
代码
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;public class SSLClient extends DefaultHttpClient {public SSLClient() throws Exception{super();//SSL:Secure Sockets Layer,一种加密协议规范,如https就使用它进行加解密//TLS:安全传输层协议(TLS)用于在两个通信应用程序之间提供保密性和数据完整性。该协议由两层组成: TLS 记录协议(TLS Record)和 TLS 握手协议(TLS Handshake)。//创建SSL的上下文类SSLContext ctx = SSLContext.getInstance("TLS");//实现自己的x509TrustManager类,并复写三种方法X509TrustManager tm = new X509TrustManager() {//给出同位体提供的部分或完整的证书链,构建到可信任的根的证书路径,并且返回是否可以确认和信任将其用于基于验证类型的客户端 ssl 验证。 //原本这三个方法中验证SSL,复写置其内容为空@Overridepublic void checkClientTrusted(X509Certificate[] chain,String authType) throws CertificateException {}@Overridepublic void checkServerTrusted(X509Certificate[] chain,String authType) throws CertificateException {}@Overridepublic X509Certificate[] getAcceptedIssuers() {return null;}};//初始化SSLContext 传入数组ctx.init(null, new TrustManager[]{tm}, null);//工厂创建SSL套接字//ALLOW_ALL_HOSTNAME_VERIFIER 允许所有主机名验证器SSLSocketFactory ssf = new SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);//主要作用是用于创建http连接的工厂使用,管理[长连接](https://baike.baidu.com/item/%E9%95%BF%E8%BF%9E%E6%8E%A5/568486?fr=kg_general),同步化访问长连接,保证同一时间只有一个线程访问连接。不再推荐使用ClientConnectionManager ccm = this.getConnectionManager();//scheme 策略//策略注册SchemeRegistry sr = ccm.getSchemeRegistry();//方法参数列表:String name(策略名), int port(端口号), SchemeSocketFactory factory(策略套接字工厂)sr.register(new Scheme("https", 443, ssf));}
}
3.2.2 HttpClientUtil中使用该新建的DefaultHttpClient 复写类
代码
httpClient = new SSLClient();
此处上篇文章有相关方法以及参数的含义描述讲解,此处略
import com.example.httpstest.client.SSLClient;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.StatusLine;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.message.BasicHeader;
import org.apache.http.util.EntityUtils;public class HttpClientUtil {public static String doGet(String url,String charset) throws Exception{HttpClient httpClient = null;HttpGet httpGet = null;String result = null;httpClient = new SSLClient();httpGet = new HttpGet(url);httpGet.addHeader("Content-Type", "application/json");//httpGet.setEntity(se);HttpResponse response = httpClient.execute(httpGet);if(response != null){HttpEntity resEntity = response.getEntity();if(resEntity != null){result = EntityUtils.toString(resEntity,charset);}}return result;}public static String doPost(String url,String json,String charset) throws Exception{HttpClient httpClient = null;HttpPost httpPost = null;String result = null;httpClient = new SSLClient();httpPost = new HttpPost(url);httpPost.addHeader("Content-Type", "application/json");StringEntity se = new StringEntity(json);se.setContentType("text/json");se.setContentEncoding(new BasicHeader("Content-Type", "application/json"));httpPost.setEntity(se);HttpResponse response = httpClient.execute(httpPost);if(response != null){HttpEntity resEntity = response.getEntity();if(resEntity != null){result = EntityUtils.toString(resEntity,charset);}}return result;}
}
3.3 Demo测试调用
3.3.1 post调用HTTPS请求
代码
//post调用HTTPSString url = "https://autumnfish.cn/api/user/reg";String json = "{\n" +" \"username\":\"Mike\"\n" +"}";String str = null;try {str = HttpClientUtil.doPost(url, json, "utf-8");} catch (Exception e) {e.printStackTrace();}System.out.println("post调用HTTPS==>"+str);
3.3.1.1 调用结果
3.3.2 get调用HTTPS请求
代码
//get调用HTTPSString url2 = "https://autumnfish.cn/api/joke/list?num=2";String str2 = null;try {str2 = HttpClientUtil.doGet(url2, "utf-8");} catch (Exception e) {e.printStackTrace();}System.out.println("get调用HTTPS==>"+str2);
3.3.2.1 调用结果
4 总结
4.1 DefaultHttpClient与HttpClient的区别
4.1.1 代码变化
HttpClient client = new DefaultHttpClient();
//变为:
HttpClient client = HttpClientBuilder.create().build();
//CloseableHttpClient是HttpClient子类
//即:
CloseableHttpClient client = HttpClients.createDefault();
4.1.2 变化原因(过时原因)
前者不再更新维护,后者提供更好的性能以及更大的灵活性
4.2 HttpClient调用https接口原理
4.2.1 以下是上述的进一步完善(可以根据url中是否https进行连接建立)
原理如下:
根源在于在连接管理器中注册了不同的连接创建工厂。当访问url的schema为http时,调用明文连接套接字工厂来建立连接;当访问url的schema为https时,调用SSL连接套接字工厂来建立连接。
让我们的HttpClient具有多线程处理的能力,连接管理器选用了PoolingHttpClientConnectionManager,将协议注册信息传入连接管理器,最后再次利用构造器的模式创建出我们需要的HttpClient。随后的GET/POST请求发起方法http和https之间没有差异。
代码如下:
private CloseableHttpClient createClient(HttpUriRequest request) {HttpClientBuilder httpBuilder = HttpClients.custom();//不进行重定向if (this.redirect) {httpBuilder.disableRedirectHandling();}//URI是https的请求if (request.getURI().getScheme().equals("https")) {//创建重写的SSL上下文去绕过验证SSLContext sslcontext = createIgnoreVerifySSL();//设置协议http和https对应的处理socket链接工厂的对象//明文套接字与SSL套接字Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.INSTANCE).register("https", new SSLConnectionSocketFactory(sslcontext)).build();//创建ConnectionManager,添加Connection配置信息 PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);httpBuilder.setConnectionManager(connManager);}//返回创建的CloseableHttpClient return httpBuilder.build();} //创建SSL的上下文类方法,返回类型是SSLContextpublic static SSLContext createIgnoreVerifySSL() {SSLContext sc = null;try {//SSLv3.0 与 TLS 相比几乎没有做什么改动sc = SSLContext.getInstance("SSLv3");//实现自己的x509TrustManager类,并复写三种方法X509TrustManager trustManager = new X509TrustManager() {@Overridepublic void checkClientTrusted(java.security.cert.X509Certificate[] paramArrayOfX509Certificate,String paramString) throws CertificateException {}@Overridepublic void checkServerTrusted(java.security.cert.X509Certificate[] paramArrayOfX509Certificate,String paramString) throws CertificateException {}@Overridepublic java.security.cert.X509Certificate[] getAcceptedIssuers() {return null;}};//初始化SSLContext 传入TrustManager数组sc.init(null, new TrustManager[]{trustManager}, null);} catch (NoSuchAlgorithmException | KeyManagementException e) {e.printStackTrace();throw new RuntimeException(e);}//返回return sc;}
本文来自互联网用户投稿,文章观点仅代表作者本人,不代表本站立场,不承担相关法律责任。如若转载,请注明出处。 如若内容造成侵权/违法违规/事实不符,请点击【内容举报】进行投诉反馈!