Google Volley框架之https请求

时间:2022-12-29 13:36:59

先插一句。Google出的volley框架本身是支持https请求的,可是仅仅是针对有第三方机构认证过的。

假设自己随便在网上搞的一个证书,那volley是不支持请求的。


本文讲下怎样让volley支持自己搞的https证书。


改动volley源代码:com.android.myvolley.toolbox.HurlStack

   /**
* Create an {@link HttpURLConnection} for the specified {@code url}.
*/
protected HttpURLConnection createConnection(URL url) throws IOException {
if (url.toString().contains("https")) {
MyHttpsManager.allowAllSSL();
}
return (HttpURLConnection) url.openConnection();
}
在HurlStack类中的createConnection方法中,做个过滤处理:

if (url.toString().contains("https")) {
MyHttpsManager.allowAllSSL();
}
直接贴代码啦。

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

public class MyHttpsManager implements X509TrustManager {
private static TrustManager[] trustManagers;

@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {

}

@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {

}

@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}

public static void allowAllSSL() {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

@Override
public boolean verify(String arg0, SSLSession arg1) {
// TODO Auto-generated method stub
return true;
}

});

SSLContext context = null;
if (trustManagers == null) {
trustManagers = new TrustManager[] { new MyHttpsManager() };
}

try {
context = SSLContext.getInstance("TLS");
context.init(null, trustManagers, new SecureRandom());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}

HttpsURLConnection.setDefaultSSLSocketFactory(context
.getSocketFactory());
}
}

然后请求的时候在头里面加个什么鬼id。sign之类的,就能够和服务端通信了。

比如volley重写getHeaders方法:

public void sendRequest(int method, String url, JSONObject jsonRequest, final String sessionToken, final OnResponseListener listener,final OnErrorListener errorListener) {
initUserAgent();

JsonObjectRequest jsonObjectRequest = new JsonObjectRequest(method, url, jsonRequest, new Response.Listener<JSONObject>() {
@Override
public void onResponse(JSONObject response) {
listener.onResponse(response);
}

}, new Response.ErrorListener() {
@Override
public void onErrorResponse(VolleyError error) {
errorListener.onErrorResponse(error);
}
}){
@Override
public Map<String, String> getHeaders() throws AuthFailureError {
HashMap<String, String> headers = new HashMap<String,String>();
headers.put("Content-Type", "application/json");
headers.put("x-app-id", APPID);
headers.put("x-app-sign",SIGN);
headers.put("x-session-token",sessionToken);
headers.put("User-Agent",userAgent);
return headers;
}
};

Volley.newRequestQueue(context).add(jsonObjectRequest);
}