java的https忽略证书包含账号秘密的请求代码
2019-07-25 本文已影响0人
独孤流
前言
最近在配置iOS持续集成工具jenkins好方便测试人员自己打包,不用依赖开发人员,在大部分都配置好了也能用起来了,但发现配置有些繁琐,先是将证书、配置文件等信息在svn上更新,然后还要到jenkins上配置,这个过程比较繁琐,所以就想看看能不能省掉jenkins的配置,写一个插件让jenkins自动去svn服务器上读取配置,在过程中发现svn服务器也是一个https的地址,但是有账号密码限制,于是百度谷歌了好久才找到符合对应的配置,特记录之
package io.jenkins.plugins.sample;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.HttpURLConnection;
import java.net.PasswordAuthentication;
import java.net.URL;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class HttpsRequest {
public ArrayList<String> requestSVN(String svnUrl,String svnName,String svnPwd) throws Exception {
// 设置账号密码
if(svnName != null && svnPwd != null){
final PasswordAuthentication auth = new PasswordAuthentication (svnName, svnPwd.toCharArray());
Authenticator.setDefault (new Authenticator() {
protected PasswordAuthentication getPasswordAuthentication() {
return auth;
}
});
}
// 设置忽略https证书校验
HttpsURLConnection.setDefaultHostnameVerifier(new HttpsRequest().new NullHostNameVerifier());
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
URL url = new URL(svnUrl);
// 打开restful链接
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("GET");// POST GET PUT DELETE
// 设置访问提交模式,表单提交
conn.setRequestProperty("Content-Type", "application/json;charset=utf-8");
conn.setConnectTimeout(130000);// 连接超时 单位毫秒
conn.setReadTimeout(130000);// 读取超时 单位毫秒
// 解析返回数据
InputStream inStream = conn.getInputStream();
StringBuilder sb = new StringBuilder();
String line;
BufferedReader br = new BufferedReader(new InputStreamReader(inStream));
ArrayList<String> resultList = new ArrayList<>();
while ((line = br.readLine()) != null) {
sb.append(line);
resultList.add(line);
}
String res = sb.toString();
return resultList;
}
static TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public X509Certificate[] getAcceptedIssuers() {
// TODO Auto-generated method stub
return null;
}
}
};
public class NullHostNameVerifier implements HostnameVerifier {
/*
* (non-Javadoc)
*
* @see javax.net.ssl.HostnameVerifier#verify(java.lang.String,
* javax.net.ssl.SSLSession)
*/
@Override
public boolean verify(String arg0, SSLSession arg1) {
// TODO Auto-generated method stub
return true;
}
}
}