NoHttp如何使用Https

QQ技术交流1群：46523908
QQ技术交流2群：46505645
NoHttp 源码及Demo： https://github.com/Y0LANDA/NoHttp

NoHttp是专门做Android网络请求与下载的框架。

分析

Android发起Https请求时分为两种情况，分为需要安全证书和不需要安全证书两种情况。
NoHttp对于Https也很好的支持了，只需要为每一个请求设置SSLSocketFactory即可。

1. 需要证书的情况

首先需要一个SSLSocketFactory，下面是加载证书的代码，是Java和Android通用的，我们只需要SSLContext：

/** * 拿到https证书SSLContext (NoHttp已经修补了系统的SecureRandom的bug) */@SuppressLint("TrulyRandom")public static SSLContext getSSLContext() {    SSLContext sslContext = null;    try {        sslContext = SSLContext.getInstance("TLS");        // 加载证书流, 这里证书需要放在assets下        InputStream inputStream = Application.getInstance().getAssets().open("srca.cer");        // 生成证书        CertificateFactory cerFactory = CertificateFactory.getInstance("X.509");        Certificate cer = cerFactory.generateCertificate(inputStream);        // 加载证书到KeyStore        KeyStore keyStore = KeyStore.getInstance("PKCS12");        keyStore.load(null, null);        keyStore.setCertificateEntry("trust", cer);        // 把KeyStore放入keyManagerFactory        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());        keyManagerFactory.init(keyStore, null);        // KeyStore加入TrustManagerFactory        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());        trustManagerFactory.init(keyStore);        // 初始化SSLContext        sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());    } catch (Exception e) {        e.printStackTrace();    }    return sslContext;}

2. 不需要证书情况

/** * 如果不需要https证书.(NoHttp已经修补了系统的SecureRandom的bug) */public static SSLContext getDefaultSLLContext() {    SSLContext sslContext = null;    try {        sslContext = SSLContext.getInstance("TLS");        sslContext.init(null, new TrustManager[]{trustManagers}, new SecureRandom());    } catch (Exception e) {        e.printStackTrace();    }    return sslContext;}/** * 信任管理器 */private static TrustManager trustManagers = new X509TrustManager() {    @Override    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {    }    @Override    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {    }    @Override    public X509Certificate[] getAcceptedIssuers() {        return new X509Certificate[0];    }};/** * 域名验证 */public static final HostnameVerifier HOSTNAME_VERIFIER = new HostnameVerifier() {    public boolean verify(String hostname, SSLSession session) {        return true;    }};

为Request对象设置SSLSocketFactory

需要证书

RequestQueue queue = NoHttp.newRequestQueue();...Request<String> httpsRequest = NoHttp.createStringRequest(httpsUrl, RequestMethod);SSLContext sslContext = getSSLContext();if (sslContext != null) {    SSLSocketFactory socketFactory = sslContext.getSocketFactory();    httpsRequest.setSSLSocketFactory(socketFactory);}queue.add(0, httpsRequest, OnResponseListener);

不需要证书

RequestQueue queue = NoHttp.newRequestQueue();...Request<String> httpsRequest = NoHttp.createStringRequest(httpsUrl, RequestMethod);SSLContext sslContext = getDefaultSLLContext();// 方法见上文if (sslContext != null) {    SSLSocketFactory socketFactory = sslContext.getSocketFactory();    httpsRequest.setSSLSocketFactory(socketFactory);}httpsRequest.setHostnameVerifier(HOSTNAME_VERIFIER);// 见上文queue.add(0, httpsRequest, OnResponseListener);

好了, 收工, 我去赶最后一趟回家的车了

NoHttp 源码及Demo https://github.com/Y0LANDA/NoHttp

[置顶] NoHttp详解之Android使用Https