关闭

Java 调用Restful API接口的几种方式--HTTPS

标签: javarestful api
11179人阅读 评论(3) 收藏 举报
分类:

摘要:最近有一个需求,为客户提供一些Restful API 接口,QA使用postman进行测试,但是postman的测试接口与java调用的相似但并不相同,于是想自己写一个程序去测试Restful API接口,由于使用的是HTTPS,所以还要考虑到对于HTTPS的处理。由于我也是首次使用Java调用restful接口,所以还要研究一番,自然也是查阅了一些资料。

分析:这个问题与模块之间的调用不同,比如我有两个模块front end 和back end,front end提供前台展示,back end提供数据支持。之前使用过Hession去把back end提供的服务注册成远程服务,在front end端可以通过这种远程服务直接调到back end的接口。但这对于一个公司自己的一个项目耦合性比较高的情况下使用,没有问题。但是如果给客户注册这种远程服务,似乎不太好,耦合性太高。所以就考虑用一下方式进行处理。


一、HttpClient


HttpClient大家也许比较熟悉但又比较陌生,熟悉是知道他可以远程调用比如请求一个URL,然后在response里获取到返回状态和返回信息,但是今天讲的稍微复杂一点,因为今天的主题是HTTPS,这个牵涉到证书或用户认证的问题。

确定使用HttpClient之后,查询相关资料,发现HttpClient的新版本与老版本不同,随然兼容老版本,但已经不提倡老版本是使用方式,很多都已经标记为过时的方法或类。今天就分别使用老版本4.2和最新版本4.5.3来写代码。


老版本4.2


需要认证



在准备证书阶段选择的是使用证书认证

package com.darren.test.https.v42;

import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;

import org.apache.http.conn.ssl.SSLSocketFactory;

public class HTTPSCertifiedClient extends HTTPSClient {

    public HTTPSCertifiedClient() {

    }

    @Override
    public void prepareCertificate() throws Exception {
        // 获得密匙库
        KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
        FileInputStream instream = new FileInputStream(
                new File("C:/Users/zhda6001/Downloads/software/xxx.keystore"));
        // FileInputStream instream = new FileInputStream(new File("C:/Users/zhda6001/Downloads/xxx.keystore"));
        // 密匙库的密码
        trustStore.load(instream, "password".toCharArray());
        // 注册密匙库
        this.socketFactory = new SSLSocketFactory(trustStore);
        // 不校验域名
        socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    }
}


跳过认证


在准备证书阶段选择的是跳过认证

package com.darren.test.https.v42;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.http.conn.ssl.SSLSocketFactory;

public class HTTPSTrustClient extends HTTPSClient {

    public HTTPSTrustClient() {

    }

    @Override
    public void prepareCertificate() throws Exception {
        // 跳过证书验证
        SSLContext ctx = SSLContext.getInstance("TLS");
        X509TrustManager tm = new X509TrustManager() {
            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        // 设置成已信任的证书
        ctx.init(null, new TrustManager[] { tm }, null);
        // 穿件SSL socket 工厂,并且设置不检查host名称
        this.socketFactory = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    }
}


总结


现在发现这两个类都继承了同一个类HTTPSClient,并且HTTPSClient继承了DefaultHttpClient类,可以发现,这里使用了模板方法模式。

package com.darren.test.https.v42;

import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;

public abstract class HTTPSClient extends DefaultHttpClient {

    protected SSLSocketFactory socketFactory;

    /**
     * 初始化HTTPSClient
     * 
     * @return 返回当前实例
     * @throws Exception
     */
    public HTTPSClient init() throws Exception {
        this.prepareCertificate();
        this.regist();

        return this;
    }

    /**
     * 准备证书验证
     * 
     * @throws Exception
     */
    public abstract void prepareCertificate() throws Exception;

    /**
     * 注册协议和端口, 此方法也可以被子类重写
     */
    protected void regist() {
        ClientConnectionManager ccm = this.getConnectionManager();
        SchemeRegistry sr = ccm.getSchemeRegistry();
        sr.register(new Scheme("https", 443, socketFactory));
    }
}

下边是工具类

package com.darren.test.https.v42;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;

import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;

public class HTTPSClientUtil {
    private static final String DEFAULT_CHARSET = "UTF-8";

    public static String doPost(HTTPSClient httpsClient, String url, Map<String, String> paramHeader,
            Map<String, String> paramBody) throws Exception {
        return doPost(httpsClient, url, paramHeader, paramBody, DEFAULT_CHARSET);
    }

    public static String doPost(HTTPSClient httpsClient, String url, Map<String, String> paramHeader,
            Map<String, String> paramBody, String charset) throws Exception {

        String result = null;
        HttpPost httpPost = new HttpPost(url);
        setHeader(httpPost, paramHeader);
        setBody(httpPost, paramBody, charset);

        HttpResponse response = httpsClient.execute(httpPost);
        if (response != null) {
            HttpEntity resEntity = response.getEntity();
            if (resEntity != null) {
                result = EntityUtils.toString(resEntity, charset);
            }
        }

        return result;
    }
    
    public static String doGet(HTTPSClient httpsClient, String url, Map<String, String> paramHeader,
            Map<String, String> paramBody) throws Exception {
        return doGet(httpsClient, url, paramHeader, paramBody, DEFAULT_CHARSET);
    }

    public static String doGet(HTTPSClient httpsClient, String url, Map<String, String> paramHeader,
            Map<String, String> paramBody, String charset) throws Exception {

        String result = null;
        HttpGet httpGet = new HttpGet(url);
        setHeader(httpGet, paramHeader);

        HttpResponse response = httpsClient.execute(httpGet);
        if (response != null) {
            HttpEntity resEntity = response.getEntity();
            if (resEntity != null) {
                result = EntityUtils.toString(resEntity, charset);
            }
        }

        return result;
    }

    private static void setHeader(HttpRequestBase request, Map<String, String> paramHeader) {
        // 设置Header
        if (paramHeader != null) {
            Set<String> keySet = paramHeader.keySet();
            for (String key : keySet) {
                request.addHeader(key, paramHeader.get(key));
            }
        }
    }

    private static void setBody(HttpPost httpPost, Map<String, String> paramBody, String charset) throws Exception {
        // 设置参数
        if (paramBody != null) {
            List<NameValuePair> list = new ArrayList<NameValuePair>();
            Set<String> keySet = paramBody.keySet();
            for (String key : keySet) {
                list.add(new BasicNameValuePair(key, paramBody.get(key)));
            }

            if (list.size() > 0) {
                UrlEncodedFormEntity entity = new UrlEncodedFormEntity(list, charset);
                httpPost.setEntity(entity);
            }
        }
    }
}

然后是测试类:

package com.darren.test.https.v42;

import java.util.HashMap;
import java.util.Map;

public class HTTPSClientTest {

    public static void main(String[] args) throws Exception {
        HTTPSClient httpsClient = null;

        httpsClient = new HTTPSTrustClient().init();
        //httpsClient = new HTTPSCertifiedClient().init();

        String url = "https://1.2.6.2:8011/xxx/api/getToken";
        //String url = "https://1.2.6.2:8011/xxx/api/getHealth";

        Map<String, String> paramHeader = new HashMap<>();
        //paramHeader.put("Content-Type", "application/json");
        paramHeader.put("Accept", "application/xml");
        Map<String, String> paramBody = new HashMap<>();
        paramBody.put("client_id", "ankur.tandon.ap@xxx.com");
        paramBody.put("client_secret", "P@ssword_1");
        String result = HTTPSClientUtil.doPost(httpsClient, url, paramHeader, paramBody);
        
        //String result = HTTPSClientUtil.doGet(httpsClient, url, null, null);
        
        System.out.println(result);
    }

}

返回信息:

<?xml version="1.0" encoding="utf-8"?>

<token>jkf8RL0sw+Skkflj8RbKI5hP1bEQK8PrCuTZPpBINqMYKRMxY1kWCjmCfT191Zpp88VV1aGHW8oYNWjEYS0axpLuGAX89ejCoWNbikCc1UvfyesXHLktcJqyUFiVjevhrEQxJPHncLQYWP+Xse5oD9X8vKFKk7InNTMRzQK7YBTZ/e3U7gswM/5cvAHFl6o9rEq9cWPXavZNohyvnXsohSzDo+BXAtXxa1xpEDLy/8h/UaP4n4dlZDJJ3B8t1Xh+CRRIoMOPxf7c5wKhHtOkEOeXW+xoPQKKSx5CKWwJpPuGIIFWF/PaqWg+JUOsVT7QGdPv8PMWJ9DwEwjTdxguDg==</token>



新版本4.5.3


需要认证


package com.darren.test.https.v45;

import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;

import javax.net.ssl.SSLContext;

import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.ssl.SSLContexts;

public class HTTPSCertifiedClient extends HTTPSClient {

    public HTTPSCertifiedClient() {

    }

    @Override
    public void prepareCertificate() throws Exception {
        // 获得密匙库
        KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
        FileInputStream instream = new FileInputStream(
                new File("C:/Users/zhda6001/Downloads/software/xxx.keystore"));
        // FileInputStream instream = new FileInputStream(new File("C:/Users/zhda6001/Downloads/xxx.keystore"));
        try {
            // 密匙库的密码
            trustStore.load(instream, "password".toCharArray());
        } finally {
            instream.close();
        }

        SSLContext sslcontext = SSLContexts.custom().loadTrustMaterial(trustStore, TrustSelfSignedStrategy.INSTANCE)
                .build();
        this.connectionSocketFactory = new SSLConnectionSocketFactory(sslcontext);
    }

}


跳过认证


package com.darren.test.https.v45;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.http.conn.ssl.SSLConnectionSocketFactory;

public class HTTPSTrustClient extends HTTPSClient {

    public HTTPSTrustClient() {

    }

    @Override
    public void prepareCertificate() throws Exception {
        // 跳过证书验证
        SSLContext ctx = SSLContext.getInstance("TLS");
        X509TrustManager tm = new X509TrustManager() {
            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        // 设置成已信任的证书
        ctx.init(null, new TrustManager[] { tm }, null);
        this.connectionSocketFactory = new SSLConnectionSocketFactory(ctx);
    }
}


总结


package com.darren.test.https.v45;

import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;

public abstract class HTTPSClient extends HttpClientBuilder {
    private CloseableHttpClient client;
    protected ConnectionSocketFactory connectionSocketFactory;

    /**
     * 初始化HTTPSClient
     * 
     * @return 返回当前实例
     * @throws Exception
     */
    public CloseableHttpClient init() throws Exception {
        this.prepareCertificate();
        this.regist();

        return this.client;
    }

    /**
     * 准备证书验证
     * 
     * @throws Exception
     */
    public abstract void prepareCertificate() throws Exception;

    /**
     * 注册协议和端口, 此方法也可以被子类重写
     */
    protected void regist() {
        // 设置协议http和https对应的处理socket链接工厂的对象
        Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
                .register("http", PlainConnectionSocketFactory.INSTANCE)
                .register("https", this.connectionSocketFactory)
                .build();
        PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
        HttpClients.custom().setConnectionManager(connManager);

        // 创建自定义的httpclient对象
        this.client = HttpClients.custom().setConnectionManager(connManager).build();
        // CloseableHttpClient client = HttpClients.createDefault();
    }
}


工具类:

package com.darren.test.https.v45;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;

import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;

public class HTTPSClientUtil {
    private static final String DEFAULT_CHARSET = "UTF-8";

    public static String doPost(HttpClient httpClient, String url, Map<String, String> paramHeader,
            Map<String, String> paramBody) throws Exception {
        return doPost(httpClient, url, paramHeader, paramBody, DEFAULT_CHARSET);
    }

    public static String doPost(HttpClient httpClient, String url, Map<String, String> paramHeader,
            Map<String, String> paramBody, String charset) throws Exception {

        String result = null;
        HttpPost httpPost = new HttpPost(url);
        setHeader(httpPost, paramHeader);
        setBody(httpPost, paramBody, charset);

        HttpResponse response = httpClient.execute(httpPost);
        if (response != null) {
            HttpEntity resEntity = response.getEntity();
            if (resEntity != null) {
                result = EntityUtils.toString(resEntity, charset);
            }
        }

        return result;
    }
    
    public static String doGet(HttpClient httpClient, String url, Map<String, String> paramHeader,
            Map<String, String> paramBody) throws Exception {
        return doGet(httpClient, url, paramHeader, paramBody, DEFAULT_CHARSET);
    }

    public static String doGet(HttpClient httpClient, String url, Map<String, String> paramHeader,
            Map<String, String> paramBody, String charset) throws Exception {

        String result = null;
        HttpGet httpGet = new HttpGet(url);
        setHeader(httpGet, paramHeader);

        HttpResponse response = httpClient.execute(httpGet);
        if (response != null) {
            HttpEntity resEntity = response.getEntity();
            if (resEntity != null) {
                result = EntityUtils.toString(resEntity, charset);
            }
        }

        return result;
    }

    private static void setHeader(HttpRequestBase request, Map<String, String> paramHeader) {
        // 设置Header
        if (paramHeader != null) {
            Set<String> keySet = paramHeader.keySet();
            for (String key : keySet) {
                request.addHeader(key, paramHeader.get(key));
            }
        }
    }

    private static void setBody(HttpPost httpPost, Map<String, String> paramBody, String charset) throws Exception {
        // 设置参数
        if (paramBody != null) {
            List<NameValuePair> list = new ArrayList<NameValuePair>();
            Set<String> keySet = paramBody.keySet();
            for (String key : keySet) {
                list.add(new BasicNameValuePair(key, paramBody.get(key)));
            }

            if (list.size() > 0) {
                UrlEncodedFormEntity entity = new UrlEncodedFormEntity(list, charset);
                httpPost.setEntity(entity);
            }
        }
    }
}


测试类:

package com.darren.test.https.v45;

import java.util.HashMap;
import java.util.Map;

import org.apache.http.client.HttpClient;

public class HTTPSClientTest {

    public static void main(String[] args) throws Exception {
        HttpClient httpClient = null;

        //httpClient = new HTTPSTrustClient().init();
        httpClient = new HTTPSCertifiedClient().init();

        String url = "https://1.2.6.2:8011/xxx/api/getToken";
        //String url = "https://1.2.6.2:8011/xxx/api/getHealth";

        Map<String, String> paramHeader = new HashMap<>();
        paramHeader.put("Accept", "application/xml");
        Map<String, String> paramBody = new HashMap<>();
        paramBody.put("client_id", "ankur.tandon.ap@xxx.com");
        paramBody.put("client_secret", "P@ssword_1");
        String result = HTTPSClientUtil.doPost(httpClient, url, paramHeader, paramBody);
        
        //String result = HTTPSClientUtil.doGet(httpsClient, url, null, null);
        
        System.out.println(result);
    }

}

结果:

<?xml version="1.0" encoding="utf-8"?>

<token>RxitF9//7NxwXJS2cjIjYhLtvzUNvMZxxEQtGN0u07sC9ysJeIbPqte3hCjULSkoXPEUYGUVeyI9jv7/WikLrzxYKc3OSpaTSM0kCbCKphu0TB2Cn/nfzv9fMLueOWFBdyz+N0sEiI9K+0Gp7920DFEncn17wUJVmC0u2jwvM5FAjQKmilwodXZ6a0Dq+D7dQDJwVcwxBvJ2ilhyIb3pr805Vppmi9atXrVAKO0ODa006wEJFOfcgyG5p70wpJ5rrBL85vfy9WCvkd1R7j6NVjhXgH2gNimHkjEJorMjdXW2gKiUsiWsELi/XPswao7/CTWNwTnctGK8PX2ZUB0ZfA==</token>



二、HttpURLConnection


三、Spring的RestTemplate


其它方式以后补充


参考:

JAVA利用HttpClient进行POST请求(HTTPS)

CloseableHttpClient加载证书来访问https网站


在准备证书阶段选择的是跳过认证
2
0
查看评论
发表评论
* 以上用户言论只代表其个人钱柜娱乐开户,不代表CSDN网站的钱柜娱乐开户或立场

【Restful接口】restful接口的两种使用方式

小编最近的项目是好几个团队的一块合作,由于项目大,功能多,各个团队负责的东西不同,我的团队除了自己的开发前端和后端外,还负责给别的团队提供后端支持,在这里就用上了restful接口.         ...
  • u013086062
  • u013086062
  • 2016-10-31 23:31
  • 14749

《利用Java框架实现Restful接口》

1.生产场景 生产场景中,有一个php后台程序负责采集用户访问门户的数据,之前采用的是piwik+mysql的采集存储架构,后来投产后,发现每天数据量将近30万条之多!!!显然,原生的mysql是...
  • BlackEnn
  • BlackEnn
  • 2016-11-01 16:09
  • 5088

Java调用Restful API接口几种方式

摘要:最近有一个需求,为客户提供一些Restful API 接口,QA使用postman进行测试,但是postman的测试接口与java调用的相似但并不相同,于是想自己写一个程序去测试Restful ...
  • ll666634
  • ll666634
  • 昨天 22:18
  • 12

Spring-Boot -- RESTFUL风格的API接口的三种调用方式【测试】

本篇,我将结合创建用户这个接口,利用三种调用方式进行不同的创建测试
  • Appleyk
  • Appleyk
  • 2017-12-22 11:09
  • 241

yii2.0 基于RESTful的接口的几种请求方式, 举例说明

yii2.0 基于RESTful的接口的几种请求方式
  • daxia_85
  • daxia_85
  • 2016-02-03 12:33
  • 2316

PHP:CURL分别以GET、POST方式请求HTTPS协议接口api

1、curl以GET方式请求https协议接口 //注意:这里的$url已经包含参数了,不带参数你自己处理哦GET很简单 function curl_get_https($url)...
  • gpf19930310
  • gpf19930310
  • 2017-11-30 16:40
  • 86

java端RESTful web services的几种实现方式

1)      利用JAX-WS的Dispatch/Provider对   在JAX-WS中,我们可以跳过SOAP栈的处理,直接调用Service Endpoint,这样我们就可以传输POX(Raw...
  • Baple
  • Baple
  • 2013-08-19 18:02
  • 5948

基于java 使用http-post方式请求https webservice接口

此文章记录使用httppost 方式请求https接口,安全证书默认全部接收。 此方法经测试为可行,希望可以帮到需要的朋友。 /** * 请求https的接口 *  * @param url 接口地址...
  • limengyan123
  • limengyan123
  • 2017-06-09 09:43
  • 2416

JAVA利用HttpClient进行HTTPS接口调用

  • 2017-09-14 17:35
  • 2KB
  • 下载

JAVA实现HTTPS接口(POST方式)

前言:最近开发一个项目,需要回调其他公司的HTTPS远程接口,由于开发过程中遇到些困难,但最终还是解决,写这篇博客,记录一下过程。 1.实现X509证书信任管理器类(避免导证书) import j...
  • s13554341560b
  • s13554341560b
  • 2017-12-22 14:24
  • 38
    个人资料
    • 访问:303394次
    • 积分:4608
    • 等级:
    • 排名:第7370名
    • 原创:129篇
    • 转载:124篇
    • 译文:11篇
    • 评论:30条
    最新评论