Android Retrofit Http加密(無(wú)證書(shū)加密)

前提:本文基于Retrofit + okhttp(下面代碼可以直接復(fù)制使用!)


一、Retrofit常規(guī)使用如下:

OkHttpClient okHttpClient =new Builder()

.readTimeout(READ_TIME_OUT, TimeUnit.SECONDS)

.connectTimeout(CONNECT_TIME_OUT, TimeUnit.SECONDS)

.cache(new Cache(file, NET_CACHE_SIZE))

.cookieJar(new CookiesManager())

.addInterceptor(httpLoggingInterceptor)

.addNetworkInterceptor(new Interceptor() {

@Override

? ? ? ? ? ? public Responseintercept(Chain chain)throws IOException {

Request original = chain.request();

? ? ? ? ? ? ? ? Request.Builder rb = original.newBuilder();

? ? ? ? ? ? ? ? rb.addHeader("token", filterValue(UserPref.getInstance().getToken()));

? ? ? ? ? ? ? ? return chain.proceed(rb.build());

? ? ? ? ? ? }

})

.build();

mService =new retrofit2.Retrofit.Builder()

.client(okHttpClient)

.addConverterFactory(GsonConverterFactory.create())

.addCallAdapterFactory(RxJava2CallAdapterFactory.create())

.baseUrl(baseUrl)

.build().create(ApiServer.class);


二、給http加密轉(zhuǎn)https無(wú)證書(shū)需要添加如下代碼

OkHttpClient okHttpClient =new Builder()

.sslSocketFactory(SSLSocketFactoryUtil.createSSLSocketFactory(), SSLSocketFactoryUtil.createTrustAllManager())

.hostnameVerifier(new SSLSocketFactoryUtil.TrustAllHostnameVerifier())


三、上面使用到的工具類(lèi)SSLSocketFactoryUtil如下:

public class SSLSocketFactoryUtil {

/**

* @return

* init SSLSocketFactory

*/

public static SSLSocketFactorycreateSSLSocketFactory() {

SSLSocketFactory sslSocketFactory =null;

? ? try {

SSLContext sslContext = SSLContext.getInstance("SSL");

? ? ? ? sslContext.init(null, new TrustManager[]{createTrustAllManager()}, new SecureRandom());

? ? ? ? sslSocketFactory = sslContext.getSocketFactory();

? ? }catch (Exception e) {

}

return sslSocketFactory;

}

/**

* @return

* init X509TrustManager

*/

public static X509TrustManagercreateTrustAllManager() {

X509TrustManager trustManager =null;

? ? try {

trustManager =new X509TrustManager() {

public void checkClientTrusted(X509Certificate[] chain, String authType){

//do nothing

? ? ? ? ? ? }

public void checkServerTrusted(X509Certificate[] chain, String authType){

//do nothing

? ? ? ? ? ? }

public X509Certificate[]getAcceptedIssuers() {

return new X509Certificate[0];

? ? ? ? ? ? }

};

? ? }catch (Exception e) {

}

return trustManager;

}

/**

* make TrustAllHostnameVerifier always true

*/

public static class TrustAllHostnameVerifierimplements HostnameVerifier {

@Override

? ? public boolean verify(String hostname, SSLSession session) {

return true;

? ? }

}

}


最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

友情鏈接更多精彩內(nèi)容