我正在尝试使用 trustAllCertificates 通过 Https 连接获取一些数据。
我的 Intent 是首先通过登录站点上的 GET 请求获取“Set-Cookie”值(低于 4),然后我使用它们对同一登录站点执行真正的 POST,但在请求完成后我总是得到一个 500 响应代码。正确的响应应该是 302 给我 .ASPXAUTH cookie,我知道我通过它正确登录(虽然我不知道这个假设是否正确?)。
如果有人能指出正确的方向或帮助我,那就太好了,现在我为此苦思冥想了一段时间。
GetCookies: ASP.NET_SessionId=xjfnvccto5ttvwlhnfoypg5j
GetCookies: _culture_sc=nl
GetCookies: __RequestVerificationToken=tT8uFrYYGeFh8gk57wrc0WRsEFaodG4T5imvoohJC5_wFrkkUt_tyGpWniXHhawFnyCVmxqm5F8XKL0EZFDjVsL89tsuDXBD3GiGpA8yKLY1
GetCookies: AWSELB="8531CF6912558C4E64C6A46FDD46D2677B2558E852A91BEA8383D429952CE6042E8FD08CBE9912A67B0A1ACDCB474BBF0863366F22F2E637C7C9DF353DCC76C43A6CC30545";$Path="/";$Domain="mobiel.host.nl"
最佳答案
编辑:我现在让它工作了,事实上我获取 token 不正确,我需要从登录站点本身获取它,而不是从 Set-Cookie header 中获取值。结果服务器收到了不正确的数据并给出了 500 响应代码。 如果有人遇到同样的问题,我会发布工作代码。
我使用static HttpsURLConnection将这一切封装在HttpUtility 类中。
/** * Represents an HTTP connection */ private static HttpsURLConnection httpConn;
从登录站点获取 token :
private String getToken() { String result = ""; try { Document doc = Jsoup.connect("https://mobiel.host.nl/login").get(); Element inputElements = doc.getElementsByTag("input").first(); result = inputElements.attr("value"); } catch (IOException e) { e.printStackTrace(); } return result; }
处理 cookies:
final public void saveCookies(HttpURLConnection connection, Context context) {
CookieHandler.setDefault(myCookies);
Map<String, List<String>> headerFields = connection.getHeaderFields();
List<String> cookiesHeader = null;
try {
cookiesHeader = headerFields.get("Set-Cookie");
} catch (Exception e) {
e.printStackTrace();
}
if (cookiesHeader != null && myCookies != null) {
for (String cookie : cookiesHeader) {
try {
cookie = cookie.replace("\"", "");
myCookies.getCookieStore().add(connection.getURL().toURI(), HttpCookie.parse(cookie).get(0));
new_cookie = TextUtils.join(";", myCookies.getCookieStore().getCookies());
PreferenceManager.getDefaultSharedPreferences(LoginActivity.myContext).edit().putString("cookie", new_cookie).commit();
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
}
final public void loadCookies(HttpURLConnection connection, Context context) {
if (myCookies != null && myCookies.getCookieStore().getCookies().size() > 0) {
connection.setRequestProperty("Cookie", TextUtils.join(";", myCookies.getCookieStore().getCookies()));
Log.w("NewCookies: ", myCookies.getCookieStore().getCookies().toString());
} else {
new_cookie = PreferenceManager.getDefaultSharedPreferences(LoginActivity.myContext).getString("cookie" , "");
connection.setRequestProperty("Cookie", new_cookie);
}
}
禁用 SSL 证书检查,仅用于测试目的:
private static void disableSSLCertificateChecking() { TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { // Not implemented } @Override public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { // Not implemented } } }; try { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (KeyManagementException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } }
获取请求:
public void sendGetRequest(String requestURL, Context context) { try { URL url = new URL(requestURL); disableSSLCertificateChecking(); // Call this only once httpConn = (HttpsURLConnection) url.openConnection(); httpConn.setUseCaches(false); loadCookies(httpConn, context); httpConn.setRequestProperty("User-Agent", USER_AGENT); httpConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); httpConn.setDoInput(true); httpConn.setRequestMethod("GET"); int responseCode = httpConn.getResponseCode(); if (responseCode == HttpsURLConnection.HTTP_OK) { InputStream in = httpConn.getInputStream(); if (httpConn.getContentEncoding() != null && httpConn.getContentEncoding().contains("gzip")) { GZIPInputStream inn = new GZIPInputStream(in); saveCookies(httpConn, context); // Save SET-Cookies } else { saveCookies(httpConn, context); //--// } } } catch (IOException e) { e.printStackTrace(); } }
POST 请求:
public HttpsURLConnection sendPostRequest(String requestURL, Context context) throws IOException { int TIMEOUT_VALUE = 10000; token = getToken(); // Get token from Loginsite Uri.Builder builder = new Uri.Builder() .appendQueryParameter("__RequestVerificationToken", token) .appendQueryParameter("ReturnUrl", "") .appendQueryParameter("Username", user) .appendQueryParameter("Password", pass); String query = builder.build().getEncodedQuery(); try { boolean redirect = false; URL url = new URL(requestURL); HttpsURLConnection httpConn = null; httpConn = (HttpsURLConnection) url.openConnection(); httpConn.setRequestMethod("POST"); httpConn.setDoInput(true); httpConn.setDoOutput(true); httpConn.setUseCaches(false); httpConn.setReadTimeout(TIMEOUT_VALUE); httpConn.setConnectTimeout(TIMEOUT_VALUE); httpConn.setInstanceFollowRedirects(false); System.out.println("Request URL ... " + url); httpConn.setRequestProperty("User-Agent", USER_AGENT); httpConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); httpConn.setRequestProperty("Content-Length", Integer.toString(query.length())); // sends POST data OutputStream os = httpConn.getOutputStream(); BufferedWriter writer = new BufferedWriter( new OutputStreamWriter(os, "UTF-8")); writer.write(query); writer.flush(); writer.close(); os.close(); // Handle servererror code int status = httpConn.getResponseCode(); if (status > 400) { InputStream errorstream = httpConn.getErrorStream(); BufferedReader br = null; if (errorstream == null) { InputStream inputstream = httpConn.getInputStream(); br = new BufferedReader(new InputStreamReader(inputstream)); } else { br = new BufferedReader(new InputStreamReader(errorstream)); } String response = ""; String message; while ((nachricht = br.readLine()) != null) { response += message; } } // Handle redirects, normally, 3xx is redirect if (status != HttpsURLConnection.HTTP_OK) { if (status == HttpsURLConnection.HTTP_MOVED_TEMP || status == HttpsURLConnection.HTTP_MOVED_PERM || status == HttpsURLConnection.HTTP_SEE_OTHER) redirect = true; } if (redirect) { // get redirect url from "location" header field String newUrl = httpConn.getHeaderField("Location"); // Get the cookie if needed, for login saveCookies(httpConn, context); // Open the new connnection again httpConn = (HttpsURLConnection) url.openConnection(); loadCookies(httpConn, context); //Include the cookies httpConn.setRequestProperty("User-Agent", USER_AGENT); httpConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); Log.w("Redirected to URL : ", newUrl); } } catch (SocketTimeoutException e) { Log.e("More than ", TIMEOUT_VALUE + " elapsed."); } // Check if correctly logged in httpConn.getHeaderFields().toString(); List<HttpCookie> cookies = myCookies.getCookieStore().getCookies(); for (HttpCookie cookie : cookies) { if (cookie.getName().equals(".ASPXAUTH")) { Log.e(".ASPXAUTH-Session: ", "Logged in!"); } } saveCookies(httpConn, context); // Save Set-Cookies for next session return httpConn; }
关于android - https 连接,resonsecode 500,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/34473165/