我正在尝试使用 HurlStack 在 volley 中实现 SSL Pinning。
在 OkHttpStack 类中,如何将我的 mClient 提供给库以创建连接?当前未使用 mClient,因此 SSL Pinning 不起作用。我应该在哪里传递这个 mClient 以便库可以将它用于 SSL Pinning?
我需要使用当前架构通过 volley 实现 SSL Pinning。有什么办法吗?
public class OkHttpStack extends HurlStack {
private final OkHttpClient mClient;
public OkHttpStack(Context context) {
this(new OkHttpClient(), context);
}
public OkHttpStack(OkHttpClient client, Context context) {
if (client == null) {
throw new NullPointerException("Client must not be null.");
}
CertificatePinner pinner = new CertificatePinner.Builder()
.add("xyz.com", "sha256/XXXXXXXSKBC8dHnQYY6ncwwUtv2ydjxGAlXXXXXXXXs=").build();
mClient = client.newBuilder().certificatePinner(pinner).build();
}
@Override
protected HttpURLConnection createConnection(URL url) throws IOException {
return (HttpURLConnection) url.openConnection();
}
}
public class VolleyQueueUtils {
private static final String DEFAULT_CACHE_DIR = "volley";
private static final int DISK_CACHE_MAX_SIZE = 20 * 1024 * 1024;
private static RequestQueue sGeneralRequestQueue;
private static DiskBasedCache sDiskCache;
private static RequestQueue sImageQueue;
// private static ImageLoader sImageLoader;
private static RequestQueue sJobQueue;
private static RequestQueue sSingleThreadedRequestQueue;
static {
File cacheDir = new File(App.context.getCacheDir(), DEFAULT_CACHE_DIR);
sDiskCache = new DiskBasedCache(cacheDir, DISK_CACHE_MAX_SIZE);
ResponseDelivery delivery = new ExecutorDelivery(Executors.newFixedThreadPool(4));
ResponseDelivery deliverySingle = new ExecutorDelivery(Executors.newFixedThreadPool(1));
sGeneralRequestQueue =
new RequestQueue(sDiskCache, new BasicNetwork(new OkHttpStack(App.context)), 4, delivery);
// sGeneralRequestQueue = Volley.newRequestQueue(App.context, new OkHttpStack(App.context));
sGeneralRequestQueue.start();
sImageQueue = new RequestQueue(sDiskCache ,new BasicNetwork(new OkHttpStack(App.context)), 4, delivery);
sImageQueue.start();
sSingleThreadedRequestQueue = new RequestQueue(sDiskCache, new BasicNetwork(new OkHttpStack(App.context)), 1,
deliverySingle);
//sSingleThreadedRequestQueue.start();
// sImageLoader = new ImageLoader(sImageQueue, new LruBitmapCache());
// Job queue for background tasks
sJobQueue = new RequestQueue(new NoCache(), new BasicNetwork(new OkHttpStack(App.context)), 4, delivery);
sJobQueue.start();
}
public static ImageLoader getImageLoader() {
return BitmapQueueUtils.getLoaderInstance();
}
public static RequestQueue getGeneralRequestQueue() {
return sGeneralRequestQueue;
}
public static RequestQueue getSingleThreadedRequestQueue() {
return sSingleThreadedRequestQueue;
}
public static RequestQueue getJobQueue () {
return sJobQueue;
}
}
最佳答案
您做错的事情是您使用指定的固定配置创建了一个 okhttp 客户端,但没有使用它来创建真正的连接。
您有 2 个选项来修复它:
而不是 HurlStack,例如 https://gist.github.com/arvi/f1a0d2a812650c546223642856afe1e9 , 并且你不能真正用 okhttp3 实现 HurlStack,因为 okhttp3 使用 okio 来做传输,它不会创建 HttpURLConnection。
关于android - 使用 SHA256 和 CertificatePinner 在 Volley 中进行 SSL 固定,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/68221188/