|
|
@@ -1,5 +1,6 @@
|
|
|
package nckd.base.helper;
|
|
|
|
|
|
+import com.itrus.security.cert.X509Certificate;
|
|
|
import kd.bos.dataentity.entity.DynamicObject;
|
|
|
import kd.bos.fileservice.FileServiceFactory;
|
|
|
import kd.bos.orm.query.QCP;
|
|
|
@@ -10,7 +11,11 @@ import kd.bos.servicehelper.AttachmentServiceHelper;
|
|
|
import kd.bos.servicehelper.BusinessDataServiceHelper;
|
|
|
import okhttp3.*;
|
|
|
|
|
|
+import javax.net.ssl.SSLContext;
|
|
|
+import javax.net.ssl.TrustManager;
|
|
|
+import javax.net.ssl.X509TrustManager;
|
|
|
import java.io.*;
|
|
|
+import java.security.cert.CertificateException;
|
|
|
import java.util.HashMap;
|
|
|
import java.util.List;
|
|
|
import java.util.Map;
|
|
|
@@ -71,22 +76,52 @@ public class FileSECUtils {
|
|
|
Map<String, String> header = new HashMap<>();
|
|
|
header.put("method-name", "checkFileIsEncryptionRest");
|
|
|
|
|
|
- OkHttpClient client = new OkHttpClient();
|
|
|
+ TrustManager[] trustAllCerts = new TrustManager[]{
|
|
|
+ new X509TrustManager() {
|
|
|
|
|
|
- // 创建 byte[] 类型的数据
|
|
|
- byte[] data = getFileTest();
|
|
|
+ @Override
|
|
|
+ public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException {
|
|
|
|
|
|
- // 创建 RequestBody,设置媒体类型和 byte[] 数据
|
|
|
- RequestBody requestBody = RequestBody.create(MediaType.get("application/octet-stream"), data);
|
|
|
+ }
|
|
|
|
|
|
- // 创建 Request 对象,设置目标 URL 和请求体
|
|
|
- Request request = new Request.Builder()
|
|
|
- .url(url)
|
|
|
- .post(requestBody)
|
|
|
- .build();
|
|
|
+ @Override
|
|
|
+ public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException {
|
|
|
|
|
|
- // 执行请求
|
|
|
- try (Response response = client.newCall(request).execute()) {
|
|
|
+ }
|
|
|
+
|
|
|
+ @Override
|
|
|
+ public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
|
|
|
+ }
|
|
|
+ };
|
|
|
+
|
|
|
+ try {
|
|
|
+ // 配置 SSLContext 使用不安全的 TrustManager
|
|
|
+ SSLContext sslContext = SSLContext.getInstance("SSL");
|
|
|
+ sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
|
|
|
+
|
|
|
+ //OkHttpClient client = new OkHttpClient();
|
|
|
+ // 创建安全的 OkHttpClient
|
|
|
+ // 创建 OkHttpClient 并禁用证书验证
|
|
|
+ OkHttpClient insecureClient = new OkHttpClient.Builder()
|
|
|
+ .sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustAllCerts[0])
|
|
|
+ .hostnameVerifier((hostname, session) -> true) // 绕过主机名验证
|
|
|
+ .build();
|
|
|
+
|
|
|
+ // 创建 byte[] 类型的数据
|
|
|
+ byte[] data = getFileTest();
|
|
|
+
|
|
|
+ // 创建 RequestBody,设置媒体类型和 byte[] 数据
|
|
|
+ //RequestBody requestBody = RequestBody.create(MediaType.get("application/octet-stream"), data);
|
|
|
+ RequestBody requestBody = RequestBody.create(data, MediaType.get("application/octet-stream"));
|
|
|
+
|
|
|
+ // 创建 Request 对象,设置目标 URL 和请求体
|
|
|
+ Request request = new Request.Builder()
|
|
|
+ .url(url)
|
|
|
+ .post(requestBody)
|
|
|
+ .build();
|
|
|
+
|
|
|
+ // 执行请求
|
|
|
+ Response response = insecureClient.newCall(request).execute() ;
|
|
|
// 获取响应状态码
|
|
|
System.out.println("Status code: " + response.code());
|
|
|
|
|
|
@@ -96,6 +131,10 @@ public class FileSECUtils {
|
|
|
}
|
|
|
} catch (IOException e) {
|
|
|
e.printStackTrace();
|
|
|
+ System.out.println("ERR content1: " + e.getMessage());
|
|
|
+ } catch (Exception e1){
|
|
|
+ e1.printStackTrace();
|
|
|
+ System.out.println("ERR content2: " + e1.getMessage());
|
|
|
}
|
|
|
}
|
|
|
|
