Bläddra i källkod

测试附件加密接口 https

wangjun 3 veckor sedan
förälder
incheckning
8c98a0075f

+ 51 - 12
code/base/nckd-jimin-base-helper/src/main/java/nckd/base/helper/FileSECUtils.java

@@ -1,5 +1,6 @@
 package nckd.base.helper;
 
+import com.itrus.security.cert.X509Certificate;
 import kd.bos.dataentity.entity.DynamicObject;
 import kd.bos.fileservice.FileServiceFactory;
 import kd.bos.orm.query.QCP;
@@ -10,7 +11,11 @@ import kd.bos.servicehelper.AttachmentServiceHelper;
 import kd.bos.servicehelper.BusinessDataServiceHelper;
 import okhttp3.*;
 
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
 import java.io.*;
+import java.security.cert.CertificateException;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -71,22 +76,52 @@ public class FileSECUtils {
         Map<String, String> header = new HashMap<>();
         header.put("method-name", "checkFileIsEncryptionRest");
 
-        OkHttpClient client = new OkHttpClient();
+        TrustManager[] trustAllCerts = new TrustManager[]{
+                new X509TrustManager() {
 
-        // 创建 byte[] 类型的数据
-        byte[] data  = getFileTest();
+                    @Override
+                    public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException {
 
-        // 创建 RequestBody,设置媒体类型和 byte[] 数据
-        RequestBody requestBody = RequestBody.create(MediaType.get("application/octet-stream"), data);
+                    }
 
-        // 创建 Request 对象,设置目标 URL 和请求体
-        Request request = new Request.Builder()
-                .url(url)
-                .post(requestBody)
-                .build();
+                    @Override
+                    public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException {
 
-        // 执行请求
-        try (Response response = client.newCall(request).execute()) {
+                    }
+
+                    @Override
+                    public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
+                }
+        };
+
+        try {
+            // 配置 SSLContext 使用不安全的 TrustManager
+            SSLContext sslContext = SSLContext.getInstance("SSL");
+            sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
+
+            //OkHttpClient client = new OkHttpClient();
+            // 创建安全的 OkHttpClient
+            // 创建 OkHttpClient 并禁用证书验证
+            OkHttpClient insecureClient = new OkHttpClient.Builder()
+                    .sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustAllCerts[0])
+                    .hostnameVerifier((hostname, session) -> true) // 绕过主机名验证
+                    .build();
+
+            // 创建 byte[] 类型的数据
+            byte[] data = getFileTest();
+
+            // 创建 RequestBody,设置媒体类型和 byte[] 数据
+            //RequestBody requestBody = RequestBody.create(MediaType.get("application/octet-stream"), data);
+            RequestBody requestBody = RequestBody.create(data, MediaType.get("application/octet-stream"));
+
+            // 创建 Request 对象,设置目标 URL 和请求体
+            Request request = new Request.Builder()
+                    .url(url)
+                    .post(requestBody)
+                    .build();
+
+            // 执行请求
+            Response response = insecureClient.newCall(request).execute() ;
             // 获取响应状态码
             System.out.println("Status code: " + response.code());
 
@@ -96,6 +131,10 @@ public class FileSECUtils {
             }
         } catch (IOException e) {
             e.printStackTrace();
+            System.out.println("ERR content1: " + e.getMessage());
+        } catch (Exception e1){
+            e1.printStackTrace();
+            System.out.println("ERR content2: " + e1.getMessage());
         }
     }