RestTemplate中的https請(qǐng)求調(diào)用

今天在項(xiàng)目中用spring的RestTemplate調(diào)用https的請(qǐng)求,突然不靈了,記得上次還沒(méi)問(wèn)題,懷疑是證書(shū)問(wèn)題,網(wǎng)上找了個(gè)解決方案,完美解決,在這里記錄一下,順便把用到的RestTemplate用法記錄一下。

2020-04-17 18:46:54.859 ERROR 9 --- [p-nio-80-exec-7] o.a.c.c.C.[.[.[.[dispatcherServlet]      : Servlet.service() for servlet [dispatcherServlet] in context with path [/info] threw exception [Request processing failed; nested exception is org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://sso.bjou.edu.cn/oauth/token": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target] with root cause

RestTemplate之表單提交

直接上代碼片段,僅供參考

        MultiValueMap<String, String> map = new LinkedMultiValueMap<String, String>();
        map.add("client_id", filterProperties.getClientId());
        map.add("client_secret", filterProperties.getClientSecret());
        map.add("grant_type", "authorization_code");
        map.add("redirect_uri", filterProperties.getRedirectUri());
        map.add("code", code);

        HttpHeaders headers = new HttpHeaders();
        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<MultiValueMap<String, String>>(map, headers);

        ResponseEntity<Map> response = restTemplate.postForEntity(tokenUrl(), request, Map.class);

RestTemplate調(diào)用https

特別注意,不是所有的https請(qǐng)求都會(huì)報(bào)以下錯(cuò)誤,懷疑和證書(shū)有關(guān)系,還沒(méi)有考證,異常及代碼片段如下

  • 異常
2020-04-17 18:46:54.859 ERROR 9 --- [p-nio-80-exec-7] o.a.c.c.C.[.[.[.[dispatcherServlet]      : 
Servlet.service() for servlet [dispatcherServlet] in context with path [/info] threw exception [Request processing failed; nested exception is 
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://xxx/oauth/token": 
sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: 
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target] with root cause
  • 代碼片段
this.restTemplate = new RestTemplate(generateHttpRequestFactory());

    private HttpComponentsClientHttpRequestFactory generateHttpRequestFactory() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
        TrustStrategy acceptingTrustStrategy = (x509Certificates, authType) -> true;
        SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
        SSLConnectionSocketFactory connectionSocketFactory = new SSLConnectionSocketFactory(sslContext,
                new NoopHostnameVerifier());

        HttpClientBuilder httpClientBuilder = HttpClients.custom();
        httpClientBuilder.setSSLSocketFactory(connectionSocketFactory);
        CloseableHttpClient httpClient = httpClientBuilder.build();
        HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory();
        factory.setHttpClient(httpClient);
        return factory;
    }

附完整代碼類

import lombok.extern.slf4j.Slf4j;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.ssl.TrustStrategy;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.util.StringUtils;
import org.springframework.web.client.RestTemplate;

import javax.net.ssl.SSLContext;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.Map;

/**
 * oauth2客戶端
 *
 * @author songhuiqing
 */
@Slf4j
@Configuration
public class Oauth2ClientConfiguration {

    FilterProperties filterProperties;

    private RestTemplate restTemplate;

    public Oauth2ClientConfiguration(RestTemplate restTemplate, FilterProperties filterProperties) {
        String oauth2Server = filterProperties.getOauth2Server();
        if (!StringUtils.isEmpty(oauth2Server) && oauth2Server.startsWith("https")) {
            try {
                this.restTemplate = new RestTemplate(generateHttpRequestFactory());
            } catch (Exception e) {
                log.error("init restTemplate error, {}", e.getMessage());
                throw new RuntimeException("init restTemplate error", e);
            }
        } else {
            this.restTemplate = new RestTemplate();
        }

        this.filterProperties = filterProperties;
    }


    public OAuth2AccessToken getAccessToken(String code) {

        MultiValueMap<String, String> map = new LinkedMultiValueMap<String, String>();
        map.add("client_id", filterProperties.getClientId());
        map.add("client_secret", filterProperties.getClientSecret());
        map.add("grant_type", "authorization_code");
        map.add("redirect_uri", filterProperties.getRedirectUri());
        map.add("code", code);

        HttpHeaders headers = new HttpHeaders();
        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<MultiValueMap<String, String>>(map, headers);

        ResponseEntity<Map> response = restTemplate.postForEntity(tokenUrl(), request, Map.class);
        if (response.getStatusCode().is2xxSuccessful()) {
            return DefaultOAuth2AccessToken.valueOf(response.getBody());
        }
        throw new RuntimeException(String.format("認(rèn)證服務(wù)異常, 返回狀態(tài)為: %s, 原因: %s",
                response.getStatusCodeValue(),
                response.getBody()));
    }

    public String getUserName(String accessToken) {

        ResponseEntity<Map> response = restTemplate.postForEntity(userUrl(accessToken), null, Map.class);
        if (response.getStatusCode().is2xxSuccessful()) {
            return (String) response.getBody().get("username");
        }
        throw new RuntimeException(String.format("認(rèn)證服務(wù)異常, 返回狀態(tài)為: %s, 原因: %s",
                response.getStatusCodeValue(),
                response.getBody()));
    }

    private String tokenUrl() {
        return filterProperties.getOauth2Server() + "/oauth/token";
    }

    private String userUrl(String accessToken) {
        return filterProperties.getOauth2Server() + "/userinfo?access_token=" + accessToken;
    }


    private HttpComponentsClientHttpRequestFactory generateHttpRequestFactory() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
        TrustStrategy acceptingTrustStrategy = (x509Certificates, authType) -> true;
        SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
        SSLConnectionSocketFactory connectionSocketFactory = new SSLConnectionSocketFactory(sslContext,
                new NoopHostnameVerifier());

        HttpClientBuilder httpClientBuilder = HttpClients.custom();
        httpClientBuilder.setSSLSocketFactory(connectionSocketFactory);
        CloseableHttpClient httpClient = httpClientBuilder.build();
        HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory();
        factory.setHttpClient(httpClient);
        return factory;
    }
}
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容