騰訊企業(yè)郵箱官方api文檔很簡略還有一些錯誤和漏洞：

1. 獲取token單點登錄和獲取未讀郵件數(shù)使用的secret不一致。

此處很容易誤解為最初用于獲取AccessToken的corpSecret

2.獲取未讀郵件數(shù)這個功能可以被管理員停用，需要開啟

停用的時候返回返回?{"errcode":602005,"errmsg":"no?privilege?to?access?app"}

3.獲取未讀郵件數(shù)的請求為post請求，官方文檔是get

4.如果部署的weblogic之類的中間件可以會出現(xiàn)以下問題，請求的https報錯證書不一致

此處的問題主要是后臺發(fā)起請求的時候weblogic會去做安全校驗，

解決辦法：1.修改weblogic配置

? ? ? ? ? ? ? ? ? 2.?HttpsURLConnection 配合Handler繞開證書校驗

? ? ? ? ? ? ? ? ? 3.請求之前信任所有證書

信任證書的方法：

private static void trustALLSSLCertificates(HttpURLConnection con) throws NoSuchAlgorithmException, KeyManagementException {

? ? ? ? ((HttpsURLConnection) con).setHostnameVerifier(new HostnameVerifier() {? ?

? ? ? ? ? ? public boolean verify(String hostname, SSLSession session) {? ?

? ? ? ? ? ? ? ? return true;? ?

? ? ? ? ? ? }?

? ? ? ? });? ?

? ? ? ? // Ignore Certification? ?

? ? ? ? TrustManager ignoreCertificationTrustManger = new X509TrustManager() {? ?

? ? ? ? ? ? public void checkClientTrusted(X509Certificate certificates[], String authType) throws CertificateException {? ?

? ? ? ? ? ? }? ?

? ? ? ? ? ? public void checkServerTrusted(X509Certificate[] ax509certificate, String s) throws CertificateException {? ?

? ? ? ? ? ? }? ?

? ? ? ? ? ? public X509Certificate[] getAcceptedIssuers() {? ?

? ? ? ? ? ? ? ? return null;? ?

? ? ? ? ? ? }?

? ? ? ? };? ?

? ? ? ? // Prepare SSL Context? ?

? ? ? ? TrustManager[] tm = { ignoreCertificationTrustManger };? ?

? ? ? ? SSLContext sslContext = SSLContext.getInstance("SSL");? ?

? ? ? ? sslContext.init(null, tm, new java.security.SecureRandom());? ?

? ? ? ? // 從上述SSLContext對象中得到SSLSocketFactory對象? ?

? ? ? ? SSLSocketFactory ssf = sslContext.getSocketFactory();? ?

? ? ? ? ((HttpsURLConnection) con).setSSLSocketFactory(ssf);? ?

? ? }?

后端請求：

public String httpGetbak(String url) {

? ? ? ? BufferedReader in = null;?

? ? ? ? try {?

? ? ? ? //com.sun.net.ssl.internal.www.protocol.https.Handler

? ? ? ? ? ? URL realUrl = new URL(null,url,new sun.net.www.protocol.https.Handler());?

? ? ? ? ? ? HttpsURLConnection? connection = (HttpsURLConnection) realUrl.openConnection();?

? ? ? ? ? ? trustALLSSLCertificates(connection);

? ? ? ? ? ? connection.setRequestProperty("accept", "*/*");?

? ? ? ? ? ? connection.setRequestProperty("connection", "Keep-Alive");?

? ? ? ? ? ? connection.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");?

? ? ? ? ? ? connection.setConnectTimeout(5000);?

? ? ? ? ? ? connection.setReadTimeout(5000);?

? ? ? ? ? ? connection.connect();?

? ? ? ? ? ? in = new BufferedReader(new InputStreamReader(connection.getInputStream()));?

? ? ? ? ? ? StringBuffer sb = new StringBuffer();?

? ? ? ? ? ? String line;?

? ? ? ? ? ? while ((line = in.readLine()) != null) {?

? ? ? ? ? ? ? ? sb.append(line);?

? ? ? ? ? ? }?

? ? ? ? ? ? return sb.toString();?

? ? ? ? } catch (Exception e) {?

? ? ? ? ? e.printStackTrace();

? ? ? ? }?

? ? ? ? finally {?

? ? ? ? ? ? try {?

? ? ? ? ? ? ? ? if (in != null) {?

? ? ? ? ? ? ? ? ? ? in.close();?

? ? ? ? ? ? ? ? }?

? ? ? ? ? ? } catch (Exception e2) {?

? ? ? ? ? ? ? ? e2.printStackTrace();?

? ? ? ? ? ? }?

? ? ? ? }?

? ? ? ? return null;?

? ? }?

單點登錄與獲取未讀數(shù)

public String getEmailUrl(String user, String domain, String usertype){String tokenback = httpGetbak("https://api.exmail.qq.com/cgi-bin/gettoken?corpid=wm8c6ece99e54d4813&corpsecret=r8H0thugLH4ds3Jm4HAhnD_gvVtlsBIaJG4KH-5i5kW4rW_4JPF7FnOKVVa1Bc4L");JSONObject jsStr = JSONObject.fromObject(tokenback);String token =jsStr.getString("access_token");String url =" https://api.exmail.qq.com/cgi-bin/service/get_login_url?access_token="+token+"&userid="+user+"@hnust.edu.cn";String loginUrlBack = httpGetbak(url);JSONObject jsback = JSONObject.fromObject(loginUrlBack);loginUrlBack = jsback.getString("login_url");return loginUrlBack;}

public String getUnRead(String user, String domain, String usertype) throws HttpException, IOException {String email = user +"@"+domain;String tokenback = httpGetbak("https://api.exmail.qq.com/cgi-bin/gettoken?corpid=wm8c6ece99e54d4813&corpsecret=WqG1CvlXqy6nrobMIrYCSXhFe80jgoZEw6Epx3s5XIgkRlvUX9H8NkyENW4uGaBH");JSONObject jsStr = JSONObject.fromObject(tokenback);String token =jsStr.getString("access_token"); Mapparams = new HashMap();

? Date currentTime = new Date();?

? SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd");?

? String dateNow = formatter.format(currentTime);

? Calendar c = Calendar.getInstance();

? c.setTime(new Date());

? ? ? ? c.add(Calendar.DATE, - 7);

? ? ? ? Date daybefore = c.getTime();

? ? ? ? String dbef = formatter.format(daybefore);

? ? ? ? params.put("type", "0");?

? ? ? ? params.put("begin_date", dateNow);?

? ? ? ? params.put("end_date", dbef);?

? ? ? ? String url = "https://api.exmail.qq.com/cgi-bin/mail/newcount?access_token="+token+"&userid="+email;

? ? PostMethod gmethod = new PostMethod(url);

? ? HttpClient httpclient = new HttpClient();

? ? HttpClientParams ps = new HttpClientParams();

? ? ps.setParameter("type", "0");

? ? ps.setParameter("begin_date", dateNow);

? ? ps.setParameter("end_date", dbef);?

? ? httpclient.setParams(ps);

? ? int responseCode = httpclient.executeMethod(gmethod);

? ? String mailContent ="";

? ? if (responseCode == HttpURLConnection.HTTP_OK) {

InputStream inputStream = gmethod.getResponseBodyAsStream();

BufferedReader br = new BufferedReader(new InputStreamReader(

inputStream, "ISO-8859-1"));

StringBuffer resBuffer = new StringBuffer();

String tempStr = "";

while ((tempStr = br.readLine()) != null) {

resBuffer.append(new String(tempStr.getBytes("ISO-8859-1"),

"UTF-8"));

}

? ? mailContent = resBuffer.toString();

? ? JSONObject Str = JSONObject.fromObject(mailContent);

String num = Str.getString("count");

return num;

? ? }

? ? ? ? return "0";

}