Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
DiDi
DoraemonKit
提交
603036f7
D
DoraemonKit
项目概览
DiDi
/
DoraemonKit
9 个月 前同步成功
通知
166
Star
19623
Fork
3062
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
DoraemonKit
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
603036f7
编写于
5月 24, 2022
作者:
R
realonezhang
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
fix:修改兼容自定义 SSLSocketFactory 导致的网络拦截 OkHttp is unable to extract the trust manager.
上级
9f48e8c6
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
132 addition
and
6 deletion
+132
-6
Android/dokit/src/main/java/com/didichuxing/doraemonkit/aop/urlconnection/MyTrustManager.java
...chuxing/doraemonkit/aop/urlconnection/MyTrustManager.java
+125
-0
Android/dokit/src/main/java/com/didichuxing/doraemonkit/aop/urlconnection/ObsoleteUrlFactory.java
...ing/doraemonkit/aop/urlconnection/ObsoleteUrlFactory.java
+7
-6
未找到文件。
Android/dokit/src/main/java/com/didichuxing/doraemonkit/aop/urlconnection/MyTrustManager.java
0 → 100644
浏览文件 @
603036f7
package
com.didichuxing.doraemonkit.aop.urlconnection
;
import
java.lang.reflect.Field
;
import
java.security.SecureRandom
;
import
java.security.cert.CertificateException
;
import
java.security.cert.X509Certificate
;
import
javax.annotation.Nullable
;
import
javax.net.ssl.SSLContext
;
import
javax.net.ssl.SSLSocketFactory
;
import
javax.net.ssl.X509TrustManager
;
/**
* didi Create on 2022/5/24 .
* <p>
* Copyright (c) 2022/5/24 by didiglobal.com.
*
* @author <a href="realonlyone@126.com">zhangjun</a>
* @version 1.0
* @Date 2022/5/24 5:34 下午
* @Description 用一句话说明文件功能
*/
public
class
MyTrustManager
{
private
static
final
X509TrustManager
trustManager
=
new
X509TrustManager
()
{
@Override
public
void
checkClientTrusted
(
X509Certificate
[]
chain
,
String
authType
)
throws
CertificateException
{
}
@Override
public
void
checkServerTrusted
(
X509Certificate
[]
chain
,
String
authType
)
throws
CertificateException
{
}
@Override
public
X509Certificate
[]
getAcceptedIssuers
()
{
return
new
X509Certificate
[
0
];
}
};
public
X509TrustManager
getTrustManager
()
{
return
trustManager
;
}
public
X509TrustManager
buildTrustManager
()
{
SSLContext
sslContext
=
null
;
try
{
sslContext
=
SSLContext
.
getInstance
(
"TLS"
);
sslContext
.
init
(
null
,
new
X509TrustManager
[]{
trustManager
},
new
SecureRandom
());
SSLSocketFactory
ssl
=
sslContext
.
getSocketFactory
();
return
trustManager
(
ssl
);
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
}
return
null
;
}
private
X509TrustManager
trustManager2
(
SSLSocketFactory
sslSocketFactory
)
{
// Attempt to get the trust manager from an OpenJDK socket factory. We attempt this on all
// platforms in order to support Robolectric, which mixes classes from both Android and the
// Oracle JDK. Note that we don't support HTTP/2 or other nice features on Robolectric.
try
{
Class
<?>
sslContextClass
=
Class
.
forName
(
"sun.security.ssl.SSLContextImpl"
);
Object
context
=
readFieldOrNull
(
sslSocketFactory
,
sslContextClass
,
"context"
);
if
(
context
==
null
)
return
null
;
return
readFieldOrNull
(
context
,
X509TrustManager
.
class
,
"trustManager"
);
}
catch
(
ClassNotFoundException
e
)
{
return
null
;
}
}
private
X509TrustManager
trustManager
(
SSLSocketFactory
sslSocketFactory
)
throws
Exception
{
Class
sslParametersClass
=
Class
.
forName
(
"com.android.org.conscrypt.SSLParametersImpl"
);
Class
sslSocketClass
=
Class
.
forName
(
"com.android.org.conscrypt.OpenSSLSocketImpl"
);
Object
context
=
readFieldOrNull
(
sslSocketFactory
,
sslParametersClass
,
"sslParameters"
);
if
(
context
==
null
)
{
// If that didn't work, try the Google Play Services SSL provider before giving up. This
// must be loaded by the SSLSocketFactory's class loader.
try
{
Class
<?>
gmsSslParametersClass
=
Class
.
forName
(
"com.google.android.gms.org.conscrypt.SSLParametersImpl"
,
false
,
sslSocketFactory
.
getClass
().
getClassLoader
());
context
=
readFieldOrNull
(
sslSocketFactory
,
gmsSslParametersClass
,
"sslParameters"
);
}
catch
(
ClassNotFoundException
e
)
{
return
trustManager2
(
sslSocketFactory
);
}
}
X509TrustManager
x509TrustManager
=
readFieldOrNull
(
context
,
X509TrustManager
.
class
,
"x509TrustManager"
);
if
(
x509TrustManager
!=
null
)
return
x509TrustManager
;
return
readFieldOrNull
(
context
,
X509TrustManager
.
class
,
"trustManager"
);
}
static
@Nullable
<
T
>
T
readFieldOrNull
(
Object
instance
,
Class
<
T
>
fieldType
,
String
fieldName
)
{
for
(
Class
<?>
c
=
instance
.
getClass
();
c
!=
Object
.
class
;
c
=
c
.
getSuperclass
())
{
try
{
Field
field
=
c
.
getDeclaredField
(
fieldName
);
field
.
setAccessible
(
true
);
Object
value
=
field
.
get
(
instance
);
if
(!
fieldType
.
isInstance
(
value
))
return
null
;
return
fieldType
.
cast
(
value
);
}
catch
(
NoSuchFieldException
ignored
)
{
}
catch
(
IllegalAccessException
e
)
{
throw
new
AssertionError
();
}
}
// Didn't find the field we wanted. As a last gasp attempt, try to find the value on a delegate.
if
(!
fieldName
.
equals
(
"delegate"
))
{
Object
delegate
=
readFieldOrNull
(
instance
,
Object
.
class
,
"delegate"
);
if
(
delegate
!=
null
)
return
readFieldOrNull
(
delegate
,
fieldType
,
fieldName
);
}
return
null
;
}
}
Android/dokit/src/main/java/com/didichuxing/doraemonkit/aop/urlconnection/ObsoleteUrlFactory.java
浏览文件 @
603036f7
...
...
@@ -6,11 +6,8 @@ import android.util.Log;
import
androidx.annotation.Nullable
;
import
androidx.annotation.RequiresApi
;
import
com.didichuxing.doraemonkit.kit.network.utils.StreamUtil
;
import
com.didichuxing.doraemonkit.util.ConvertUtils
;
import
com.didichuxing.doraemonkit.util.LogHelper
;
import
java.io.FileNotFoundException
;
import
java.io.IOException
;
import
java.io.InputStream
;
import
java.io.InterruptedIOException
;
...
...
@@ -49,6 +46,7 @@ import java.util.concurrent.TimeUnit;
import
javax.net.ssl.HostnameVerifier
;
import
javax.net.ssl.HttpsURLConnection
;
import
javax.net.ssl.SSLSocketFactory
;
import
javax.net.ssl.X509TrustManager
;
import
okhttp3.Call
;
import
okhttp3.Callback
;
...
...
@@ -1313,12 +1311,15 @@ final class ObsoleteUrlFactory implements URLStreamHandlerFactory, Cloneable {
if
(
sslSocketFactory
==
null
)
{
throw
new
IllegalArgumentException
(
"sslSocketFactory == null"
);
}
X509TrustManager
trustManager
=
new
MyTrustManager
().
getTrustManager
();
// This fails in JDK 9 because OkHttp is unable to extract the trust manager.
delegate
.
client
=
delegate
.
client
.
newBuilder
()
.
sslSocketFactory
(
sslSocketFactory
)
.
build
();
.
sslSocketFactory
(
sslSocketFactory
,
trustManager
)
.
build
();
}
@Override
public
SSLSocketFactory
getSSLSocketFactory
()
{
return
delegate
.
client
.
sslSocketFactory
();
...
...
@@ -1342,4 +1343,4 @@ final class ObsoleteUrlFactory implements URLStreamHandlerFactory, Cloneable {
}
}
}
\ No newline at end of file
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录