Google Volley框架之https请求

先插一句。Google出的volley框架本身是支持https请求的，可是仅仅是针对有第三方机构认证过的。

假设自己随便在网上搞的一个证书，那volley是不支持请求的。

本文讲下怎样让volley支持自己搞的https证书。

改动volley源代码：com.android.myvolley.toolbox.HurlStack

   /**
     * Create an {@link HttpURLConnection} for the specified {@code url}.
     */
    protected HttpURLConnection createConnection(URL url) throws IOException {
        if (url.toString().contains("https")) {
            MyHttpsManager.allowAllSSL();
        }
        return (HttpURLConnection) url.openConnection();
    }

在HurlStack类中的createConnection方法中，做个过滤处理：

if (url.toString().contains("https")) {
            MyHttpsManager.allowAllSSL();
        }

直接贴代码啦。

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

public class MyHttpsManager implements X509TrustManager {
    private static TrustManager[] trustManagers;

    @Override
    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {

    }

    @Override
    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {

    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }

    public static void allowAllSSL() {
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

            @Override
            public boolean verify(String arg0, SSLSession arg1) {
                // TODO Auto-generated method stub
                return true;
            }

        });

        SSLContext context = null;
        if (trustManagers == null) {
            trustManagers = new TrustManager[] { new MyHttpsManager() };
        }

        try {
            context = SSLContext.getInstance("TLS");
            context.init(null, trustManagers, new SecureRandom());
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (KeyManagementException e) {
            e.printStackTrace();
        }

        HttpsURLConnection.setDefaultSSLSocketFactory(context
                .getSocketFactory());
    }
}

然后请求的时候在头里面加个什么鬼id。sign之类的，就能够和服务端通信了。

比如volley重写getHeaders方法：

public void sendRequest(int method, String url, JSONObject jsonRequest, final String sessionToken, final OnResponseListener listener,final OnErrorListener errorListener) {
        initUserAgent();

        JsonObjectRequest jsonObjectRequest = new JsonObjectRequest(method, url, jsonRequest, new Response.Listener<JSONObject>() {
            @Override
            public void onResponse(JSONObject response) {
                listener.onResponse(response);
            }

        }, new Response.ErrorListener() {
            @Override
            public void onErrorResponse(VolleyError error) {
                errorListener.onErrorResponse(error);
            }
        }){
            @Override
            public Map<String, String> getHeaders() throws AuthFailureError {
                HashMap<String, String> headers = new HashMap<String,String>();
                headers.put("Content-Type", "application/json");
                headers.put("x-app-id", APPID);
                headers.put("x-app-sign",SIGN);
                headers.put("x-session-token",sessionToken);
                headers.put("User-Agent",userAgent);
                return headers;
            }
        };

        Volley.newRequestQueue(context).add(jsonObjectRequest);
    }