From 5ec1f1f7f720fe66a818306f981d2e2a08a62b3f Mon Sep 17 00:00:00 2001
From: ErwinFeng <xfsy_2015@163.com>
Date: Sun, 18 Aug 2024 02:08:13 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dokhttp=E7=BD=91=E7=BB=9C?=
 =?UTF-8?q?=E8=AF=B7=E6=B1=82=E6=B2=A1=E6=9C=89=E8=AE=BE=E7=BD=AEssl?=
 =?UTF-8?q?=E7=9A=84=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../http/client/impl/OkHttpClient.java        | 81 ++++++++++++++++++-
 .../javalib/http/HttpUtilsTests.java          |  7 ++
 2 files changed, 87 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/fengwenyi/javalib/http/client/impl/OkHttpClient.java b/src/main/java/com/fengwenyi/javalib/http/client/impl/OkHttpClient.java
index a605e86..a3428e9 100644
--- a/src/main/java/com/fengwenyi/javalib/http/client/impl/OkHttpClient.java
+++ b/src/main/java/com/fengwenyi/javalib/http/client/impl/OkHttpClient.java
@@ -9,8 +9,13 @@
 import com.fengwenyi.javalib.util.StrUtils;
 import okhttp3.*;
 
+import javax.net.ssl.*;
 import java.io.IOException;
 import java.rmi.RemoteException;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.cert.X509Certificate;
 import java.time.Duration;
 import java.util.List;
 import java.util.Map;
@@ -36,6 +41,8 @@ public Response execute(Request request, Request.Option option) throws IOExcepti
 
     private okhttp3.OkHttpClient client(Request.Option option) {
         okhttp3.OkHttpClient.Builder builder = new okhttp3.OkHttpClient.Builder();
+        HostnameVerifier hostnameVerifier = null;
+        SSLSocketFactory sslContextFactory = null;
         if (Objects.nonNull(option)) {
             Integer connectTimeoutSecond = getTimeoutSecond(option.getConnectTimeoutSecond());
             if (Objects.nonNull(connectTimeoutSecond)) {
@@ -45,7 +52,17 @@ private okhttp3.OkHttpClient client(Request.Option option) {
             if (Objects.nonNull(readTimeoutSecond)) {
                 builder.readTimeout(Duration.ofSeconds(readTimeoutSecond));
             }
+            hostnameVerifier = option.getHostnameVerifier();
+            sslContextFactory = option.getSslContextFactory();
         }
+        if (Objects.isNull(hostnameVerifier)) {
+            hostnameVerifier = getIgnoreSslHostnameVerifier();
+        }
+        if (Objects.isNull(sslContextFactory)) {
+            sslContextFactory = getIgnoreInitedSslContext().getSocketFactory();
+        }
+        builder.sslSocketFactory(sslContextFactory, IGNORE_SSL_TRUST_MANAGER_X509);
+        builder.hostnameVerifier(hostnameVerifier);
         return builder.build();
     }
 
@@ -194,7 +211,6 @@ private Response upload(Request request, Request.Option option) {
         // 创建 MediaType 对象
         MediaType mediaType = MediaType.parse("multipart/form-data; charset=utf-8");
 
-
         MultipartBody.Builder bodyBuilder = new MultipartBody.Builder();
         bodyBuilder.setType(MultipartBody.FORM);
 
@@ -226,4 +242,67 @@ private Map<String, String> getHeaderMap(Request.Option option) {
         return option.getHeaders();
     }
 
+    /**
+     * Get initialized SSLContext instance which ignored SSL certification
+     *
+     * @return
+     * @throws NoSuchAlgorithmException
+     * @throws KeyManagementException
+     */
+    public static SSLContext getIgnoreInitedSslContext() {
+        SSLContext sslContext = null;
+        try {
+            sslContext = SSLContext.getInstance("SSL");
+        } catch (NoSuchAlgorithmException e) {
+            throw new RuntimeException(e);
+        }
+        try {
+            sslContext.init(null, trustAllCerts, new SecureRandom());
+        } catch (KeyManagementException e) {
+            throw new RuntimeException(e);
+        }
+        return sslContext;
+    }
+
+    private static final TrustManager[] trustAllCerts = new TrustManager[] {
+            new X509TrustManager() {
+                @Override
+                public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {
+                }
+
+                @Override
+                public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {
+                }
+
+                @Override
+                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+                    return new java.security.cert.X509Certificate[]{};
+                }
+            }
+    };
+
+    /**
+     * Get HostnameVerifier which ignored SSL certification
+     *
+     * @return
+     */
+    public static HostnameVerifier getIgnoreSslHostnameVerifier() {
+        return (hostname, sslSession ) -> true;
+    }
+
+    public static final X509TrustManager IGNORE_SSL_TRUST_MANAGER_X509 = new X509TrustManager() {
+        @Override
+        public void checkClientTrusted(X509Certificate[] chain, String authType) {
+        }
+
+        @Override
+        public void checkServerTrusted(X509Certificate[] chain, String authType) {
+        }
+
+        @Override
+        public X509Certificate[] getAcceptedIssuers() {
+            return new X509Certificate[] {};
+        }
+    };
+
 }
diff --git a/src/test/java/com/fengwenyi/javalib/http/HttpUtilsTests.java b/src/test/java/com/fengwenyi/javalib/http/HttpUtilsTests.java
index 1c15a33..f4eb94e 100644
--- a/src/test/java/com/fengwenyi/javalib/http/HttpUtilsTests.java
+++ b/src/test/java/com/fengwenyi/javalib/http/HttpUtilsTests.java
@@ -71,4 +71,11 @@ public void testFull() {
         }
     }
 
+    @Test
+    public void testGetXzqh() {
+        String url = "https://www.mca.gov.cn/mzsj/xzqh/2023/202301xzqh.html";
+        String result = HttpUtils.get(url);
+        System.out.println(result);
+    }
+
 }