0

嘿,我正在尽力将这个工作 CURL 脚本转换为 Java:

@ECHO off
set COOKIES=.\cookies.txt
set USER=myUN
set PASSWORD="myPW"
set HOST=https://zzzzzzz.zzzzz.zz.zz:9443

cls

ECHO "Get the session cookie-------------------------------------"
    set out1 = curl -k -c %cookies% "%host%/qm/authenticated/identity" > nul
ECHO "-----------------------------------------------------------"

ECHO "Use the session cookie to logon----------------------------"
    curl -k -L -b %COOKIES% -c %COOKIES% -d j_username=%USER% -d j_password=%PASSWORD% %host%/qm/authenticated/j_security_check > nul
ECHO "-----------------------------------------------------------"

ECHO "Use the cookie to get the catalog--------------------------"
    curl -k -L -b %COOKIES% -H "Accept: application/xml" %host%/qm/process/project-areas/_zzzzzzzzzzzzzzzzzzzz/members
ECHO "-----------------------------------------------------------"

在哪里:

               -k: Allow insecure server connections when using SSL
    -c <filename>: Write cookies to <filename> after operation
               -L: Follow redirects
        -b <data>: Send cookies from string/file
-H <header/@file>: Pass custom header(s) to server
        -d <data>: HTTP POST data

我已经搜索了包含创建 cookie 示例的 java 代码,但我还没有找到可以帮助我处理上面的代码的东西。

我能找到并修改的最接近的POST调用是:

CookieStore cookieStore = new BasicCookieStore();
String USER     = "myUN";
String PASSWORD = "myPW";
String HOST     = "https://zzzzzzz.zzzzz.zz.zz:9443";

// CookieSpecs.STANDARD is the RFC 6265 compliant policy
RequestConfig requestConfig = RequestConfig
                              .custom()
                              .setCookieSpec(CookieSpecs.STANDARD)
                              .build();

// automatically follow redirects
CloseableHttpClient client = HttpClients
                            .custom()
                            .setRedirectStrategy(new LaxRedirectStrategy())
                            .setDefaultRequestConfig(requestConfig)
                            .setDefaultCookieStore(cookieStore)
                            .build();
HttpPost postIT                  = new HttpPost(HOST + "/qm/authenticated/identity");
List<NameValuePair> urlParams    = new ArrayList<>();

urlParams.add(new BasicNameValuePair("j_username", USER));
urlParams.add(new BasicNameValuePair("j_password", PASSWORD));
postIT.setEntity(new UrlEncodedFormEntity(urlParams));

HttpResponse mmmCookie = client.execute(postIT);
// ... we have our cookie!

对于postIT,值为:

POST https://zzzzz.zzz.zzzz.zzzz:9443/qm/authenticated/identity HTTP/1.1

但是,它有以下错误:

错误:空

由于postIT有数据,不知道为什么错误为空?因此,我不仅无法运行我所做的修改后的代码,而且我仍然想知道如何使用cookie调用GET命令,即使上面的代码有效。

所以,简而言之:

  • 修复 httpPost 错误。
  • 如何通过其他 GET 方法发送 cookie。

帮助会很棒!

VGR 更新:

public static void main(String[] args) throws IOException {
    Path currentRelativePath = Paths.get("").toAbsolutePath();
    PermissiveTrustManager blah = new PermissiveTrustManager();

    blah.readMembers("https://zzzzzz.zzzz.zz.zzz:9443", "zzzzzz", "zzzzzzz", currentRelativePath);
}

错误在这一行:

check(tm -> tm.checkServerTrusted(certChain, authType, socket), socket);

certChain、authType 和 socket 里面都有数据。

4

1 回答 1

1

由于我们不知道是什么导致了您的神秘错误,我建议放弃第三方库,并使用 java.net 包:

public void readMembers(String schemeAndAuthority,
                        String username,
                        String password,
                        Path membersFileToWrite)
throws IOException {

    URI baseURI = URI.create(schemeAndAuthority);

    CookieHandler oldCookieHandler = CookieHandler.getDefault();
    boolean oldFollowRedirects = HttpURLConnection.getFollowRedirects();

    CookieHandler.setDefault(new CookieManager());
    HttpURLConnection.setFollowRedirects(true);

    try {
        HttpURLConnection connection;

        URI authURI = baseURI.resolve("/qm/authenticated/identity");
        connection = (HttpURLConnection) authURI.toURL().openConnection();
        connection.getResponseCode();

        URI securityURI = baseURI.resolve(
            "/qm/authenticated/j_security_check");
        String postData = 
            "j_username=" + URLEncoder.encode(username, "UTF-8") + "&" +
            "j_password=" + URLEncoder.encode(password, "UTF-8");
        connection = (HttpURLConnection)
            securityURI.toURL().openConnection();
        connection.setRequestMethod("POST");
        connection.setRequestProperty("Content-Type",
            "application/x-www-form-urlencoded");
        connection.setDoOutput(true);
        try (OutputStream postBody = connection.getOutputStream()) {
            postBody.write(postData.getBytes(StandardCharsets.UTF_8));
        }
        connection.getResponseCode();

        URI catalogURI = baseURI.resolve(
            "/qm/process/project-areas/_zzzzzzzzzzzzzzzzzzzz/members");
        connection = (HttpURLConnection)
            catalogURI.toURL().openConnection();
        connection.setRequestProperty("Accept", "application/xml");
        try (InputStream responseBody = connection.getInputStream()) {
            Files.copy(responseBody, membersFileToWrite);
        }
    } finally {
        CookieHandler.setDefault(oldCookieHandler);
        HttpURLConnection.setFollowRedirects(oldFollowRedirects);
    }
}

但是,上面的代码没有提供相当于 curl 的-k选项。为此,我们必须创建一个自定义SSLContext ,使用允许所有证书的TrustManager进行初始化:

static class PermissiveTrustManager
extends X509ExtendedTrustManager {
    private final X509ExtendedTrustManager[] realTrustManagers;

    private interface Checker {
        void checkWith(X509ExtendedTrustManager realTrustManager)
        throws CertificateException;
    }

    PermissiveTrustManager() {
        TrustManagerFactory factory;
        try {
            factory = TrustManagerFactory.getInstance(
                TrustManagerFactory.getDefaultAlgorithm());
            factory.init((KeyStore) null);
        } catch (GeneralSecurityException e) {
            // We should not be able to get here.
            throw new RuntimeException(e);
        }

        TrustManager[] allTrustManagers = factory.getTrustManagers();
        realTrustManagers = Arrays.stream(allTrustManagers)
            .filter(tm -> tm instanceof X509ExtendedTrustManager)
            .map(tm -> (X509ExtendedTrustManager) tm)
            .toArray(X509ExtendedTrustManager[]::new);

    }

    private void check(Checker checker) {
        try {
            for (X509ExtendedTrustManager realTrustManager : realTrustManagers) {
                checker.checkWith(realTrustManager);
            }
        } catch (CertificateException e) {
            System.err.println("Ignoring invalid certificate");
            e.printStackTrace();
        }
    }

    private void check(Checker checker,
                       Socket socket) {
        try {
            for (X509ExtendedTrustManager realTrustManager : realTrustManagers) {
                checker.checkWith(realTrustManager);
            }
        } catch (CertificateException e) {
            System.err.println("Ignoring invalid certificate for " + 
                socket.getRemoteSocketAddress());
            e.printStackTrace();
        }
    }

    @Override
    public void checkClientTrusted(X509Certificate[] certChain,
                                   String authType,
                                   Socket socket) {
        check(tm -> tm.checkClientTrusted(certChain, authType, socket), socket);
    }

    @Override
    public void checkClientTrusted(X509Certificate[] certChain,
                                   String authType,
                                   SSLEngine engine) {
        check(tm -> tm.checkClientTrusted(certChain, authType, engine));
    }

    @Override
    public void checkServerTrusted(X509Certificate[] certChain,
                                   String authType,
                                   Socket socket) {
        check(tm -> tm.checkServerTrusted(certChain, authType, socket), socket);
    }

    @Override
    public void checkServerTrusted(X509Certificate[] certChain,
                                   String authType,
                                   SSLEngine engine) {
        check(tm -> tm.checkServerTrusted(certChain, authType, engine));
    }

    @Override
    public void checkClientTrusted(X509Certificate[] certChain,
                                   String authType) {
        check(tm -> tm.checkClientTrusted(certChain, authType));
    }

    @Override
    public void checkServerTrusted(X509Certificate[] certChain,
                                   String authType) {
        check(tm -> tm.checkServerTrusted(certChain, authType));
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}

private static SSLContext createPermissiveSSLContext()
throws IOException {

    TrustManager[] trustManagers = { new PermissiveTrustManager() };

    try {
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, trustManagers, null);
        return context;
    } catch (GeneralSecurityException e) {
        throw new IOException(e);
    }
}

public void readMembers(String schemeAndAuthority,
                        String username,
                        String password,
                        Path membersFileToWrite)
throws IOException {

    URI baseURI = URI.create(schemeAndAuthority);

    CookieHandler oldCookieHandler = CookieHandler.getDefault();
    boolean oldFollowRedirects = HttpURLConnection.getFollowRedirects();
    SSLContext oldSSLContext = null;
    try {
        oldSSLContext = SSLContext.getDefault();
    } catch (GeneralSecurityException e) {
        e.printStackTrace();
    }

    CookieHandler.setDefault(new CookieManager());
    HttpURLConnection.setFollowRedirects(true);
    SSLContext.setDefault(createPermissiveSSLContext());

    try {
        HttpURLConnection connection;

        URI authURI = baseURI.resolve("/qm/authenticated/identity");
        connection = (HttpURLConnection) authURI.toURL().openConnection();
        connection.getResponseCode();

        URI securityURI = baseURI.resolve(
            "/qm/authenticated/j_security_check");
        String postData = 
            "j_username=" + URLEncoder.encode(username, "UTF-8") + "&" +
            "j_password=" + URLEncoder.encode(password, "UTF-8");
        connection = (HttpURLConnection)
            securityURI.toURL().openConnection();
        connection.setRequestMethod("POST");
        connection.setRequestProperty("Content-Type",
            "application/x-www-form-urlencoded");
        connection.setDoOutput(true);
        try (OutputStream postBody = connection.getOutputStream()) {
            postBody.write(postData.getBytes(StandardCharsets.UTF_8));
        }
        connection.getResponseCode();

        URI catalogURI = baseURI.resolve(
            "/qm/process/project-areas/_zzzzzzzzzzzzzzzzzzzz/members");
        connection = (HttpURLConnection)
            catalogURI.toURL().openConnection();
        connection.setRequestProperty("Accept", "application/xml");
        try (InputStream responseBody = connection.getInputStream()) {
            Files.copy(responseBody, membersFileToWrite);
        }
    } finally {
        CookieHandler.setDefault(oldCookieHandler);
        HttpURLConnection.setFollowRedirects(oldFollowRedirects);
        if (oldSSLContext != null) {
            SSLContext.setDefault(oldSSLContext);
        }
    }
}

显然,我没有办法对此进行测试。

您可以像这样调用该方法:

new CatalogRetriever().readMembers(
    "https://zzzzzzz.zzzzz.zz.zz:9443", "myUN", "myPW",
    Paths.get("members"));

URI docs 中所述,该方案是http:orhttps:部分。权限//后跟主机名/端口(以及可选的用户/密码,具体取决于协议)。

于 2020-03-10T17:43:52.457 回答