| | |
|---|
| | | import java.util.HashMap; |
|---|
| | | import java.util.List; |
|---|
| | | import java.util.Map; |
|---|
| | | import javax.net.ssl.HttpsURLConnection; |
|---|
| | | import javax.net.ssl.SSLContext; |
|---|
| | | import javax.net.ssl.TrustManager; |
|---|
| | | import javax.net.ssl.X509TrustManager; |
|---|
| | | import java.security.cert.X509Certificate; |
|---|
| | | |
|---|
| | | import com.ruoyi.system.domain.*; |
|---|
| | | import com.ruoyi.system.service.*; |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 发送HTTP POST请求 |
|---|
| | | * 发送HTTP/HTTPS POST请求 |
|---|
| | | * 支持HTTPS自签名证书 |
|---|
| | | */ |
|---|
| | | private String sendHttpPost(String urlString, Map<String, String> params) throws Exception { |
|---|
| | | URL url = new URL(urlString); |
|---|
| | | HttpURLConnection conn = (HttpURLConnection) url.openConnection(); |
|---|
| | | |
|---|
| | | // 如果是HTTPS请求,配置SSL信任所有证书 |
|---|
| | | if (conn instanceof HttpsURLConnection) { |
|---|
| | | HttpsURLConnection httpsConn = (HttpsURLConnection) conn; |
|---|
| | | httpsConn.setSSLSocketFactory(createTrustAllSSLContext().getSocketFactory()); |
|---|
| | | httpsConn.setHostnameVerifier((hostname, session) -> true); // 信任所有主机名 |
|---|
| | | log.debug("配置HTTPS连接,信任所有SSL证书,URL: {}", urlString); |
|---|
| | | } |
|---|
| | | |
|---|
| | | try { |
|---|
| | | // 设置连接属性 |
|---|
| | |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | log.error("请求失败,请求URL {},参数 {}",urlString,postData); |
|---|
| | | |
|---|
| | | throw new Exception("HTTP请求失败,响应码: " + responseCode); |
|---|
| | | throw new Exception("HTTP/HTTPS请求失败,响应码: " + responseCode); |
|---|
| | | } |
|---|
| | | |
|---|
| | | } finally { |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 创建信任所有SSL证书的SSLContext |
|---|
| | | * 用于支持自签名证书的HTTPS请求 |
|---|
| | | * |
|---|
| | | * 注意:此方法会信任所有SSL证书,包括自签名证书 |
|---|
| | | * 仅用于与旧系统的内部通信,生产环境建议使用正规CA证书 |
|---|
| | | */ |
|---|
| | | private SSLContext createTrustAllSSLContext() throws Exception { |
|---|
| | | // 创建信任所有证书的TrustManager |
|---|
| | | TrustManager[] trustAllCerts = new TrustManager[] { |
|---|
| | | new X509TrustManager() { |
|---|
| | | @Override |
|---|
| | | public X509Certificate[] getAcceptedIssuers() { |
|---|
| | | return null; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public void checkClientTrusted(X509Certificate[] certs, String authType) { |
|---|
| | | // 信任所有客户端证书 |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public void checkServerTrusted(X509Certificate[] certs, String authType) { |
|---|
| | | // 信任所有服务器证书 |
|---|
| | | } |
|---|
| | | } |
|---|
| | | }; |
|---|
| | | |
|---|
| | | // 安装信任所有证书的TrustManager |
|---|
| | | SSLContext sslContext = SSLContext.getInstance("TLS"); |
|---|
| | | sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); |
|---|
| | | return sslContext; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 解析旧系统响应 |
|---|
| | | * 预期格式: "OK:ServiceOrdID" 或错误信息 |
|---|
| | | */ |
|---|
