商汤的图片换https访问

2023-01-16 15:33:58 +08:00 · 2023-01-16 15:33:58 +08:00 · eba1536eb9
parent 0e96fbeafd
commit eba1536eb9
1 changed files with 60 additions and 2 deletions
--- a/src/main/java/com/hisense/monitormanage/controller/FordController.java
+++ b/src/main/java/com/hisense/monitormanage/controller/FordController.java
@ -2,35 +2,93 @@ package com.hisense.monitormanage.controller;

 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import lombok.extern.log4j.Log4j2;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;

+import javax.net.ssl.*;
 import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.InputStream;
 import java.net.URL;
 import java.net.URLConnection;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;

@Controller
@Api(tags = "转发")
+@Log4j2
 public class FordController {
+    /**
+     * 覆盖java默认的证书验证
+     */
+    private static final TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
+        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+            return new java.security.cert.X509Certificate[]{};
+        }
+
+        public void checkClientTrusted(X509Certificate[] chain, String authType)
+                throws CertificateException {
+        }
+
+        public void checkServerTrusted(X509Certificate[] chain, String authType)
+                throws CertificateException {
+        }
+    }};
+
+    /**
+     * 设置不验证主机
+     */
+    private static final HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
+        public boolean verify(String hostname, SSLSession session) {
+            return true;
+        }
+    };
+
+    /**
+     * 信任所有
+     *
+     * @param connection
+     * @return
+     */
+    private static SSLSocketFactory trustAllHosts(HttpsURLConnection connection) {
+        SSLSocketFactory oldFactory = connection.getSSLSocketFactory();
+        try {
+            SSLContext sc = SSLContext.getInstance("TLS");
+            sc.init(null, trustAllCerts, new java.security.SecureRandom());
+            SSLSocketFactory newFactory = sc.getSocketFactory();
+            connection.setSSLSocketFactory(newFactory);
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return oldFactory;
+    }

    @GetMapping("components/**")
    @ApiOperation("前端访问图片请求转发")
    public void ford(HttpServletRequest request, HttpServletResponse response) {

-        String imageDomain = "http://10.132.191.48:30080";
+        String imageDomain = "https://10.132.191.47:30443";

        String uri = request.getRequestURI();
-        String fordUrl = imageDomain + uri;
+        String fordUrl = imageDomain + uri + "?" + request.getQueryString();

        URLConnection con = null;
+        log.info("图片地址：" + fordUrl);

        try {
            URL url = new URL(fordUrl);
            con = url.openConnection();

+            if (imageDomain.startsWith("https")) {
+                HttpsURLConnection https = (HttpsURLConnection) con;
+                trustAllHosts(https);
+                https.setHostnameVerifier(DO_NOT_VERIFY);
+                con = https;
+            }
+
+
            //允许写出
            con.setDoOutput(true);
            //允许读入