diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/mservice/BIPService.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/mservice/BIPService.java index 5c34b8b..15249d3 100644 --- a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/mservice/BIPService.java +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/mservice/BIPService.java @@ -3,32 +3,20 @@ package shkd.sys.sys.mservice; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; -import kd.bos.dataentity.entity.DynamicObject; import kd.bos.logging.Log; import kd.bos.logging.LogFactory; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpHeaders; -import org.springframework.http.HttpMethod; -import org.springframework.http.ResponseEntity; -import org.springframework.web.client.RestTemplate; -import org.springframework.web.util.UriComponentsBuilder; -import org.apache.http.conn.ssl.NoopHostnameVerifier; -import org.apache.http.conn.ssl.SSLConnectionSocketFactory; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; -import org.apache.http.ssl.SSLContextBuilder; -import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; import shkd.sys.sys.common.ApiEntity; -import javax.net.ssl.SSLContext; -import java.security.KeyManagementException; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; - import javax.crypto.Mac; import javax.crypto.spec.SecretKeySpec; +import javax.net.ssl.*; +import java.io.BufferedReader; +import java.io.InputStreamReader; +import java.net.HttpURLConnection; +import java.net.URL; import java.net.URLEncoder; import java.nio.charset.StandardCharsets; +import java.security.cert.X509Certificate; import java.util.Base64; import java.util.HashMap; import java.util.Map; @@ -45,41 +33,89 @@ public class BIPService { String access_token = null; long currentTimeMillis = System.currentTimeMillis(); try { - RestTemplate restTemplate = new RestTemplate(); - HttpHeaders httpHeaders = new HttpHeaders(); - HttpEntity objectHttpEntity = new HttpEntity<>(httpHeaders); - String signature = generateSignature("appKey22564a240d3140d0b15582aca71a748ctimestamp" + currentTimeMillis); - logger.info("getBIPToken\ntimestamp:{}\nsignature:{}", currentTimeMillis, signature); - UriComponentsBuilder builder = UriComponentsBuilder.fromUriString("https://biptest.ctny.com.cn/iuap-api-auth/open-auth/selfAppAuth/getAccessToken") - .queryParam("appKey", "22564a240d3140d0b15582aca71a748c") - .queryParam("timestamp", currentTimeMillis) - .queryParam("signature", signature); - ResponseEntity exchange = restTemplate.exchange(builder.build().toString(), HttpMethod.GET, objectHttpEntity, String.class); - JSONObject jsonObject = JSON.parseObject(exchange.getBody()); - if ("00000".equals(jsonObject.getString("code"))){ + // 禁用 SSL 证书验证 + disableSSLCertificateChecking(); +// RestTemplate restTemplate = new RestTemplate(); + String appKey = "22564a240d3140d0b15582aca71a748c"; + String timestamp = String.valueOf(currentTimeMillis); + String signature = generateSignature("appKey" + appKey + "timestamp" + timestamp); + + // 构建URL + String urlString = "https://biptest.ctny.com.cn/iuap-api-auth/open-auth/selfAppAuth/getAccessToken" + + "?appKey=22564a240d3140d0b15582aca71a748c" + + "×tamp=" + currentTimeMillis + + "&signature=" + signature; + + URL url = new URL(urlString); + + HttpURLConnection connection = (HttpURLConnection) url.openConnection(); + connection.setRequestMethod("GET"); + connection.setRequestProperty("Accept", "application/json"); + + int responseCode = connection.getResponseCode(); + if (responseCode == HttpURLConnection.HTTP_OK) { + // 读取响应 + BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream())); + String inputLine; + StringBuilder response = new StringBuilder(); + + while ((inputLine = in.readLine()) != null) { + response.append(inputLine); + } + in.close(); + + // 解析响应 + JSONObject jsonObject = JSON.parseObject(response.toString()); JSONObject data = jsonObject.getJSONObject("data"); access_token = data.getString("access_token"); - logger.info("getBIPToken → access_token:{}", access_token); - return access_token; + logger.info("getBIPToken → 接口调用成功,access_token: {}", access_token); + } else { + logger.error("getBIPToken → 接口调用失败,状态码: {}", responseCode); } } catch (Exception e) { - logger.info("报错信息 error:" + e); + logger.error("getBIPToken → 调用接口报错: {}", e.getMessage()); } return access_token; } - private static RestTemplate createRestTemplateIgnoringSsl() throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException { - SSLContext sslContext = new SSLContextBuilder() - .loadTrustMaterial(null, (chain, authType) -> true) - .build(); + public static SSLContext createInsecureSSLContext() throws Exception { + // 创建一个信任所有证书的 TrustManager + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public X509Certificate[] getAcceptedIssuers() { + return new X509Certificate[0]; + } - SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE); - CloseableHttpClient httpClient = HttpClients.custom() - .setSSLSocketFactory(socketFactory) - .build(); + public void checkClientTrusted(X509Certificate[] certs, String authType) { + } - HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient); - return new RestTemplate(factory); + public void checkServerTrusted(X509Certificate[] certs, String authType) { + } + } + }; + + // 安装信任所有证书的 TrustManager + SSLContext sslContext = SSLContext.getInstance("TLS"); + sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); + return sslContext; + } + + public static void disableSSLCertificateChecking() { + try { + // 创建一个信任所有证书的 SSLContext + SSLContext sslContext = createInsecureSSLContext(); + + // 设置 HttpsURLConnection 使用这个 SSLContext + HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); + + // 创建一个 HostnameVerifier,信任所有主机名 + HostnameVerifier allHostsValid = (hostname, session) -> true; + + // 安装这个 HostnameVerifier + HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); + } catch (Exception e) { + e.printStackTrace(); + } } private static String generateSignature(String toSign) throws Exception {