:
Digest Auth 摘要认证
2024年08月09日 14:01
1、该代码展示了使用Apache HttpClient库进行HTTP请求,并处理基于MD5的HTTP Digest认证的过程。 Digests类实现了MD5加密算法,HttpUtils类处理了GET、POST、PUT和DELETE方法的请求,包括设置请求头、生成授权信息和处理响应。
2、请求流程
2.1.发送一个请求
2.2.服务器返回401响应头,要求输入用户凭据(建立通信,发起请求。如果返回401,继续下一次请求。重新设置响应,并获取随机数,通过md5加密返回)
2.3.输入凭据后再发送请求
2.4.服务端验证通过后返回数据
2.4代码示例:本案例使用xml请求并返回xml数据响应,json请求同理
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>
<version>4.5</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
<version>4.4.1</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.8.1</version>
</dependency>
package com.ywb.common.utils.http; import com.ywb.common.constant.Constants; import org.junit.Test; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import javax.net.ssl.*; import java.io.*; import java.net.ConnectException; import java.net.SocketTimeoutException; import java.net.URL; import java.net.URLConnection; import java.security.cert.X509Certificate; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.lang3.StringUtils; import org.apache.http.Header; import org.apache.http.HeaderElement; import org.apache.http.HttpEntity; import org.apache.http.HttpStatus; import org.apache.http.client.config.RequestConfig; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpPost; import org.apache.http.entity.StringEntity; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.util.EntityUtils; import java.io.*; import java.nio.charset.StandardCharsets; import java.util.HashMap; /** * 通用http发送方法 * * @author ywb */ public class HttpUtils { private static final Logger log = LoggerFactory.getLogger(HttpUtils.class); /** * 向指定 URL 发送GET方法的请求 * * @param url 发送请求的 URL * @param param 请求参数,请求参数应该是 name1=value1&name2=value2 的形式。 * @return 所代表远程资源的响应结果 */ public static String sendGet(String url, String param) { return sendGet(url, param, Constants.UTF8); } /** * 向指定 URL 发送GET方法的请求 * * @param url 发送请求的 URL * @param param 请求参数,请求参数应该是 name1=value1&name2=value2 的形式。 * @param contentType 编码类型 * @return 所代表远程资源的响应结果 */ public static String sendGet(String url, String param, String contentType) { StringBuilder result = new StringBuilder(); BufferedReader in = null; try { String urlNameString = url + "?" + param; log.info("sendGet - {}", urlNameString); URL realUrl = new URL(urlNameString); URLConnection connection = realUrl.openConnection(); connection.setRequestProperty("accept", "*/*"); connection.setRequestProperty("connection", "Keep-Alive"); connection.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); connection.connect(); in = new BufferedReader(new InputStreamReader(connection.getInputStream(), contentType)); String line; while ((line = in.readLine()) != null) { result.append(line); } log.info("recv - {}", result); } catch (ConnectException e) { log.error("调用HttpUtils.sendGet ConnectException, url=" + url + ",param=" + param, e); } catch (SocketTimeoutException e) { log.error("调用HttpUtils.sendGet SocketTimeoutException, url=" + url + ",param=" + param, e); } catch (IOException e) { log.error("调用HttpUtils.sendGet IOException, url=" + url + ",param=" + param, e); } catch (Exception e) { log.error("调用HttpsUtil.sendGet Exception, url=" + url + ",param=" + param, e); } finally { try { if (in != null) { in.close(); } } catch (Exception ex) { log.error("调用in.close Exception, url=" + url + ",param=" + param, ex); } } return result.toString(); } /** * 向指定 URL 发送POST方法的请求 * * @param url 发送请求的 URL * @param param 请求参数,请求参数应该是 name1=value1&name2=value2 的形式。 * @return 所代表远程资源的响应结果 */ public static String sendPost(String url, String param) { PrintWriter out = null; BufferedReader in = null; StringBuilder result = new StringBuilder(); try { String urlNameString = url; log.info("sendPost - {}", urlNameString); URL realUrl = new URL(urlNameString); URLConnection conn = realUrl.openConnection(); conn.setRequestProperty("accept", "*/*"); conn.setRequestProperty("connection", "Keep-Alive"); conn.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); conn.setRequestProperty("Accept-Charset", "utf-8"); conn.setRequestProperty("contentType", "utf-8"); conn.setDoOutput(true); conn.setDoInput(true); out = new PrintWriter(conn.getOutputStream()); out.print(param); out.flush(); in = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8")); String line; while ((line = in.readLine()) != null) { result.append(line); } log.info("recv - {}", result); } catch (ConnectException e) { log.error("调用HttpUtils.sendPost ConnectException, url=" + url + ",param=" + param, e); } catch (SocketTimeoutException e) { log.error("调用HttpUtils.sendPost SocketTimeoutException, url=" + url + ",param=" + param, e); } catch (IOException e) { log.error("调用HttpUtils.sendPost IOException, url=" + url + ",param=" + param, e); } catch (Exception e) { log.error("调用HttpsUtil.sendPost Exception, url=" + url + ",param=" + param, e); } finally { try { if (out != null) { out.close(); } if (in != null) { in.close(); } } catch (IOException ex) { log.error("调用in.close Exception, url=" + url + ",param=" + param, ex); } } return result.toString(); } public static String sendSSLPost(String url, String param) { StringBuilder result = new StringBuilder(); String urlNameString = url + "?" + param; try { log.info("sendSSLPost - {}", urlNameString); SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom()); URL console = new URL(urlNameString); HttpsURLConnection conn = (HttpsURLConnection) console.openConnection(); conn.setRequestProperty("accept", "*/*"); conn.setRequestProperty("connection", "Keep-Alive"); conn.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); conn.setRequestProperty("Accept-Charset", "utf-8"); conn.setRequestProperty("contentType", "utf-8"); conn.setDoOutput(true); conn.setDoInput(true); conn.setSSLSocketFactory(sc.getSocketFactory()); conn.setHostnameVerifier(new TrustAnyHostnameVerifier()); conn.connect(); InputStream is = conn.getInputStream(); BufferedReader br = new BufferedReader(new InputStreamReader(is)); String ret = ""; while ((ret = br.readLine()) != null) { if (ret != null && !"".equals(ret.trim())) { result.append(new String(ret.getBytes("ISO-8859-1"), "utf-8")); } } log.info("recv - {}", result); conn.disconnect(); br.close(); } catch (ConnectException e) { log.error("调用HttpUtils.sendSSLPost ConnectException, url=" + url + ",param=" + param, e); } catch (SocketTimeoutException e) { log.error("调用HttpUtils.sendSSLPost SocketTimeoutException, url=" + url + ",param=" + param, e); } catch (IOException e) { log.error("调用HttpUtils.sendSSLPost IOException, url=" + url + ",param=" + param, e); } catch (Exception e) { log.error("调用HttpsUtil.sendSSLPost Exception, url=" + url + ",param=" + param, e); } return result.toString(); } /** * 摘要认证 两次请求 * * @param url * @return 返回结果 */ public static String doPostDigest(String url, String uri, String username, String password, String requestXml) { CloseableHttpClient httpClient = null; CloseableHttpResponse response = null; HttpPost httpPost = null; String strResponse = null; try { httpClient = HttpClients.createDefault(); // httpClient = new SSLClient(); httpPost = new HttpPost(url); // 构造请求头 httpPost.setHeader("Content-Type", "application/xml"); httpPost.setHeader("X-Requested-With", "XMLHttpRequest"); httpPost.addHeader("Cache-Control", "no-cache"); //设置缓存 httpPost.setHeader("Connection", "Close"); RequestConfig.Builder builder = RequestConfig.custom(); builder.setSocketTimeout(5000); //设置请求时间 builder.setConnectTimeout(8000); //设置超时时间 builder.setRedirectsEnabled(false);//设置是否跳转链接(反向代理) // 设置 连接 属性 httpPost.setConfig(builder.build()); StringEntity entityss = new StringEntity(requestXml, "utf-8"); httpPost.setEntity(entityss); // 执行请求 response = httpClient.execute(httpPost); HttpEntity responseEntity = response.getEntity(); // 检验返回码 int statusCode = response.getStatusLine().getStatusCode(); log.debug("第一次发送摘要认证 Post请求 返回码:{}" + statusCode); if (401 == statusCode) { strResponse = EntityUtils.toString(responseEntity, "utf-8"); log.debug("Post请求401返回结果:{}" + strResponse); // 组织参数,发起第二次请求 Header[] headers = response.getHeaders("WWW-Authenticate"); HeaderElement[] elements = headers[0].getElements(); String realm = null; String qop = null; String nonce = null; String opaque = null; String method = "POST"; for (HeaderElement element : elements) { if (element.getName().equals("Digest realm")) { realm = element.getValue(); } else if (element.getName().equals("qop")) { qop = element.getValue(); } else if (element.getName().equals("nonce")) { nonce = element.getValue(); } else if (element.getName().equals("opaque")) { opaque = element.getValue(); } } // 以上为 获取第一次请求后返回的 数据 String nc = "00000001"; String cnonce = "uniview"; // 后期变成可配置 String a1 = username + ":" + realm + ":" + password; String a2 = method + ":" + uri; String response1 = null; // 获取 Digest 这个字符串 String backString = response.getFirstHeader("WWW-Authenticate").getValue(); try { response1 = DigestUtils.md5Hex((DigestUtils.md5Hex(a1.getBytes("UTF-8")) + ":" + nonce + ":" + nc + ":" + "uniview" + ":" + qop + ":" + DigestUtils.md5Hex(a2.getBytes("UTF-8"))).getBytes("UTF-8")); } catch (UnsupportedEncodingException e) { log.error("MD5异常:{}" + e.getLocalizedMessage(), e); } httpPost.addHeader("Authorization", backString + ",username=\"" + username + "\"" + ",realm=\"" + realm + "\"" + ",nonce=\"" + nonce + "\"" + ",uri=\"" + uri + "\"" + ",qop=\"" + qop + "\"" + ",nc=\"" + nc + "\"" + ",cnonce=\"" + cnonce + "\"" + ",response=\"" + response1 + "\"" + ",opaque=\"" + opaque); // 发送第二次请求 response = httpClient.execute(httpPost); HttpEntity entity = response.getEntity(); int statusCode1 = response.getStatusLine().getStatusCode(); log.debug("第二次发送摘要认证 Post请求 返回码:{}" + statusCode1); if (HttpStatus.SC_OK == statusCode1) { strResponse = EntityUtils.toString(entity, StandardCharsets.UTF_8); log.debug("第二次发送strResponse" + strResponse); return strResponse; } else { strResponse = EntityUtils.toString(entity, StandardCharsets.UTF_8); log.debug("第二次鉴权认证请求非 200 返回结果:{}" + strResponse); return strResponse; } } else { strResponse = EntityUtils.toString(responseEntity, StandardCharsets.UTF_8); log.error("第一次鉴权认证请求非401 返回结果:{}" + strResponse); } } catch (Exception e) { log.error("摘要认证 发送请求失败" + e.getLocalizedMessage(), e); } finally { if (null != httpPost) { httpPost.releaseConnection(); } if (null != response) { try { response.close(); } catch (IOException e) { log.error("httpResponse流关闭异常:", e); } } if (null != httpClient) { try { httpClient.close(); } catch (IOException e) { log.error("httpClient 流关闭异常:", e); } } } return strResponse; } private static class TrustAnyTrustManager implements X509TrustManager { @Override public void checkClientTrusted(X509Certificate[] chain, String authType) { } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[]{}; } } private static class TrustAnyHostnameVerifier implements HostnameVerifier { @Override public boolean verify(String hostname, SSLSession session) { return true; } } @Test public void testHttpPostRaw() { final String url = "http://18.18.167.120/ISAPI/Traffic/ContentMgmt/Statistic/operator"; final String uri = "/ISAPI/Traffic/ContentMgmt/Statistic/operator"; final String encode = "utf-8"; String requestXml = "<?xml version='1.0' encoding='utf-8'?>" + "<StatisticOperator>" + "<operationType>search</operationType>" + "<searchCond>" + "<searchID>CAD8E0D6-1480-0001-C0B7-1E50E290140D</searchID>" + "<timeSpanList><timeSpan>" + "<startTime>2024-06-21T15:25:10Z</startTime>" + "<endTime>2024-06-21T15:27:59Z</endTime>" + "</timeSpan></timeSpanList>" + "<maxResults>20</maxResults>" + "<searchResultPosition>0</searchResultPosition>" + "</searchCond>" + "</StatisticOperator>"; final HashMap<String, String> headers = new HashMap<String, String>(); headers.put("Content-Type", "application/x-www-form-urlencoded"); headers.put("X-Requested-With", "XMLHttpRequest"); System.out.println(doPostDigest(url, uri, "admin", "123456", requestXml)); 响应结果:
<?xml version="1.0" encoding="UTF-8"?>
-<StatisticOperatorResult xmlns="http://www.isapi.org/ver20/XMLSchema" version="2.0">
<statusCode>1</statusCode>
<description>OK</description>
<searchID>CAD8E0D6-1480-0001-C0B7-1E50E290140D</searchID>
<numOfMatches>2</numOfMatches>
<totalMatches>2</totalMatches>
-<StatisticList>
-<Statistic>
<ID max="65535" min="1">1</ID>
<direction>0</direction>
<laneNo>18</laneNo>
<vehicleType>0</vehicleType>
<startTime>2024-06-21T15:26:03</startTime>
<endTime>2024-06-21T15:27:03</endTime>
<timePoint>2024-06-21T15:26:03</timePoint>
<channel>1</channel>
<carFlux>2</carFlux>
<smallCarFlux>0</smallCarFlux>
<bigCarFlux>1</bigCarFlux>
<passerbyFlux>0</passerbyFlux>
<averOccpancy>26.2</averOccpancy>
<averSpeed>0</averSpeed>
<averCarDis>0</averCarDis>
<midCarFlux>0</midCarFlux>
<averTimeOccupancy>50</averTimeOccupancy>
<averQueueLength>35</averQueueLength>
<averTimeHeadway>102</averTimeHeadway>
<nonmotorFlux>1</nonmotorFlux>
</Statistic>
-<Statistic>
<ID max="65535" min="1">2</ID>
<direction>0</direction>
<laneNo>19</laneNo>
<vehicleType>0</vehicleType>
<startTime>2024-06-21T15:26:03</startTime>
<endTime>2024-06-21T15:27:03</endTime>
<timePoint>2024-06-21T15:26:03</timePoint>
<channel>1</channel>
<carFlux>0</carFlux>
<smallCarFlux>0</smallCarFlux>
<bigCarFlux>0</bigCarFlux>
<passerbyFlux>0</passerbyFlux>
<averOccpancy>0.0</averOccpancy>
<averSpeed>0</averSpeed>
<averCarDis>0</averCarDis>
<midCarFlux>0</midCarFlux>
<averTimeOccupancy>0</averTimeOccupancy>
<averQueueLength>0</averQueueLength>
<averTimeHeadway>0</averTimeHeadway>
<nonmotorFlux>0</nonmotorFlux>
</Statistic>
-<Statistic>
<ID max="65535" min="1">3</ID>
<direction>0</direction>
<laneNo>3</laneNo>
<vehicleType>0</vehicleType>
<startTime>2024-06-21T15:26:03</startTime>
<endTime>2024-06-21T15:27:03</endTime>
<timePoint>2024-06-21T15:26:03</timePoint>
<channel>1</channel>
<carFlux>0</carFlux>
<smallCarFlux>0</smallCarFlux>
<bigCarFlux>0</bigCarFlux>
<passerbyFlux>0</passerbyFlux>
<averOccpancy>0.0</averOccpancy>
<averSpeed>0</averSpeed>
<averCarDis>0</averCarDis>
<midCarFlux>0</midCarFlux>
<averTimeOccupancy>0</averTimeOccupancy>
<averQueueLength>0</averQueueLength>
<averTimeHeadway>0</averTimeHeadway>
<nonmotorFlux>0</nonmotorFlux>
</Statistic>
-<Statistic>
<ID max="65535" min="1">4</ID>
<direction>0</direction>
<laneNo>18</laneNo>
<vehicleType>0</vehicleType>
<startTime>2024-06-21T15:27:03</startTime>
<endTime>2024-06-21T15:28:03</endTime>
<timePoint>2024-06-21T15:27:03</timePoint>
<channel>1</channel>
<carFlux>1</carFlux>
<smallCarFlux>0</smallCarFlux>
<bigCarFlux>1</bigCarFlux>
<passerbyFlux>0</passerbyFlux>
<averOccpancy>27.0</averOccpancy>
<averSpeed>0</averSpeed>
<averCarDis>0</averCarDis>
<midCarFlux>0</midCarFlux>
<averTimeOccupancy>98</averTimeOccupancy>
<averQueueLength>35</averQueueLength>
<averTimeHeadway>54</averTimeHeadway>
<nonmotorFlux>0</nonmotorFlux>
</Statistic>
-<Statistic>
<ID max="65535" min="1">5</ID>
<direction>0</direction>
<laneNo>19</laneNo>
<vehicleType>0</vehicleType>
<startTime>2024-06-21T15:27:03</startTime>
<endTime>2024-06-21T15:28:03</endTime>
<timePoint>2024-06-21T15:27:03</timePoint>
<channel>1</channel>
<carFlux>0</carFlux>
<smallCarFlux>0</smallCarFlux>
<bigCarFlux>0</bigCarFlux>
<passerbyFlux>0</passerbyFlux>
<averOccpancy>0.0</averOccpancy>
<averSpeed>0</averSpeed>
<averCarDis>0</averCarDis>
<midCarFlux>0</midCarFlux>
<averTimeOccupancy>0</averTimeOccupancy>
<averQueueLength>0</averQueueLength>
<averTimeHeadway>0</averTimeHeadway>
<nonmotorFlux>0</nonmotorFlux>
</Statistic>
-<Statistic>
<ID max="65535" min="1">6</ID>
<direction>0</direction>
<laneNo>3</laneNo>
<vehicleType>0</vehicleType>
<startTime>2024-06-21T15:27:03</startTime>
<endTime>2024-06-21T15:28:03</endTime>
<timePoint>2024-06-21T15:27:03</timePoint>
<channel>1</channel>
<carFlux>0</carFlux>
<smallCarFlux>0</smallCarFlux>
<bigCarFlux>0</bigCarFlux>
<passerbyFlux>0</passerbyFlux>
<averOccpancy>0.0</averOccpancy>
<averSpeed>0</averSpeed>
<averCarDis>0</averCarDis>
<midCarFlux>0</midCarFlux>
<averTimeOccupancy>0</averTimeOccupancy>
<averQueueLength>0</averQueueLength>
<averTimeHeadway>0</averTimeHeadway>
<nonmotorFlux>0</nonmotorFlux>
</Statistic>
</StatisticList>
</StatisticOperatorResult>
From:https://www.cnblogs.com/ywbmaster/p/18350767
本文地址: http://shuzixingkong.net/article/944
uniapp开发好苹果的app后,需要上架到app store connect后,用户才能使用app store进行安装。 在上架app store的过程中,却要求我们提供多种尺寸的app运行的设备截屏,截止于当前的版本,要6.7寸的、6.5寸的、5.5寸的,还有ipad 2代和4代13寸的。 这么
前言 这篇文章主要两个内容。 一,把上一篇关于requires_grad的内容补充一下。 二,介绍一下线性回归。 关闭张量计算 关闭张量计算。这个相对简单,阅读下面代码即可。 print(" 关闭require_grad ") x = torch.randn(3, require
面向对象编程(OOP)是一种编程范式,它通过创建包含数据和方法的对象来组织代码。相较于过程式编程,OOP 提供了更快更清晰的结构,有助于遵守 DRY(Don't Repeat Yourself)原则,使代码更易于维护和扩展。在 Kotlin 中,类和对象是 OOP 的核心。类作为对象的模板,
本文介绍基于Python语言,读取Excel表格文件,基于我们给定的规则,对其中的数据加以筛选,将不在指定数据范围内的数据剔除,保留符合我们需要的数据的方法~
回来了一段时间,在某招聘App上陆续有一些人主动找上门,但是基本都是毫无针对性的询问对岗位是否有意向。也陆续投了一些公司的,但是基本都是石沉大海。 一些人跟我说现在大环境不好,招聘的岗位少。这种思维我不敢苟同,只能说很多企业自身经营都成问题,只是借大环境不好来掩盖真实的问题所在。 有一家公司很积极撮
很感谢夜莺提供如此优质的平台能和行业内顶尖技术大佬做面对面的交流,在这个会议中又学习到了很多有趣有深度的内容,给我在未来探索的道路上提供了一些新的指引方向。同时感谢夜莺社区的邀请,在此再做一次关于AI方面的交流文章,由于目前我也是在AI这条赛道上的探索者,如果有不专业的地方还希望各位手下留情,同时希
几何图形是manim中最重要的一类模块,manim内置了丰富的各类几何图形,本篇从最简单的点开始,逐个介绍manim中的几何模块。 manim中点相关的模块主要有3个: Dot:通用的点 LabeledDot:在点的中间可以加一些说明文字 AnnotationDot:使用在注释场景中的点 Dot系列
今年,Numina 和 Hugging Face 合作角逐 AI 数学奥林匹克 (AI Math Olympiad,AIMO) 的首届进步奖。此次比赛旨在对开放 LLM 进行微调,以使其能解决高中难度的国际数学奥林匹克训练题。我们很高兴向大家报告: 我们的模型 - NuminaMath 7B TIR
