ImageLoader 및 Glide는 Https 사진을 로드합니다.

13363 단어
이 문서에서는 프로젝트에서 Https로 시작하는 이미지를 로드하는 방법에 대해 설명합니다. 이미지 로드 프레임워크는 Glide 및 UIL입니다. 이미지를 로드할 때 모든 SSL 인증서 확인을 비활성화합니다.

1. UIL 로딩 이미지



ImageLoader의 경우 원본 imageDownloader를 대체하기 위해 이미지 로딩을 작성하고 애플리케이션에서 구성해야 합니다.


  • 응용 프로그램에서 ImageLoader 초기화

  • public class MyApplication extends Application {
    
        @Override
        public void onCreate()
        {
            super.onCreate();
            //设置OKHttp 支持https请求
            OkHttpUtils.getInstance().setCertificates();
    
            initImageLoader();
        }
    
        private void initImageLoader()
        {
            ImageLoaderConfiguration config = new ImageLoaderConfiguration
                    .Builder(getApplicationContext())
                    .threadPriority(Thread.NORM_PRIORITY - 2)
                    .denyCacheImageMultipleSizesInMemory()
                    .diskCacheFileNameGenerator(new Md5FileNameGenerator())
                    //替换允许Https的图片加载
                    .imageDownloader(new AuthImageDownloader(this))
                    .tasksProcessingOrder(QueueProcessingType.LIFO).build();
            ImageLoader.getInstance().init(config);
        } 
    }
    

  • AuthImageDownloader 코드

  • import com.nostra13.universalimageloader.core.download.BaseImageDownloader;
    
    import java.io.BufferedInputStream;
    import java.io.IOException;
    import java.io.InputStream;
    import java.net.HttpURLConnection;
    import java.net.MalformedURLException;
    import java.net.URL;
    import java.security.KeyManagementException;
    import java.security.NoSuchAlgorithmException;
    
    import javax.net.ssl.HostnameVerifier;
    import javax.net.ssl.HttpsURLConnection;
    import javax.net.ssl.SSLContext;
    import javax.net.ssl.SSLSession;
    import javax.net.ssl.SSLSocketFactory;
    
    /**
     * HTTPS的图片加载
     */
    public class AuthImageDownloader extends BaseImageDownloader {
    
        private SSLSocketFactory mSSLSocketFactory;
        public AuthImageDownloader(Context context) {
            super(context);
            SSLContext sslContext = sslContextForTrustedCertificates();
            mSSLSocketFactory = sslContext.getSocketFactory();
        }
        public AuthImageDownloader(Context context, int connectTimeout, int readTimeout) {
            super(context, connectTimeout, readTimeout);
            SSLContext sslContext = sslContextForTrustedCertificates();
            mSSLSocketFactory = sslContext.getSocketFactory();
        }
        @Override
        protected InputStream getStreamFromNetwork(String imageUri, Object extra) throws IOException
        {
            URL url = null;
            try {
                url = new URL(imageUri);
            } catch (MalformedURLException e) {
            }
            HttpURLConnection conn = (HttpURLConnection) url.openConnection();
            conn.setConnectTimeout(connectTimeout);
            conn.setReadTimeout(readTimeout);
    
            if (conn instanceof HttpsURLConnection) {
                ((HttpsURLConnection)conn).setSSLSocketFactory(mSSLSocketFactory);
                ((HttpsURLConnection)conn).setHostnameVerifier((DO_NOT_VERIFY));
            }
            return new BufferedInputStream(conn.getInputStream(), BUFFER_SIZE);
        }
        // always verify the host - dont check for certificate
        final HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        };
    
        public SSLContext sslContextForTrustedCertificates() {
            javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
            javax.net.ssl.TrustManager tm = new miTM();
            trustAllCerts[0] = tm;
            SSLContext sc = null;
            try {
                sc = SSLContext.getInstance("SSL");
                sc.init(null, trustAllCerts, null);
                //javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            }catch (KeyManagementException e) {
                e.printStackTrace();
            }finally {
                return sc;
            }
        }
    
        class miTM implements javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager {
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                return null;
            }
            public boolean isServerTrusted(
                    java.security.cert.X509Certificate[] certs) {
                return true;
            }
            public boolean isClientTrusted(
                    java.security.cert.X509Certificate[] certs) {
                return true;
            }
            public void checkServerTrusted(
                    java.security.cert.X509Certificate[] certs, String authType)
                    throws java.security.cert.CertificateException {
                return;
            }
            public void checkClientTrusted(
                    java.security.cert.X509Certificate[] certs, String authType)
                    throws java.security.cert.CertificateException {
                return;
            }
        }
    }
    

    2. 글라이드 로드 사진


    Glide는 Https를 로드하고 Okhttp를 통합하려면 okhttp가 모든 SSL 인증서 검사를 비활성화하도록 모듈을 사용자 정의해야 합니다.

  • gradle 참조


  • 참고로 소개하는 것이 더 번거롭습니다. Glide는 우리가 사용할 Module을 제공했습니다.

    compile 'com.squareup.okhttp3:okhttp:3.3.1'
    compile 'com.github.bumptech.glide:glide:3.7.0'
    /*提供的Module*/
    compile 'com.github.bumptech.glide:okhttp3-integration:1.4.0@aar'
    

  • 애플리케이션에서 초기화

  • //让Glide能用HTTPS
    Glide.get(this).register(GlideUrl.class, InputStream.class, new OkHttpUrlLoader.Factory(RetrofitUtils.getOkHttpClient()));
    

  • 인증서 설정 필요하지 않습니다 인증서가 없으면 가져올 필요가 없습니다 인증서가 있으면 InputStream을 가져와 다음 getOkHttpClient() 메서드에 전달합니다

  • try {
       InputStream input = getAssets().open("server.cer");
    } catch (IOException e) {
       e.printStackTrace();
    }
    

  • Https가 OkHttpClient를 가져올 수 있도록 OkHttp를 구성합니다.

  • /**
     * 获取OkHttpClient
     * 设置允许HTTPS
     * */
    public static OkHttpClient getOkHttpClient(InputStream... certificates)
    {
        SSLSocketFactory sslSocketFactory = HttpsUtils.getSslSocketFactory(certificates, null, null);
        OkHttpClient.Builder builder = new OkHttpClient().newBuilder();
        builder = builder.sslSocketFactory(sslSocketFactory);
        builder.hostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String hostname, SSLSession session)
            {
                return true;
            }
        });
        return builder.build();
    }
    
    HttpsUtils는 입력할 인증서를 전달할 수 있습니다. 인증서가 없으면 null을 전달합니다.
    import java.io.IOException;
    import java.io.InputStream;
    import java.security.KeyManagementException;
    import java.security.KeyStore;
    import java.security.KeyStoreException;
    import java.security.NoSuchAlgorithmException;
    import java.security.SecureRandom;
    import java.security.UnrecoverableKeyException;
    import java.security.cert.CertificateException;
    import java.security.cert.CertificateFactory;
    import java.security.cert.X509Certificate;
    
    import javax.net.ssl.HostnameVerifier;
    import javax.net.ssl.KeyManager;
    import javax.net.ssl.KeyManagerFactory;
    import javax.net.ssl.SSLContext;
    import javax.net.ssl.SSLSession;
    import javax.net.ssl.SSLSocketFactory;
    import javax.net.ssl.TrustManager;
    import javax.net.ssl.TrustManagerFactory;
    import javax.net.ssl.X509TrustManager;
    
    /**
     * 设置允许Https
     */
    public class HttpsUtils{
        public static SSLSocketFactory getSslSocketFactory(InputStream[] certificates, InputStream bksFile, String password){
            try{
                TrustManager[] trustManagers = prepareTrustManager(certificates);
                KeyManager[] keyManagers = prepareKeyManager(bksFile, password);
                SSLContext sslContext = SSLContext.getInstance("TLS");
                TrustManager trustManager = null;
                if (trustManagers != null){
                    trustManager = new MyTrustManager(chooseTrustManager(trustManagers));
                } else{
                    trustManager = new UnSafeTrustManager();
                }
                sslContext.init(keyManagers, new TrustManager[]{trustManager}, new SecureRandom());
                return sslContext.getSocketFactory();
            } catch (NoSuchAlgorithmException e){
                throw new AssertionError(e);
            } catch (KeyManagementException e){
                throw new AssertionError(e);
            } catch (KeyStoreException e){
                throw new AssertionError(e);
            }
        }
    
        private class UnSafeHostnameVerifier implements HostnameVerifier{
            @Override
            public boolean verify(String hostname, SSLSession session){
                return true;
            }
        }
    
        private static class UnSafeTrustManager implements X509TrustManager{
            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType)throws CertificateException{}
    
            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType)throws CertificateException{}
    
            @Override
            public X509Certificate[] getAcceptedIssuers(){
                return new X509Certificate[]{};
            }
        }
    
        private static TrustManager[] prepareTrustManager(InputStream... certificates){
            if (certificates == null || certificates.length <= 0) return null;
            try{
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null);
                int index = 0;
                for (InputStream certificate : certificates){
                    String certificateAlias = Integer.toString(index++);
                    keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(certificate));
                    try{
                        if (certificate != null)
                            certificate.close();
                    } catch (IOException e){
                    }
                }
                TrustManagerFactory trustManagerFactory = null;
                trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                return trustManagers;
            } catch (NoSuchAlgorithmException e){
                e.printStackTrace();
            } catch (CertificateException e){
                e.printStackTrace();
            } catch (KeyStoreException e){
                e.printStackTrace();
            } catch (Exception e){
                e.printStackTrace();
            }
            return null;
    
        }
    
        private static KeyManager[] prepareKeyManager(InputStream bksFile, String password){
            try{
                if (bksFile == null || password == null) return null;
                KeyStore clientKeyStore = KeyStore.getInstance("BKS");
                clientKeyStore.load(bksFile, password.toCharArray());
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(clientKeyStore, password.toCharArray());
                return keyManagerFactory.getKeyManagers();
            } catch (KeyStoreException e){
                e.printStackTrace();
            } catch (NoSuchAlgorithmException e){
                e.printStackTrace();
            } catch (UnrecoverableKeyException e){
                e.printStackTrace();
            } catch (CertificateException e){
                e.printStackTrace();
            } catch (IOException e){
                e.printStackTrace();
            } catch (Exception e){
                e.printStackTrace();
            }
            return null;
        }
    
        private static X509TrustManager chooseTrustManager(TrustManager[] trustManagers){
            for (TrustManager trustManager : trustManagers){
                if (trustManager instanceof X509TrustManager){
                    return (X509TrustManager) trustManager;
                }
            }
            return null;
        }
    
        private static class MyTrustManager implements X509TrustManager{
            private X509TrustManager defaultTrustManager;
            private X509TrustManager localTrustManager;
    
            public MyTrustManager(X509TrustManager localTrustManager) throws NoSuchAlgorithmException, KeyStoreException{
                TrustManagerFactory var4 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                var4.init((KeyStore) null);
                defaultTrustManager = chooseTrustManager(var4.getTrustManagers());
                this.localTrustManager = localTrustManager;
            }
    
            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException{}
    
            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException{
                try{
                    defaultTrustManager.checkServerTrusted(chain, authType);
                } catch (CertificateException ce){
                    localTrustManager.checkServerTrusted(chain, authType);
                }
            }
    
            @Override
            public X509Certificate[] getAcceptedIssuers(){
                return new X509Certificate[0];
            }
        }
    }
    
    모든 코드를 가져온 후 Glide는 Https로 시작하는 그림을 로드할 수 있습니다.

    인용하다



    https 이미지를 로드하는 이미지 로더에 대한 완벽한 솔루션 Glide loading Https Glide loading Https 중국어 번역

    좋은 웹페이지 즐겨찾기