Android - 为摘要身份验证配置Retrofit / Apache HttpClient

时间:2015-06-23 14:45:41

标签: android authentication apache-httpclient-4.x retrofit digest-authentication

我正在开发一个Android项目并试图让摘要身份验证与Retrofit一起使用。我有点惊讶Retrofit本身并不支持它(或者更确切地说,OkHttp不支持它),但我猜想没有任何抱怨。

我在这里搜索了很多线程,似乎正确的解决方案是将Apache HttpClient(原生支持Digest Auth)与Retrofit集成。这需要使用retrofit.client.Client实现包装HttpClient。必须解析改进的传入值并将其内置到新的HttpClient响应中,然后将其发送回Retrofit以进行正常处理。感谢Jason Tu和他的例子:https://gist.github.com/nucleartide/24628083decb65a4562c

问题是,它不起作用。我每次都会获得401 Unauthorized,我不清楚为什么。这是我的客户impl:

public class AuthClientRedirector implements Client {
    private final CloseableHttpClient delegate;

    public AuthClientRedirector(String user, String pass, String hostname, String scope) {
        Credentials credentials = new UsernamePasswordCredentials(user, pass);
        AuthScope authScope = new AuthScope(hostname, 443, scope);

        CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
        credentialsProvider.setCredentials(authScope, credentials);

        delegate = HttpClientBuilder.create()
        .setDefaultCredentialsProvider(credentialsProvider)
        .build();
   }

    @Override 
    public Response execute(Request request) {
    //
    // We're getting a Retrofit request, but we need to execute an Apache
    // HttpUriRequest instead. Use the info in the Retrofit request to create
    // an Apache HttpUriRequest.
    //
    String method = request.getMethod();

    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    if (request.getBody() != null) {
        try {
            request.getBody().writeTo(bos);
        } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    }
    String body = new String(bos.toByteArray());

    HttpUriRequest wrappedRequest;
    switch (method) {
    case "GET":
        wrappedRequest = new HttpGet(request.getUrl());
        break;
    case "POST":
        wrappedRequest = new HttpPost(request.getUrl());
        wrappedRequest.addHeader("Content-Type", "application/xml");
        try {
            ((HttpPost) wrappedRequest).setEntity(new StringEntity(body));
        } catch (UnsupportedEncodingException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        break;
    case "PUT":
        wrappedRequest = new HttpPut(request.getUrl());
        wrappedRequest.addHeader("Content-Type", "application/xml");
        try {
            ((HttpPut) wrappedRequest).setEntity(new StringEntity(body));
        } catch (UnsupportedEncodingException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        break;
    case "DELETE":
        wrappedRequest = new HttpDelete(request.getUrl());
        break;
    default:
        throw new AssertionError("HTTP operation not supported.");
    }

CloseableHttpResponse apacheResponse = null;
try {
    apacheResponse = delegate.execute(wrappedRequest);
} catch (IOException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
}

if(apacheResponse!=null){
    // Perform the HTTP request.
    CloseableHttpResponse response = null;
    try {
        response = delegate.execute(wrappedRequest);

        // Return a Retrofit response.
        List<Header> retrofitHeaders = toRetrofitHeaders(
                response.getAllHeaders());
        TypedByteArray responseBody;
        if (response.getEntity() != null) {
            responseBody = new TypedByteArray("",
                    toByteArray(response.getEntity()));
        } else {
            responseBody = new TypedByteArray("",
                    new byte[0]);
        }
        System.out.println("this is the response");
        System.out.println(new String(responseBody.getBytes()));
        return new retrofit.client.Response(request.getUrl(),
                response.getStatusLine().getStatusCode(),
                response.getStatusLine().getReasonPhrase(), retrofitHeaders,
                responseBody);
    } catch (ClientProtocolException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (IOException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } finally {
        if (response != null) {
            try {
                response.close();                       
            } catch (IOException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
        }
    }   
}
    //failed to return a new retrofit Client
    return null;
}

private List<Header> toRetrofitHeaders(org.apache.http.Header[] headers) {
    List<Header> retrofitHeaders = new ArrayList<>();
    for (org.apache.http.Header header : headers) {
        retrofitHeaders.add(new Header(header.getName(), header.getValue()));
    }
    return retrofitHeaders;
}

private byte[] toByteArray(HttpEntity entity) throws IOException {
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    entity.writeTo(bos);
    return bos.toByteArray();
}

}

我的改装配置如下所示:

public final RestAdapter configureService(){

AuthClientRedirector digestAuthMgr = new AuthClientRedirector(username,password,"myhostname","public");

RestAdapter.Builder builder = new RestAdapter.Builder()
.setEndpoint("http://myhostname:8003/endpoint")
.setLogLevel(RestAdapter.LogLevel.FULL)
.setClient(digestAuthMgr);
return builder.build();
}

我很难过为什么我一直从服务器上获得401s。我已经完成了响应构建过程,看起来很干净,所以我想我错过了一些基本的东西。凭据很好,我已经在应用程序外验证了它们。有人走过这条路吗?

1 个答案:

答案 0 :(得分:1)

您使用端口号 443 进行身份验证。

AuthScope authScope = new AuthScope(hostname, 443, scope);

但是,您的真实端口号似乎 8003 

RestAdapter.Builder builder = new RestAdapter.Builder()
.setEndpoint("http://myhostname:8003/endpoint")

那么,如何使用端口号 8003进行身份验证如下所示?

AuthScope authScope = new AuthScope(hostname, 8003, scope);
相关问题
最新问题