我正在开发一个Android项目并试图让摘要身份验证与Retrofit一起使用。我有点惊讶Retrofit本身并不支持它(或者更确切地说,OkHttp不支持它),但我猜想没有任何抱怨。
我在这里搜索了很多线程,似乎正确的解决方案是将Apache HttpClient(原生支持Digest Auth)与Retrofit集成。这需要使用retrofit.client.Client实现包装HttpClient。必须解析改进的传入值并将其内置到新的HttpClient响应中,然后将其发送回Retrofit以进行正常处理。感谢Jason Tu和他的例子:https://gist.github.com/nucleartide/24628083decb65a4562c
问题是,它不起作用。我每次都会获得401 Unauthorized,我不清楚为什么。这是我的客户impl:
public class AuthClientRedirector implements Client {
private final CloseableHttpClient delegate;
public AuthClientRedirector(String user, String pass, String hostname, String scope) {
Credentials credentials = new UsernamePasswordCredentials(user, pass);
AuthScope authScope = new AuthScope(hostname, 443, scope);
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(authScope, credentials);
delegate = HttpClientBuilder.create()
.setDefaultCredentialsProvider(credentialsProvider)
.build();
}
@Override
public Response execute(Request request) {
//
// We're getting a Retrofit request, but we need to execute an Apache
// HttpUriRequest instead. Use the info in the Retrofit request to create
// an Apache HttpUriRequest.
//
String method = request.getMethod();
ByteArrayOutputStream bos = new ByteArrayOutputStream();
if (request.getBody() != null) {
try {
request.getBody().writeTo(bos);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
String body = new String(bos.toByteArray());
HttpUriRequest wrappedRequest;
switch (method) {
case "GET":
wrappedRequest = new HttpGet(request.getUrl());
break;
case "POST":
wrappedRequest = new HttpPost(request.getUrl());
wrappedRequest.addHeader("Content-Type", "application/xml");
try {
((HttpPost) wrappedRequest).setEntity(new StringEntity(body));
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
break;
case "PUT":
wrappedRequest = new HttpPut(request.getUrl());
wrappedRequest.addHeader("Content-Type", "application/xml");
try {
((HttpPut) wrappedRequest).setEntity(new StringEntity(body));
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
break;
case "DELETE":
wrappedRequest = new HttpDelete(request.getUrl());
break;
default:
throw new AssertionError("HTTP operation not supported.");
}
CloseableHttpResponse apacheResponse = null;
try {
apacheResponse = delegate.execute(wrappedRequest);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if(apacheResponse!=null){
// Perform the HTTP request.
CloseableHttpResponse response = null;
try {
response = delegate.execute(wrappedRequest);
// Return a Retrofit response.
List<Header> retrofitHeaders = toRetrofitHeaders(
response.getAllHeaders());
TypedByteArray responseBody;
if (response.getEntity() != null) {
responseBody = new TypedByteArray("",
toByteArray(response.getEntity()));
} else {
responseBody = new TypedByteArray("",
new byte[0]);
}
System.out.println("this is the response");
System.out.println(new String(responseBody.getBytes()));
return new retrofit.client.Response(request.getUrl(),
response.getStatusLine().getStatusCode(),
response.getStatusLine().getReasonPhrase(), retrofitHeaders,
responseBody);
} catch (ClientProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} finally {
if (response != null) {
try {
response.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
}
//failed to return a new retrofit Client
return null;
}
private List<Header> toRetrofitHeaders(org.apache.http.Header[] headers) {
List<Header> retrofitHeaders = new ArrayList<>();
for (org.apache.http.Header header : headers) {
retrofitHeaders.add(new Header(header.getName(), header.getValue()));
}
return retrofitHeaders;
}
private byte[] toByteArray(HttpEntity entity) throws IOException {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
entity.writeTo(bos);
return bos.toByteArray();
}
}
我的改装配置如下所示:
public final RestAdapter configureService(){
AuthClientRedirector digestAuthMgr = new AuthClientRedirector(username,password,"myhostname","public");
RestAdapter.Builder builder = new RestAdapter.Builder()
.setEndpoint("http://myhostname:8003/endpoint")
.setLogLevel(RestAdapter.LogLevel.FULL)
.setClient(digestAuthMgr);
return builder.build();
}
我很难过为什么我一直从服务器上获得401s。我已经完成了响应构建过程,看起来很干净,所以我想我错过了一些基本的东西。凭据很好,我已经在应用程序外验证了它们。有人走过这条路吗?
答案 0 :(得分:1)
您使用端口号 443 进行身份验证。
AuthScope authScope = new AuthScope(hostname, 443, scope);
但是,您的真实端口号似乎 8003 。
RestAdapter.Builder builder = new RestAdapter.Builder()
.setEndpoint("http://myhostname:8003/endpoint")
那么,如何使用端口号 8003进行身份验证如下所示?
AuthScope authScope = new AuthScope(hostname, 8003, scope);