不熟悉这块,所以前面的解释没怎么懂,例子倒是蛮好懂的
Simple HTTPS
Since AndroidAnnotations 2.6
@HttpsClient
The @HttpsClient simplifies HTTPS requests by injecting a HttpClient instance with a configured KeyStore, TrustStore and Hostname Verification.
通过注入配置过KeyStore,TrustStore和Hostname Verification的HttpClient实例,@HttpsClient简化了HTTPS请求。
All parameters are optionals.
所有参数都是可选的。
Usage examples 用例
Mutual SSL authentication (two-way authentication) 相互SSL身份验证(双向身份验证)
Here is the complete form if you want to achieve Client Auth:
假如你想实现客户端身份验证,下面是完整的格式:
@HttpsClient(trustStore=R.raw.cacerts, trustStorePwd="changeit", keyStore=R.raw.client, keyStorePwd="secret", allowAllHostnames=false)HttpClient httpsClient;
trustStore: int, Resource id of your trust store file ex R.raw.cacerts.bks Typically your servers trusted certificates (public key, Root Chain Authority etc)
trustStore:int类型,是你trust store文件中,比如R.raw.cacerts.bks的资源id。典型为你的服务器受信任的证书(公钥,Root Chain Authority等等)
trustStorePwd: String, Your TrustStore password (default is changeit)
trustStorePwd: String类型,你的TrustStore密码(默认为changeit)
keyStore: int, Resource id of your keystore Usually your private key (client certificate)
keyStore: int类型,通常是你私钥的资源id(客户端证书)
keyStorePwd: Your KeyStore password (default is changeit)
keyStorePwd: 你的KeyStore密码(默认是changeit)
allowAllHostnames: boolean, if true, authorizes any TLS/SSL hostname (defaulttrue) If false, Hostname in certificate (DN) must match the URL
allowAllHostnames:boolean类型,若为true,授权给任何主机名(默认为);若为false;证书中的主机名(DN)必须匹配URL
Note: Prior to ICS, Android accept [Key|Trust]store only in BKS format (Bouncycastle Key Store)
注意:在ICS之前,Android只接受BKS格式 (Bouncycastle Key Store)的[Key|Trust]store
A simple SSL authentication 简单的SSL认证
This is useful if your remote server use a selfsigned certificate or a certificate issued by a private certificate authority
假如你的远程服务器使用selfsigned证书或者通过私有认证机构发布的证书,那么这种方法比较有用
@HttpsClient(trustStore=R.raw.mycacerts, trustStorePwd="changeit")HttpClient httpsClient;
Default
If you do not specify a truststore file, the annotation will use the default android truststore located at/system/etc/security/cacerts.bks which allows you to connect to a server signed with one of the trusted root CAs (Thawte, verisign etc.)
假如你没有指定truststore文件,注解会使用默认的android truststore,它的路径为,允许你连接一个与受信任的根证书(Thawte, verisign等)签订过的服务器
@HttpsClientHttpClient httpsClient;
Complete Example 完整的例子
@EActivitypublic class MyActivity extends Activity { @HttpsClient(trustStore=R.raw.cacerts, trustStorePwd="changeit", hostnameVerif=true) HttpClient httpsClient; @AfterInject @Background public void securedRequest() { try { HttpGet httpget = new HttpGet("https://www.verisign.com/"); HttpResponse response = httpsClient.execute(httpget); doSomethingWithResponse(response); } catch (Exception e) { e.printStackTrace(); } } @UiThread public void doSomethingWithResponse(HttpResponse resp) { Toast.makeText(this, "HTTP status " + resp.getStatusLine().getStatusCode(), Toast.LENGTH_LONG).show(); }}
