校园助手APP--访问服务器获取数据,包含安全校验

来源:互联网 发布:浙江大学网络充值 编辑:程序博客网 时间:2024/03/29 10:29

校园助手APP中很多数据需要从服务器获取,服务器端是由一位大神用node.js写的,通过json传递数据。为保证数据的安全,采用了一套安全校验。


public class InterfaceUtil {private static final String SALT = "withelper_******";//约定的一个keyprivate static final String TAG = "InterfaceUtil";@SuppressWarnings("finally")public static JSONObject getJSONObject(String url, // 请求的URLMap<String, String> params // 请求的参数序列) {long timestamp = new Date().getTime();//时间戳params.put("timestamp", "" + timestamp);//signparams.put("sign", MD5Util.getMD5String(SALT + timestamp));//通过时间戳与约定key的MD5值校验请求的安全性String result = postRequestToServer(url, params);//请求数据if (null == result) {Log.i(TAG, "result = null");return null;}else {Log.i(TAG, "result = " + result);JSONTokener jsonTokener = new JSONTokener(result);JSONObject json = null;try {//解析出json对象json = (JSONObject) jsonTokener.nextValue();} catch (JSONException e) {e.printStackTrace();} finally {return json;}}//end of else}@SuppressWarnings("finally")public static String postRequestToServer(String url, // 请求的URLMap<String, String> params // 请求的参数序列) {Log.i(TAG, "访问网络");HttpEntityEnclosingRequestBase httpRequest = new HttpPost(url);List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(params.size());for (Map.Entry<String, String> entry : params.entrySet()) {// 构建表单字段内容nameValuePairs.add(new BasicNameValuePair(entry.getKey(), entry.getValue()));}String strResult = "";try {httpRequest.setEntity(new UrlEncodedFormEntity(nameValuePairs,"UTF-8"));HttpClient client = new DefaultHttpClient();HttpParams httpparams = client.getParams();//请求时长HttpConnectionParams.setConnectionTimeout(httpparams,7000);HttpConnectionParams.setSoTimeout(httpparams,7000);// 执行请求HttpResponse httpResponse = client.execute(httpRequest);// 判断返回结果,200则说明正确返回if (httpResponse.getStatusLine().getStatusCode() == 200) {// 从返回的结果中获取内容strResult = EntityUtils.toString(httpResponse.getEntity(),"UTF-8");} else {strResult = null;}} catch (Exception e) {e.printStackTrace();//异常处理Message msg = new Message();msg.what = Task.ERROR_NETEXCEPTION ;msg.obj = e;MainService.handler.sendMessage(msg);strResult = null;} finally {return strResult;}}}


依然,程序中有很多内存泄露的情况


服务器收到数据请求后,先根据时间戳参数,与约定的key计算MD5值,对比成功后才会作出响应。




1 0
原创粉丝点击