Android HTTP2 + Oauth2 + Jwt 接口认证实例

宝剑锋从磨砺出,梅花香自苦寒来。这篇文章主要讲述Android HTTP2 + Oauth2 + Jwt 接口认证实例相关的知识,希望能为你提供帮助。
本文节选自《Netkiller java 手札》
Netkiller Java  手札 Mr.  Neo  Chan,  陈景峯(BG7NYT)
中国广东省深圳市望海路半岛城邦三期 518067 +86  13113668890  < [email  protected]>
$Id: book.xml 606 2013-05-29 09:52:58Z netkiller $
版权 ? 2015-2018 Neo Chan
版权声明
转载请与作者联系,转载时请务必标明文章原始出处和作者信息及本声明。

http://www.netkiller.cn
http://netkiller.github.io
http://netkiller.sourceforge.net
我的系列文档
编程语言
Netkiller Architect 手札
Netkiller Developer 手札
Netkiller Java 手札
【Android HTTP2 + Oauth2 + Jwt 接口认证实例】Netkiller Spring 手札
Netkiller php 手札
Netkiller python 手札
Netkiller Testing 手札
Netkiller Cryptography 手札
Netkiller Perl 手札
Netkiller Docbook 手札
Netkiller Project 手札
Netkiller Database 手札
 
34.10.  android Oauth2 + Jwt exampleOauth 返回数据,通过 Gson 的 fromJson 存储到下面类中。
package cn.netkiller.okhttp.pojo; public class Oauth { private String access_token; private String token_type; private String refresh_token; private String expires_in; private String scope; private String jti; public String getAccess_token() { return access_token; }public void setAccess_token(String access_token) { this.access_token = access_token; }public String getToken_type() { return token_type; }public void setToken_type(String token_type) { this.token_type = token_type; }public String getRefresh_token() { return refresh_token; }public void setRefresh_token(String refresh_token) { this.refresh_token = refresh_token; }public String getExpires_in() { return expires_in; }public void setExpires_in(String expires_in) { this.expires_in = expires_in; }public String getScope() { return scope; }public void setScope(String scope) { this.scope = scope; }public String getJti() { return jti; }public void setJti(String jti) { this.jti = jti; }@Override public String toString() { return "Oauth{" + "access_token=‘" + access_token + ‘‘‘ + ", token_type=‘" + token_type + ‘‘‘ + ", refresh_token=‘" + refresh_token + ‘‘‘ + ", expires_in=‘" + expires_in + ‘‘‘ + ", scope=‘" + scope + ‘‘‘ + ", jti=‘" + jti + ‘‘‘ + ‘}‘; } }

Activity 文件
package cn.netkiller.okhttp; import android.support.v7.app.AppCompatActivity; import android.os.Bundle; import android.util.Log; import android.widget.TextView; import com.google.gson.Gson; import java.io.IOException; import cn.netkiller.okhttp.pojo.Oauth; import okhttp3.Authenticator; import okhttp3.Call; import okhttp3.Callback; import okhttp3.Credentials; import okhttp3.FormBody; import okhttp3.OkHttpClient; import okhttp3.Request; import okhttp3.RequestBody; import okhttp3.Response; import okhttp3.Route; public class Oauth2jwtActivity extends AppCompatActivity {private TextView token; @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_oauth2jwt); token = (TextView) findViewById(R.id.token); try { get(); } catch (IOException e) { e.printStackTrace(); }}public static Oauth accessToken() throws IOException {OkHttpClient client = new OkHttpClient.Builder().authenticator( new Authenticator() { public Request authenticate(Route route, Response response) { String credential = Credentials.basic("api", "secret"); return response.request().newBuilder().header("Authorization", credential).build(); } } ).build(); String url = "https://api.netkiller.cn/oauth/token"; RequestBody formBody = new FormBody.Builder() .add("grant_type", "password") .add("username", "blockchain") .add("password", "123456") .build(); Request request = new Request.Builder() .url(url) .post(formBody) .build(); Response response = client.newCall(request).execute(); if (!response.isSuccessful()) { throw new IOException("服务器端错误: " + response); }Gson gson = new Gson(); Oauth oauth = gson.fromJson(response.body().string(), Oauth.class); Log.i("oauth", oauth.toString()); return oauth; }public void get() throws IOException {OkHttpClient client = new OkHttpClient.Builder().authenticator( new Authenticator() { public Request authenticate(Route route, Response response) throws IOException { return response.request().newBuilder().header("Authorization", "Bearer " + accessToken().getAccess_token()).build(); } } ).build(); String url = "https://api.netkiller.cn/misc/compatibility"; Request request = new Request.Builder() .url(url) .build(); client.newCall(request).enqueue(new Callback() { @Override public void onFailure(Call call, IOException e) { call.cancel(); }@Override public void onResponse(Call call, Response response) throws IOException {final String myResponse = response.body().string(); runOnUiThread(new Runnable() { @Override public void run() { Log.i("oauth", myResponse); token.setText(myResponse); } }); } }); } public void post() throws IOException {OkHttpClient client = new OkHttpClient.Builder().authenticator( new Authenticator() { public Request authenticate(Route route, Response response) throws IOException { return response.request().newBuilder().header("Authorization", "Bearer " + accessToken().getAccess_token()).build(); } } ).build(); String url = "https://api.netkiller.cn/history/create"; String json = "{ " + ""assetsId": "5bced71c432c001c6ea31924", " + ""title": "添加信息", " + ""message": "信息内容", " + ""status": "录入" " + "}"; final MediaType JSON = MediaType.parse("application/json; charset=utf-8"); RequestBody body = RequestBody.create(JSON, json); Request request = new Request.Builder() .url(url) .post(body) .build(); client.newCall(request).enqueue(new Callback() { @Override public void onFailure(Call call, IOException e) { call.cancel(); }@Override public void onResponse(Call call, Response response) throws IOException {final String myResponse = response.body().string(); runOnUiThread(new Runnable() { @Override public void run() {//Gson gson = new Gson(); //Oauth oauth = gson.fromJson(myResponse, Oauth.class); //Log.i("oauth", oauth.toString()); token.setText(myResponse); } }); } }); }}

上面的例子演示了,怎样获取 access token 以及 HTTP 基本操作 GET 和 POST,再Restful接口中还可能会用到 PUT, DELETE 等等,原来相同,这里就不在演示。
34.11.  HTTP/2首先确认你的服务器是支持 HTTP2,HTTP2配置方法可以参考 《Netkiller Web 手札》
下面是我的例子仅供参考,nginx 开启 http2 代理后面的 Spring Cloud 接口。
server { listen80; listen 443 ssl http2; server_nameapi.netkiller.cn; ssl_certificate ssl/netkiller.cn.crt; ssl_certificate_key ssl/netkiller.cn.key; ssl_session_cache shared:SSL:20m; ssl_session_timeout 60m; charset utf-8; access_log/var/log/nginx/api.netkiller.cn.access.log; error_page497https://$host$uri?$args; if ($scheme = http) { return 301 https://$server_name$request_uri; }location / { proxy_passhttp://127.0.0.1:8000; proxy_http_version 1.1; proxy_set_headerHost$host; proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for; }#error_page404/404.html; # redirect server error pages to the static page /50x.html # error_page500 502 503 504/50x.html; location = /50x.html { root/usr/share/nginx/html; }# deny access to .htaccess files, if Apache‘s document root # concurs with nginx‘s one # #location ~ /.ht { #denyall; #} }

安卓程序如下
String url = "https://api.netkiller.cn/member/json"; OkHttpClient client = new OkHttpClient(); Request request = new Request.Builder().url(url).build(); client.newCall(request).enqueue(new Callback() { @Override public void onFailure(Call call, IOException e) { Log.d("okhttp", "Connect timeout. " + e.getMessage()); }@Override public void onResponse(Call call, Response response) throws IOException { String text = response.body().string(); Log.d("okhttp", "HTTP Code " + response.code() + " TEXT " + text); Log.d("okhttp", "Protocol: " + response.protocol()); } });

运行结果
D/okhttp: HTTP Code 200 TEXT {"status":false,"reason":"","code":0,"data":{"id":null,"username":"12322228888","mobile":"12322228888","password":"123456","wechat":"微信ID","role":"Organization","captcha":null,"createDate":"2018-10-25 09:25:23","updateDate":null}} Protocol: h2

输出 h2 表示当前接口与服务器连接是通过 http2 完成。
Oauth2 + Jwt 的 SpringBoot 实现方法可以参考作者的《Netkiller Spring Cloud 手札》

    推荐阅读