关于Http请求Cookie问题
在Http请求中,很多时候我们要设置Cookie和获取返回的Cookie,在这个问题上踩了一个很大的坑,主要是两个问题:
1.不能获取到重定向返回的Cookie;
2.两次请求返回的Cookie是相同的;
(接口是苏宁登录的接口,是用ids_r_me兑换authId的,这是单点登录常见的方式)后来我花了一点时间把几种不同的包中的坑总结一下:
第一个:apache下在httpclient
<dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>4.5.6</version> </dependency>
这个包在获取重定向Cookie时,会存在丢失Cookie的情况,这个包没有提供获取Cookie的借口方法,只能是通过Header获取Cookie和Set-Cookie获取返回的Cookie,用这个包发送Http请求好像没有存储重定向的Cookie,过程中肯定是有用到的,但是没有对外提供获取Cookie的接口,代码如下:
1 /** 2 * apache httpclient 4.5.6 test redirect Cookie 3 */ 4 @Test 5 public void Test_2() throws IOException { 6 List<String> list = new ArrayList(); 7 list.add("NjIyMDY5MDk1M19CUk9XU0VSXz**********************************18wXzQ2OWM1ZjI3 NDdjN2RmYzRiZWI3Njg3MDllNzI3MmFj"); 8 list.add("NzEwNDIyNjQwN19CUk9XU0VSXz**********************************M18wX2JiZWQ5YmVkMjJiOTAyZDNjYmNkZTk4NGM0NmFiYmMz"); 9 String url = "https://passport.suning.com/ids/login?service=https%3A%2F%2Fmy.suning.com%2Fmsi-web%2Fauth%3FtargetUrl%3Dhttps%253A%252F%252Floginst.suning.com%252FauthStatus%253F_%253D1540179466121%2526callback%253DZepto1540179465802"; 10 11 for (String token : list) { 12 HttpClientBuilder httpClientBuilder = HttpClientBuilder.create(); 13 CloseableHttpClient httpClient = httpClientBuilder.build(); 14 HttpGet httpGet = new HttpGet(url); 15 httpGet.setHeader("Cookie", "ids_r_me=" + token); 16 CloseableHttpResponse response = httpClient.execute(httpGet); 17 org.apache.http.Header[] headers = response.getAllHeaders(); 18 for (org.apache.http.Header header : headers) { 19 System.out.println(header.getName() + "=" + header.getValue()); 20 } 21 System.out.println(EntityUtils.toString(response.getEntity()) ); 22 } 23 }
因为没有找到获取Cookie的接口,所以打印了所有的header。
第二个:hutool
<dependency> <groupId>cn.hutool</groupId> <artifactId>hutool-all</artifactId> <version>4.2.1</version> </dependency>
这个包默认是可以获取Cookie的,但是开始遇到的问题是,第二次请求时获取的Cookie和第一次一样,因为这个包中的cookieManager是一个静态变量,但是第二次请求应该会覆盖掉才对,具体为什么不回覆盖没有再深追,后来找到了它提供的一个清空cookieManager中cookieStore的方法,问题就解决了。两次请求获取的是正常的Cookie。代码如下:
1 /** 2 * Hutool 4.2.1 test redirect Cookie 3 */ 4 @Test 5 public void Test_1() { 6 List<String> list = new ArrayList(); 7 list.add("NjIyMDY5MDk1M19CUk9XU0VSXz**********************************18wXzQ2OWM1ZjI3 NDdjN2RmYzRiZWI3Njg3MDllNzI3MmFj"); 8 list.add("NzEwNDIyNjQwN19CUk9XU0VSXz**********************************M18wX2JiZWQ5YmVkMjJiOTAyZDNjYmNkZTk4NGM0NmFiYmMz"); 9 String url = "https://passport.suning.com/ids/login?service=https%3A%2F%2Fmy.suning.com%2Fmsi-web%2Fauth%3FtargetUrl%3Dhttps%253A%252F%252Floginst.suning.com%252FauthStatus%253F_%253D1540179466121%2526callback%253DZepto1540179465802"; 10 for (String token : list) { 11 12 HttpRequest request = HttpUtil.createGet(url); 13 Map header = new HashMap(); 14 header.put("Cookie", "ids_r_me=" + token); 15 request = request.addHeaders(header); 16 17 HttpResponse response = request.execute(); 18 19 List<HttpCookie> cookieList = response.getCookies(); 20 System.out.println("Cookie:"); 21 for (HttpCookie cookie : cookieList) { 22 System.out.println(cookie.getName() + "=" + cookie.getValue()); 23 } 24 HttpRequest.getCookieManager().getCookieStore().removeAll(); 25 } 26 }
其中第24行是清除本次请求中的Cookie,如果放在response.getCookies()之前,就不能获取到Cookie了,所以应该是获取到Cookie后,清除本次请求的Cookie。
第三个:commons-httpclient
<dependency> <groupId>commons-httpclient</groupId> <artifactId>commons-httpclient</artifactId> <version>3.1</version> </dependency>
这个包发送请求返回的有点奇怪,但是习惯了感觉好像也挺合理,代码如下:
1 /** 2 * commons-httpclient 3.1 test redirect Cookie 3 * 4 * @throws IOException 5 */ 6 @Test 7 public void Test_3() throws IOException { 8 List<String> list = new ArrayList(); 9 list.add("NjIyMDY5MDk1M19CUk9XU0VSXz**********************************18wXzQ2OWM1ZjI3 NDdjN2RmYzRiZWI3Njg3MDllNzI3MmFj"); 10 list.add("NzEwNDIyNjQwN19CUk9XU0VSXz**********************************M18wX2JiZWQ5YmVkMjJiOTAyZDNjYmNkZTk4NGM0NmFiYmMz"); 11 String url = "https://passport.suning.com/ids/login?service=https%3A%2F%2Fmy.suning.com%2Fmsi-web%2Fauth%3FtargetUrl%3Dhttps%253A%252F%252Floginst.suning.com%252FauthStatus%253F_%253D1540179466121%2526callback%253DZepto1540179465802"; 12 for (String token : list) { 13 HttpClient httpClient = new HttpClient(); 14 GetMethod getMethod = new GetMethod(url); 15 16 getMethod.setRequestHeader(new Header("Cookie", "ids_r_me=" + token)); 17 Integer state = httpClient.executeMethod(getMethod); 18 Cookie[] cookieArray = httpClient.getState().getCookies();
19 for (Cookie cookie : cookieArray) { 20 System.out.println(cookie.getName() + "=" + cookie.getValue()); 21 } 22 System.out.println("responseBody:"+getMethod.getResponseBodyAsString()); 23 } 24 }
其中第17行返回的是本次请求的状态码,第22行是获取本次请求返回内容。