我有 curl 命令它在 cmd 中工作正常，但我想在 java 代码中运行它答案

【问题标题】：i have curl command its work fine in cmd but i want to run it in java code我有 curl 命令它在 cmd 中工作正常，但我想在 java 代码中运行它
【发布时间】：2020-01-20 12:10:16
【问题描述】：

我有 curl 命令，它在 cmd 中工作正常，但我想在 java 代码中运行它。主要的 bout 命令是它正在调用一个也需要身份验证的“POST”API。我也使用过调试器，它不会进入循环来读取响应

String[] command = {"curl",url, "-H" ,"Content-Type: application/x-www-form-urlencoded","-X", username+ "&" + password ,"insecure"};
        ProcessBuilder process = new ProcessBuilder(command);
        Process p;
        try
        {
            p = process.start();
            BufferedReader reader =  new BufferedReader(new InputStreamReader(p.getInputStream()));
            StringBuilder builder = new StringBuilder();
            String line="" ;
            while ( (line = reader.readLine()) != null) {
                builder.append(line);
                System.out.println(line);
                builder.append(System.getProperty("line.separator"));
            }
            String result = builder.toString();
            System.out.print(result);

        }

curl 'https://integration.sirionlabs.office:9443/nifi-api/access/token' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' --data 'username=username&password=password' --compressed --insecure

预期的结果是我需要的不记名令牌

【问题讨论】：

我想在java代码中运行这个命令：curl 'integration.sirionlabs.office:9443/nifi-api/access/token' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' --data 'username=username&password=password' --compressed --insecure
您正在以错误的方向接近解决方案，您应该寻找 HTTP 客户端而不是从 Java 运行命令。
How to use java.net.URLConnection to fire and handle HTTP requests的可能重复
出于几个原因，例如 windows 没有 curl，因此您的代码根本无法在 windows 上运行。而且代码将很难维护

标签： java curl

【解决方案1】：

Unirest 是我撰写此答案时最常见的 Java HTTP 客户端之一。

这是您在 Java 中使用 Unirest 显示的 cURL 命令示例。

由于 cURL 中的 --insecure 标志，代码有点棘手，这是在 Unirest 中获得类似结果的可能解决方案之一（来源：https://github.com/Kong/unirest-java/issues/70）：

import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;

import javax.net.ssl.SSLContext;
import javax.security.cert.CertificateException;
import javax.security.cert.X509Certificate;

import org.apache.http.client.HttpClient;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;

import com.mashape.unirest.http.HttpResponse;
import com.mashape.unirest.http.JsonNode;
import com.mashape.unirest.http.Unirest;
import com.mashape.unirest.http.exceptions.UnirestException;

public class UnirestCertificateIgnore {

    private static HttpClient unsafeHttpClient;

    static {
        try {
            SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy() {
                public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                    return true;
                }
            }).build();

            unsafeHttpClient = HttpClients.custom().setSSLContext(sslContext)
                    .setSSLHostnameVerifier(new NoopHostnameVerifier()).build();

        } catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException e) {
            e.printStackTrace();
        }
    }

    public static HttpClient getClient() {
        return unsafeHttpClient;
    }

    public static void main(String[] args) {

        try {
            HttpClient creepyClient = RestUnirestClient.getClient();
            Unirest.setHttpClient(creepyClient);

            HttpResponse<String> response = Unirest.get("https://integration.sirionlabs.office:9443/nifi-api/access/token")
                .header("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8")
                .header("cache-control", "no-cache")
                .body("username=username&password=password")
                .asString();

        } catch (UnirestException e) {
            e.printStackTrace();
        }
    }
}

【讨论】：

模拟 curl 的 --insecure 选项怎么样？
@VGR --insecure 将忽略 cURL 证书内部检查。请在此处阅读：stackoverflow.com/questions/8520147/curl-insecure-option
非常好，@VGR！我需要做一些测试以提供准确的答案，但我认为不会。让我看看我是否可以找到一些自签名证书并能够相应地证明/改进我的答案。
我希望这个解决方案可以更好，@VGR 感谢您的时间和教学。

【解决方案2】：

不要运行外部curl 进程，而是使用Java 提交您的请求。这甚至可以在没有安装curl 的系统上工作，让您的代码真正实现多平台：

String body = String.format("username=%s&password=%s",
    URLEncoder.encode(username, StandardCharsets.UTF_8),
    URLEncoder.encode(password, StandardCharsets.UTF_8));

HttpRequest.Builder builder = HttpRequest.newBuilder(URI.create(url));
// -H
builder.setHeader("Content-Type",
    "application/x-www-form-urlencoded; charset=UTF-8");
// --data
builder.POST(HttpRequest.BodyPublishers.ofString(body));
HttpRequest request = builder.build();

// --insecure
TrustManager acceptAll = new X509TrustManager() {
    @Override
    public void checkClientTrusted(X509Certificate[] chain,
                                   String authType)
    throws CertificateException {
        // Deliberately empty.
    }

    @Override
    public void checkServerTrusted(X509Certificate[] chain,
                                   String authType)
    throws CertificateException {
        // Deliberately empty.
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return null;
    }
};
SSLContext context;
try {
    context = SSLContext.getInstance("TLS");
    context.init(null, new TrustManager[] { acceptAll }, null);
} catch (GeneralSecurityException e) {
    throw new RuntimeException(e);
}

HttpClient client = HttpClient.newBuilder().sslContext(context).build();
HttpResponse<String> response =
    client.send(request, HttpResponse.BodyHandlers.ofString());

int status = response.statusCode();
if (status >= 400) {
    throw new IOException("Request failed with code " + status);
}

String result = response.body();

HttpRequest、HttpResponse 和 HttpClient 类来自 java.net.http 包。

【讨论】：