解决https不能下载的问题

MZCretin · Nov 4, 2019 · aa2f8e6 · aa2f8e6
1 parent 5185cf9
commit aa2f8e6
Show file tree

Hide file tree

Showing 10 changed files with 134 additions and 23 deletions.
diff --git a/.idea/caches/build_file_checksums.ser b/.idea/caches/build_file_checksums.ser
diff --git a/.idea/caches/gradle_models.ser b/.idea/caches/gradle_models.ser
diff --git a/README.md b/README.md
@@ -24,6 +24,10 @@
 + **新增静默下载更新的方式，实现进入App直接后台下载，下载完成后弹出安装页面（静默安装需要Root权限，而且体验很不好，不做支持）（2019-10-25 18:09:05添加）。**
 
 ### 新版本说明
++ 2019-11-04 12:38:12更新版本，版本号为：v2.0.3
+    + 新增配置DownloadConnection的入口，可切换文件下载器的内核
+    + 提供了配置Okhttp3作为下载器的demo，在demo中提供了OkHttp3Connection的实现，并提供信任所有证书的工具类SSLUtils，可解决https根证书不被信任导致无法下载的问题
+
 + 2019-10-25 18:09:05更新新版，版本号为：v2.0.2
     + 新增静默下载更新的方式
     + 新增获取是否有新版本更新的事件回调
@@ -68,12 +72,24 @@ allprojects { repositories { ... maven { url 'https://jitpack.io' } } }
 
 **Step 2.** Add the dependency
 ```gradle
-dependencies { implementation 'com.github.MZCretin:AutoUpdateProject:latest_version' }
+    dependencies { implementation 'com.github.MZCretin:AutoUpdateProject:latest_version' }
 ```
 
 **Step 3.** Init it in BaseApplication or MainActivity before using it.And then register BaseApplication in AndroidManifest(Don't forget it).
 
 ```java
+        //如果你想使用okhttp作为下载的载体，那么你需要自己依赖okhttp，更新库不强制依赖okhttp！可以使用如下代码创建一个OkHttpClient 并在UpdateConfig中配置setCustomDownloadConnectionCreator start
+        OkHttpClient.Builder builder = new OkHttpClient.Builder();
+        builder.connectTimeout(30_000, TimeUnit.SECONDS)
+                .readTimeout(30_000, TimeUnit.SECONDS)
+                .writeTimeout(30_000, TimeUnit.SECONDS)
+                //如果你需要信任所有的证书，可解决根证书不被信任导致无法下载的问题 start
+                .sslSocketFactory(SSLUtils.createSSLSocketFactory())
+                .hostnameVerifier(new SSLUtils.TrustAllHostnameVerifier())
+                //如果你需要信任所有的证书，可解决根证书不被信任导致无法下载的问题 end
+                .retryOnConnectionFailure(true);
+        //如果你想使用okhttp作为下载的载体，那么你需要自己依赖okhttp，更新库不强制依赖okhttp！可以使用如下代码创建一个OkHttpClient 并在UpdateConfig中配置setCustomDownloadConnectionCreator end
+
         //更新库配置
         UpdateConfig updateConfig = new UpdateConfig()
                 .setDebug(true)//是否是Debug模式
@@ -88,7 +104,9 @@ dependencies { implementation 'com.github.MZCretin:AutoUpdateProject:latest_vers
                 .setAutoDownloadBackground(false)//是否需要后台静默下载，如果设置为true，则调用checkUpdate方法之后会直接下载安装，不会弹出更新页面。当你选择UI样式为TypeConfig.UI_THEME_CUSTOM，静默安装失效，您需要在自定义的Activity中自主实现静默下载，使用这种方式的时候建议setShowNotification(false)，这样基本上用户就会对下载无感知了
                 .setCustomActivityClass(CustomActivity.class)//如果你选择的UI样式为TypeConfig.UI_THEME_CUSTOM，那么你需要自定义一个Activity继承自RootActivity，并参照demo实现功能，在此处填写自定义Activity的class
                 .setNeedFileMD5Check(false)//是否需要进行文件的MD5检验，如果开启需要提供文件本身正确的MD5校验码，DEMO中提供了获取文件MD5检验码的工具页面，也提供了加密工具类Md5Utils
+                .setCustomDownloadConnectionCreator(new OkHttp3Connection.Creator(builder))//如果你想使用okhttp作为下载的载体，可以使用如下代码创建一个OkHttpClient，并使用demo中提供的OkHttp3Connection构建一个ConnectionCreator传入，在这里可以配置信任所有的证书，可解决根证书不被信任导致无法下载apk的问题
                 .setModelClass(new UpdateModel());
+        //初始化
         AppUpdateUtils.init(this, updateConfig);
 ```
 

diff --git a/app/build.gradle b/app/build.gradle
@@ -32,4 +32,7 @@ dependencies {
 //    implementation 'com.github.MZCretin:AutoUpdateProject:v2.0.0'
     //使用本地库依赖
     implementation project(':cretinautoupdatelibrary')
+
+    //如果你需要使用okhttp作为你的下载器 你需要自主引入okhttp的依赖
+    implementation 'com.squareup.okhttp3:okhttp:3.11.0'
 }
diff --git a/app/src/main/java/com/cretin/www/autoupdateproject/app/BaseApp.java b/app/src/main/java/com/cretin/www/autoupdateproject/app/BaseApp.java
@@ -8,7 +8,13 @@
 import com.cretin.www.autoupdateproject.model.UpdateModel;
 import com.cretin.www.cretinautoupdatelibrary.model.TypeConfig;
 import com.cretin.www.cretinautoupdatelibrary.model.UpdateConfig;
+import com.cretin.www.autoupdateproject.utils.OkHttp3Connection;
 import com.cretin.www.cretinautoupdatelibrary.utils.AppUpdateUtils;
+import com.cretin.www.cretinautoupdatelibrary.utils.SSLUtils;
+
+import java.util.concurrent.TimeUnit;
+
+import okhttp3.OkHttpClient;
 
 public class BaseApp extends Application {
     @Override
@@ -18,6 +24,18 @@ public void onCreate() {
         //BlankJ的初始化 跟更新库没有关系哦
         Utils.init(this);
 
+        //如果你想使用okhttp作为下载的载体，那么你需要自己依赖okhttp，更新库不强制依赖okhttp！可以使用如下代码创建一个OkHttpClient 并在UpdateConfig中配置setCustomDownloadConnectionCreator start
+        OkHttpClient.Builder builder = new OkHttpClient.Builder();
+        builder.connectTimeout(30_000, TimeUnit.SECONDS)
+                .readTimeout(30_000, TimeUnit.SECONDS)
+                .writeTimeout(30_000, TimeUnit.SECONDS)
+                //如果你需要信任所有的证书，可解决根证书不被信任导致无法下载的问题 start
+                .sslSocketFactory(SSLUtils.createSSLSocketFactory())
+                .hostnameVerifier(new SSLUtils.TrustAllHostnameVerifier())
+                //如果你需要信任所有的证书，可解决根证书不被信任导致无法下载的问题 end
+                .retryOnConnectionFailure(true);
+        //如果你想使用okhttp作为下载的载体，那么你需要自己依赖okhttp，更新库不强制依赖okhttp！可以使用如下代码创建一个OkHttpClient 并在UpdateConfig中配置setCustomDownloadConnectionCreator end
+
         //更新库配置
         UpdateConfig updateConfig = new UpdateConfig()
                 .setDebug(true)//是否是Debug模式
@@ -32,7 +50,9 @@ public void onCreate() {
                 .setAutoDownloadBackground(false)//是否需要后台静默下载，如果设置为true，则调用checkUpdate方法之后会直接下载安装，不会弹出更新页面。当你选择UI样式为TypeConfig.UI_THEME_CUSTOM，静默安装失效，您需要在自定义的Activity中自主实现静默下载，使用这种方式的时候建议setShowNotification(false)，这样基本上用户就会对下载无感知了
                 .setCustomActivityClass(CustomActivity.class)//如果你选择的UI样式为TypeConfig.UI_THEME_CUSTOM，那么你需要自定义一个Activity继承自RootActivity，并参照demo实现功能，在此处填写自定义Activity的class
                 .setNeedFileMD5Check(false)//是否需要进行文件的MD5检验，如果开启需要提供文件本身正确的MD5校验码，DEMO中提供了获取文件MD5检验码的工具页面，也提供了加密工具类Md5Utils
+                .setCustomDownloadConnectionCreator(new OkHttp3Connection.Creator(builder))//如果你想使用okhttp作为下载的载体，可以使用如下代码创建一个OkHttpClient，并使用demo中提供的OkHttp3Connection构建一个ConnectionCreator传入，在这里可以配置信任所有的证书，可解决根证书不被信任导致无法下载apk的问题
                 .setModelClass(new UpdateModel());
+        //初始化
         AppUpdateUtils.init(this, updateConfig);
     }
 }
diff --git a/...oupdatelibrary/net/OkHttp3Connection.java → ...pdateproject/utils/OkHttp3Connection.java b/...oupdatelibrary/net/OkHttp3Connection.java → ...pdateproject/utils/OkHttp3Connection.java
@@ -1,4 +1,4 @@
-package com.cretin.www.cretinautoupdatelibrary.net;
+package com.cretin.www.autoupdateproject.utils;
 
 import com.liulishuo.filedownloader.connection.FileDownloadConnection;
 import com.liulishuo.filedownloader.util.FileDownloadHelper;

diff --git a/cretinautoupdatelibrary/build.gradle b/cretinautoupdatelibrary/build.gradle
@@ -31,7 +31,6 @@ dependencies {
     implementation 'com.android.support:appcompat-v7:28.0.0'
     implementation 'com.android.support.constraint:constraint-layout:1.1.3'
     api 'com.liulishuo.filedownloader:library:1.7.6'
-    implementation 'com.squareup.okhttp3:okhttp:3.11.0'
 }
 
 repositories {

diff --git a/...pdatelibrary/src/main/java/com/cretin/www/cretinautoupdatelibrary/model/UpdateConfig.java b/...pdatelibrary/src/main/java/com/cretin/www/cretinautoupdatelibrary/model/UpdateConfig.java
@@ -1,5 +1,7 @@
 package com.cretin.www.cretinautoupdatelibrary.model;
 
+import com.liulishuo.filedownloader.util.FileDownloadHelper;
+
 import java.util.Map;
 
 /**
@@ -49,6 +51,18 @@ public class UpdateConfig {
     //是否静默下载
     private boolean isAutoDownloadBackground;
 
+    //自定义下载
+    private FileDownloadHelper.ConnectionCreator customDownloadConnectionCreator;
+
+    public FileDownloadHelper.ConnectionCreator getCustomDownloadConnectionCreator() {
+        return customDownloadConnectionCreator;
+    }
+
+    public UpdateConfig setCustomDownloadConnectionCreator(FileDownloadHelper.ConnectionCreator customDownloadConnectionCreator) {
+        this.customDownloadConnectionCreator = customDownloadConnectionCreator;
+        return this;
+    }
+
     public boolean isAutoDownloadBackground() {
         return isAutoDownloadBackground;
     }

diff --git a/...atelibrary/src/main/java/com/cretin/www/cretinautoupdatelibrary/utils/AppUpdateUtils.java b/...atelibrary/src/main/java/com/cretin/www/cretinautoupdatelibrary/utils/AppUpdateUtils.java
@@ -28,20 +28,19 @@
 import com.cretin.www.cretinautoupdatelibrary.model.UpdateConfig;
 import com.cretin.www.cretinautoupdatelibrary.net.HttpCallbackModelListener;
 import com.cretin.www.cretinautoupdatelibrary.net.HttpUtils;
-import com.cretin.www.cretinautoupdatelibrary.net.OkHttp3Connection;
 import com.cretin.www.cretinautoupdatelibrary.service.UpdateReceiver;
 import com.liulishuo.filedownloader.BaseDownloadTask;
 import com.liulishuo.filedownloader.FileDownloadLargeFileListener;
 import com.liulishuo.filedownloader.FileDownloadListener;
 import com.liulishuo.filedownloader.FileDownloader;
+import com.liulishuo.filedownloader.connection.FileDownloadUrlConnection;
+import com.liulishuo.filedownloader.util.FileDownloadHelper;
 import com.liulishuo.filedownloader.util.FileDownloadUtils;
 
 import java.io.File;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
-import java.util.concurrent.TimeUnit;
-import okhttp3.OkHttpClient;
 
 import static com.cretin.www.cretinautoupdatelibrary.utils.AppUtils.getAppLocalPath;
 
@@ -98,26 +97,22 @@ public static void init(Application context, UpdateConfig config) {
         mContext = context;
         updateConfig = config;
         ResUtils.init(context);
+
+        FileDownloadHelper.ConnectionCreator fileDownloadConnection = null;
         //初始化文件下载库
-        /* start 使用自定义的下载器 解决根证书不被信任的情况下无法下载https的文件的问题*/
-        final OkHttpClient.Builder builder = new OkHttpClient.Builder();
-        builder.connectTimeout(30_000, TimeUnit.SECONDS);
-        builder.readTimeout(30_000, TimeUnit.SECONDS);
+        if (updateConfig != null && updateConfig.getCustomDownloadConnectionCreator() != null) {
+            fileDownloadConnection = updateConfig.getCustomDownloadConnectionCreator();
+        } else {
+            fileDownloadConnection = new FileDownloadUrlConnection
+                    .Creator(new FileDownloadUrlConnection.Configuration()
+                    .connectTimeout(30_000) // set connection timeout.
+                    .readTimeout(30_000) // set read timeout.
+            );
+        }
 
-        FileDownloader.setupOnApplicationOnCreate(context)
-                .connectionCreator(new OkHttp3Connection.Creator(builder))
+        FileDownloader.setupOnApplicationOnCreate(mContext)
+                .connectionCreator(fileDownloadConnection)
                 .commit();
-        /* end 使用自定义的下载器 解决根证书不被信任的情况下无法下载https的文件的问题*/
-
-        /* start 使用默认的URLConnection 减少依赖*/
-//        FileDownloader.setupOnApplicationOnCreate(mContext)
-//                .connectionCreator(new FileDownloadUrlConnection
-//                        .Creator(new FileDownloadUrlConnection.Configuration()
-//                        .connectTimeout(30_000) // set connection timeout.
-//                        .readTimeout(30_000) // set read timeout.
-//                ))
-//                .commit();
-        /* end 使用默认的URLConnection 减少依赖*/
     }
 
     public static AppUpdateUtils getInstance() {

diff --git a/...utoupdatelibrary/src/main/java/com/cretin/www/cretinautoupdatelibrary/utils/SSLUtils.java b/...utoupdatelibrary/src/main/java/com/cretin/www/cretinautoupdatelibrary/utils/SSLUtils.java
@@ -0,0 +1,62 @@
+package com.cretin.www.cretinautoupdatelibrary.utils;
+
+import android.annotation.SuppressLint;
+
+import java.security.SecureRandom;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
+/**
+ * @date: on 2019-11-04
+ * @author: a112233
+ * @email: [email protected]
+ * @desc: 添加描述
+ */
+public class SSLUtils {
+    @SuppressLint("TrulyRandom")
+    public static SSLSocketFactory createSSLSocketFactory() {
+        SSLSocketFactory sSLSocketFactory = null;
+        try {
+            SSLContext sc = SSLContext.getInstance("TLS");
+            sc.init(null, new TrustManager[]{new TrustAllManager()},
+                    new SecureRandom());
+            sSLSocketFactory = sc.getSocketFactory();
+        } catch (Exception ignored) {
+        }
+        return sSLSocketFactory;
+    }
+
+    public static class TrustAllManager implements X509TrustManager {
+        @SuppressLint("TrustAllX509TrustManager")
+        @Override
+        public void checkClientTrusted(X509Certificate[] chain, String authType)
+                throws CertificateException {
+        }
+
+        @SuppressLint("TrustAllX509TrustManager")
+        @Override
+        public void checkServerTrusted(X509Certificate[] chain, String authType)
+                throws CertificateException {
+        }
+
+        @Override
+        public X509Certificate[] getAcceptedIssuers() {
+            return new X509Certificate[0];
+        }
+    }
+
+    public static class TrustAllHostnameVerifier implements HostnameVerifier {
+        @SuppressLint("BadHostnameVerifier")
+        @Override
+        public boolean verify(String hostname, SSLSession session) {
+            return true;
+        }
+    }
+}