请带 ssl 证书的 Dart https 请求 [英] Dart https request with ssl certificate please

问题描述

我有以下 Javascript 代码，当我使用 nodejs 运行它时可以正常工作.但是，我想写一些与 Dart 类似的东西.我浏览了 Dart 文档，找不到任何示例.如果有人能告诉我如何使用 Google Dart 重写以下内容，我将不胜感激.非常感谢！

I have the following Javascript code which works fine when I run it with nodejs. However, I would like to write something similar that works with Dart. I've gone through the Dart documentation and cannot find any examples. I would be very grateful if someone could show me how to rewrite the following using Google Dart please. Many thanks in advance!

var https = require('https');
var fs = require('fs');
var url = require('url');

var uri = "https://identitysso-api.betfair.com:443/api/certlogin";
var data = 'username=xxxxxxxx&password=xxxxxxxx';
var appKey = 'xxxxxxxxxxxxxx'

var options = url.parse(uri);
options.method = 'POST';
options.headers = {
    'Content-Type': 'application/x-www-form-urlencoded',
    'X-Application': appKey
};
options.key = fs.readFileSync('client-2048.key');
options.cert = fs.readFileSync('client-2048.crt');
options.agent = new https.Agent(options);

var req = https.request(options, function(res) {
    console.log("statusCode:", res.statusCode);
    var responseData = "";
    res.on('data', function(d) {
        responseData += d;
    });
    res.on('end', function() {
        var response = JSON.parse(responseData);
        console.log("sessionToken:", response.sessionToken.replace(/d/g, ''));
    });
    res.on('error', function(e) {
        console.error(e);
    });
});

req.end(data);

我有以下几点:-

import 'dart:io';

void main() {
    var uri = "https://identitysso-api.betfair.com:443/api/certlogin";
    var data = 'username=xxxxxxxx&password=xxxxxxxx';
    var appKey = 'xxxxxxxxxxxx';
    var method = 'POST';

    HttpClient client = new HttpClient();
    client.openUrl(method,Uri.parse(uri))
    .then((HttpClientRequest request) {
        request.headers.set(HttpHeaders.CONTENT_TYPE, 'application/x-www-form-urlencoded');
        request.headers.set('X-Application', appKey);
        request.write(data);
        return request.close();
     })
     .then((HttpClientResponse response) {
    // Process the response.
     });
}

但是在文档中找不到任何内容告诉您如何向 HttpClient 或 HttpRequest 添加证书?任何帮助都非常感谢提前感谢.

But can not find anything in the docs where it tells you how to add a certificate to HttpClient or HttpRequest?? Any help gratefully received many thanks in advance.

推荐答案

现在可以在 Dart 中像在 node.js 中一样轻松地在 HTTPS 请求中发送客户端证书，从 1.13.0 版本开始.在发出 HTTPS 请求之前，可以将 PEM 格式的客户端证书和密钥添加到默认的 SecurityContext 对象中.

Sending a client certificate in your HTTPS request can now be done in Dart as easily as in node.js, starting with version 1.13.0. The client certificate and key, in PEM format, can be added to the default SecurityContext object, before you make your HTTPS request.

Dart 现在改用 BoringSSL，它是由 Google 维护的 OpenSSL 的一个分支.BoringSSL 使用以 PEM 格式存储在文件中的 X509 证书(SSL 和 TLS 使用的证书).旧版本的 Dart 使用 NSS，它有自己的证书和密钥数据库，由命令行工具维护.Dart 修改了 SecureSocket 方法的一些参数，增加了一个 SecurityContext 类.

Dart has now switched to using BoringSSL, a fork of OpenSSL maintained by Google. BoringSSL uses X509 certificates (the certificates used by SSL and TLS) stored in files in PEM format. The older versions of Dart used NSS, which had its own database of certificates and keys, that was maintained with command-line tools. Dart has changed some parameters of SecureSocket methods, and added a SecurityContext class.

SecurityContext.defaultContext 是一个对象，其中包含知名证书颁发机构的内置可信根，取自 Mozilla 用于 Firefox 和 NSS 的数据库.所以你的客户端应该使用这个对象，并将客户端证书和私钥添加到它，所以它们将用于向请求它们的服务器进行身份验证:

SecurityContext.defaultContext is an object that contains the built-in trusted roots of well-known certificate authorities, taken from Mozilla's database that they use for Firefox and NSS. So your client should use this object, and add the client certificate and private key to it, so they will be used to authenticate with the server that requests them:

Future postWithClientCertificate() async {
  var context = SecurityContext.defaultContext;
  context.useCertificateChain('client-2048.crt');
  context.usePrivateKey('client-2048.key',
                        password:'keyfile_password');
  HttpClient client = new HttpClient(context: context);

  // The rest of this code comes from your question.
  var uri = "https://identitysso-api.betfair.com:443/api/certlogin";
  var data = 'username=xxxxxxxx&password=xxxxxxxx';
  var appKey = 'xxxxxxxxxxxx';
  var method = 'POST';

  var request = await client.openUrl(method,Uri.parse(uri))
  request.headers.set(HttpHeaders.CONTENT_TYPE,
                      'application/x-www-form-urlencoded');
  request.headers.set('X-Application', appKey);
  request.write(data);
  var response = await request.close();
  // Process the response.
}

SecurityContext.useCertificateChain 和 SecurityContext.usePrivateKey 函数与 SecureServerSocket 用于设置服务器证书和密钥的函数相同，但是当上下文用于客户端连接时，它们指定要发送的客户端证书根据要求.

The functions SecurityContext.useCertificateChain and SecurityContext.usePrivateKey are the same ones that are used to set the server certificate and key, for a SecureServerSocket, but when the context is used for a client connection, they specify the client certificate to be sent upon request.

这篇关于请带 ssl 证书的 Dart https 请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！