context中加入httpclient shttpclient

mch/pay/pay.go

@@ -0,0 +1,10 @@
+package pay
+
+import (
+	"github.com/yaotian/gowechat/server/context"
+)
+
+//Pay pay
+type Pay struct {
+	*context.Context
+}

server/context/context.go

@@ -24,6 +24,9 @@ type Context struct {
 
 	//jsAPITicket 读写锁 同一个AppID一个
 	jsAPITicketLock *sync.RWMutex
+
+	HTTPClient  *http.Client
+	SHTTPClient *http.Client //SSL client
 }
 
 // Query returns the keyed url query value if it exists

util/http.go

@@ -2,13 +2,16 @@ package util
 
 import (
 	"bytes"
+	"crypto/tls"
 	"encoding/json"
 	"fmt"
 	"io"
 	"io/ioutil"
 	"mime/multipart"
+	"net"
 	"net/http"
 	"os"
+	"time"
 )
 
 //HTTPGet get 请求
@@ -120,3 +123,53 @@ func PostMultipartForm(fields []MultipartFormField, uri string) (respBody []byte
 	respBody, err = ioutil.ReadAll(resp.Body)
 	return
 }
+
+//NewTLSHttpClientFromContent  创建支持双向证书认证的 http.Client, certContent keyContent为证书或key的内容
+func NewTLSHttpClientFromContent(certContent, keyContent string) (httpClient *http.Client, err error) {
+	cert, err := tls.X509KeyPair([]byte(certContent), []byte(keyContent))
+	if err != nil {
+		return
+	}
+	tlsConfig := &tls.Config{
+		Certificates: []tls.Certificate{cert},
+	}
+
+	httpClient = &http.Client{
+		Transport: &http.Transport{
+			Proxy: http.ProxyFromEnvironment,
+			Dial: (&net.Dialer{
+				Timeout:   30 * time.Second,
+				KeepAlive: 30 * time.Second,
+			}).Dial,
+			TLSHandshakeTimeout: 10 * time.Second,
+			TLSClientConfig:     tlsConfig,
+		},
+		Timeout: 60 * time.Second,
+	}
+	return
+}
+
+// NewTLSHttpClient 创建支持双向证书认证的 http.Client
+func NewTLSHttpClient(certFile, keyFile string) (httpClient *http.Client, err error) {
+	cert, err := tls.LoadX509KeyPair(certFile, keyFile)
+	if err != nil {
+		return
+	}
+	tlsConfig := &tls.Config{
+		Certificates: []tls.Certificate{cert},
+	}
+
+	httpClient = &http.Client{
+		Transport: &http.Transport{
+			Proxy: http.ProxyFromEnvironment,
+			Dial: (&net.Dialer{
+				Timeout:   30 * time.Second,
+				KeepAlive: 30 * time.Second,
+			}).Dial,
+			TLSHandshakeTimeout: 10 * time.Second,
+			TLSClientConfig:     tlsConfig,
+		},
+		Timeout: 60 * time.Second,
+	}
+	return
+}

wechat.go

@@ -13,6 +13,7 @@ import (
 	"github.com/yaotian/gowechat/server"
 	"github.com/yaotian/gowechat/server/context"
 	"github.com/yaotian/gowechat/server/oauth"
+	"github.com/yaotian/gowechat/util"
 )
 
 // Wechat struct
@@ -27,26 +28,46 @@ type Config struct {
 	Token          string
 	EncodingAESKey string
 	Cache          cache.Cache
+
+	//证书
+	SslCertFilePath string //证书文件的路径
+	SslKeyFilePath  string
+	SslCertContent  string //证书的内容
+	SslKeyContent   string
 }
 
 // NewWechat init
 func NewWechat(cfg *Config) *Wechat {
 	context := new(context.Context)
-	copyConfigToContext(cfg, context)
-	if cfg.Cache == nil {
-		cfg.Cache, _ = cache.NewCache("memory", `{"interval":60}`)
-	}
+	initContext(cfg, context)
 	return &Wechat{context}
 }
 
-func copyConfigToContext(cfg *Config, context *context.Context) {
+func initContext(cfg *Config, context *context.Context) {
 	context.AppID = cfg.AppID
 	context.AppSecret = cfg.AppSecret
 	context.Token = cfg.Token
 	context.EncodingAESKey = cfg.EncodingAESKey
-	context.Cache = cfg.Cache
+
+	if cfg.Cache == nil {
+		cfg.Cache, _ = cache.NewCache("memory", `{"interval":60}`)
+	}
+
 	context.SetAccessTokenLock(new(sync.RWMutex))
 	context.SetJsAPITicketLock(new(sync.RWMutex))
+
+	//create http client
+	if cfg.SslCertFilePath != "" && cfg.SslKeyFilePath != "" {
+		if client, err := util.NewTLSHttpClient(cfg.SslCertFilePath, cfg.SslKeyFilePath); err == nil {
+			context.SHTTPClient = client
+		}
+	}
+
+	if cfg.SslCertContent != "" && cfg.SslKeyContent != "" {
+		if client, err := util.NewTLSHttpClientFromContent(cfg.SslCertContent, cfg.SslKeyContent); err == nil {
+			context.SHTTPClient = client
+		}
+	}
 }
 
 // GetServer 消息管理