2. 技术
    3. java 回调及验签

    java 回调及验签

    技术2022-07-11  80

    要求:

    1. 将token、timestamp、nonce三个参数进行字典序排序

    2. 将三个参数字符串拼接成一个字符串进行sha1加密

    3. 开发者获得加密后的字符串与signature对比,对比一致即为认证通过,反之为认证不通过。

     

    验签主要代码示例:

    package com.ece.manager.web.HJ; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Arrays; import java.util.Date; public class HJUtil { /** * 校验 * @param token * @param timestamp * @param nonce * @param signature * @return */ public static boolean checkSignature(String token, String timestamp, String nonce, String signature){ String signatureNew = getSignature(token,timestamp,nonce); if(signature.equals(signatureNew)){ return true; } return false; } /** * 加密/校验 * * @param token * @param timestamp * @param nonce * @return */ public static String getSignature(String token, String timestamp, String nonce) { String[] arr = new String[] { token, timestamp, nonce }; // 将token、timestamp、nonce三个参数进行字典序排 Arrays.sort(arr); StringBuilder content = new StringBuilder(); for (int i = 0; i < arr.length; i++) { content.append(arr[i]); } MessageDigest md = null; String tmpStr = null; try { md = MessageDigest.getInstance("SHA-1"); // 将三个参数字符串拼接成一个字符串进行sha1加密 byte[] digest = md.digest(content.toString().getBytes()); tmpStr = byteToStr(digest); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } // 将sha1加密后的字符串可与signature对比,标识该请求来源于微 ? return tmpStr; } /** * 将字节数组转换为十六进制字符 ? * @param byteArray * @return */ private static String byteToStr(byte[] byteArray) { String strDigest = ""; for (int i = 0; i < byteArray.length; i++) { strDigest += byteToHexStr(byteArray[i]); } return strDigest; } /** * 将字节转换为十六进制字符 ? * @param mByte * @return */ private static String byteToHexStr(byte mByte) { char[] Digit = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' }; char[] tempArr = new char[2]; tempArr[0] = Digit[(mByte >>> 4) & 0X0F]; tempArr[1] = Digit[mByte & 0X0F]; String s = new String(tempArr); return s; } }

    回调:

    package com.ece.manager.web.HJ; import java.util.Date; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.ece.manager.web.HJ.body.Header; import com.ece.manager.web.HJ.body.JsonRootBeanHJ; @Controller @RequestMapping("/demo") public class DemoController { /** * https://sxj.easy.echosite.cn/hj/getData * @param beanHJ * @return */ @RequestMapping(value="/getData",method=RequestMethod.POST) @ResponseBody public JSONObject getData(@RequestBody JsonRootBeanHJ beanHJ){ System.out.println("时间:"+new Date()+",参数:"+JSON.toJSONString(beanHJ)); String token = "f7509d22-5a04-4be1-a33a-888888888888"; String name = beanHJ.getCmd().getName(); Header header = beanHJ.getHeader(); String nonce = header.getNonce(); String sid = header.getSid(); String signature = header.getSignature(); String timestamp = header.getTimestamp(); if(nonce==null||nonce.equals("")||signature==null||signature.equals("")||timestamp==null||timestamp.equals("")){ return ReturnMessUtil.error(501, "参数不能为null"); } boolean check = HJUtil.checkSignature(token, timestamp, nonce, signature); if(!check){ return ReturnMessUtil.error(502, "验签不通过"); } if(name.equals("test")){ return ReturnMessUtil.success(); } return ReturnMessUtil.success(); } }

    测试:

    控制台打印:

    时间:Wed Jul 01 17:22:53 CST 2020,参数:{"cmd":{"name":"test"},"header":{"nonce":"cc","sid":"1111","signature":"9515D84593E1E38112F469E6283F155B436411AD","timestamp":"bb"},"params":{"apartmentName":"测试公寓","contactWay":"0745-6666565或19902903871","createTime":"2020-05-08","name":"测试人"}}

     

     

    附其他代码段:

    Cmd

    package com.ece.manager.web.HJ.body; /** * Copyright 2020 bejson.com */ /** * Auto-generated: 2020-06-24 16:6:18 * * @author bejson.com (i@bejson.com) * @website http://www.bejson.com/java2pojo/ */ public class Cmd { private String name; public void setName(String name) { this.name = name; } public String getName() { return name; } }

    Header

    package com.ece.manager.web.HJ.body; /** * Copyright 2020 bejson.com */ /** * Auto-generated: 2020-06-24 16:6:18 * * @author bejson.com (i@bejson.com) * @website http://www.bejson.com/java2pojo/ */ public class Header { private String signature; private String timestamp; private String nonce; private String sid; public void setSignature(String signature) { this.signature = signature; } public String getSignature() { return signature; } public void setTimestamp(String timestamp) { this.timestamp = timestamp; } public String getTimestamp() { return timestamp; } public void setNonce(String nonce) { this.nonce = nonce; } public String getNonce() { return nonce; } public void setSid(String sid) { this.sid = sid; } public String getSid() { return sid; } }

    JsonRootBeanHJ

    package com.ece.manager.web.HJ.body; /** * Copyright 2020 bejson.com */ /** * Auto-generated: 2020-06-24 16:6:18 * * @author bejson.com (i@bejson.com) * @website http://www.bejson.com/java2pojo/ */ public class JsonRootBeanHJ { private Header header; private Cmd cmd; private Params params; public void setHeader(Header header) { this.header = header; } public Header getHeader() { return header; } public void setCmd(Cmd cmd) { this.cmd = cmd; } public Cmd getCmd() { return cmd; } public void setParams(Params params) { this.params = params; } public Params getParams() { return params; } }

    Params

    package com.ece.manager.web.HJ.body; public class Params { private String createTime; private String name; private String contactWay; private String apartmentName; public String getCreateTime() { return createTime; } public void setCreateTime(String createTime) { this.createTime = createTime; } public String getName() { return name; } public void setName(String name) { this.name = name; } public String getContactWay() { return contactWay; } public void setContactWay(String contactWay) { this.contactWay = contactWay; } public String getApartmentName() { return apartmentName; } public void setApartmentName(String apartmentName) { this.apartmentName = apartmentName; } }

    ReturnMessUtil

    package com.ece.manager.web.HJ; import com.alibaba.fastjson.JSONObject; public class ReturnMessUtil { public static JSONObject success(){ return returnMessageXxs(0,"success",null); } public static JSONObject success(String mess){ return returnMessageXxs(0,mess,null); } public static JSONObject success(Object data){ return returnMessageXxs(0,"",data); } public static JSONObject success(String mess,Object data){ return returnMessageXxs(0,mess,data); } public static JSONObject success(int code,String mess,Object data){ return returnMessageXxs(code,mess,data); } public static JSONObject error(){ return returnMessageXxs(-1,"error",null); } public static JSONObject error(String mess){ return returnMessageXxs(-1,mess,null); } public static JSONObject error(int code,String mess){ return returnMessageXxs(code,mess,null); } public static JSONObject error(int code,Object data){ return returnMessageXxs(code,"",data); } public static JSONObject error(int code,String mess,Object data){ return returnMessageXxs(code,mess,data); } public static JSONObject returnMessageXxs(int i,String Message,Object data){ JSONObject jsonObject = new JSONObject(); jsonObject.put("code", i); jsonObject.put("msg", Message); jsonObject.put("data", data); return jsonObject; } }

     

    Processed: 0.012, SQL: 9