接口签名规则及Java代码demo实现

2024-10-09 10:02:53 浏览数 (2)

接口签名规则及Java代码demo实现

签名规则 签名生成的通用步骤如下: 第一步,设所有发送或者接收到的数据为集合M,将集合M内非空参数值的参数按照参数名ASCII码从小到大排序(字典序),使用URL键值对的格式(即key1=value1&key2=value2…)拼接成字符串stringA。 特别注意以下重要规则: ◆ 参数名ASCII码从小到大排序(字典序); ◆ 如果参数的值为空不参与签名; ◆ 参数名区分大小写; ◆ 验证接口调用传送的sign参数不参与签名,将生成的签名与该sign值作校验。 第二步,在stringA最后拼接上key得到stringSignTemp字符串,并对stringSignTemp进行MD5运算,再将得到的字符串所有字符转换为大写,得到sign值signValue。 注意:密钥的长度为32个字节。

1.导入jar implementation("commons-beanutils:commons-beanutils:1.9.3")

2.MD5工具类

代码语言:javascript复制
import java.security.MessageDigest;


public class MD5 {
    private final static String[] hexDigits = {"0", "1", "2", "3", "4", "5", "6", "7",
            "8", "9", "a", "b", "c", "d", "e", "f"};

    /**
     * 转换字节数组为16进制字串
     * @param b 字节数组
     * @return 16进制字串
     */
    public static String byteArrayToHexString(byte[] b) {
        StringBuilder resultSb = new StringBuilder();
        for (byte aB : b) {
            resultSb.append(byteToHexString(aB));
        }
        return resultSb.toString();
    }

    /**
     * 转换byte到16进制
     * @param b 要转换的byte
     * @return 16进制格式
     */
    private static String byteToHexString(byte b) {
        int n = b;
        if (n < 0) {
            n = 256   n;
        }
        int d1 = n / 16;
        int d2 = n % 16;
        return hexDigits[d1]   hexDigits[d2];
    }

    /**
     * MD5编码
     * @param origin 原始字符串
     * @return 经过MD5加密之后的结果
     */
    public static String MD5Encode(String origin) {
        String resultString = null;
        try {
            resultString = origin;
            MessageDigest md = MessageDigest.getInstance("MD5");
            resultString = byteArrayToHexString(md.digest(resultString.getBytes()));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return resultString;
    }

}

3.实体类

代码语言:javascript复制
import java.util.List;


public class UploadReqVO {
    //手机号
    private String mobile;
    //姓名
    private String realname;
    //身份证号
    private String idno;
    //字符数组
    private List<String> testBase64Str;
    private String sign;

    public String getMobile() {
        return mobile;
    }

    public void setMobile(String mobile) {
        this.mobile = mobile;
    }

    public String getRealname() {
        return realname;
    }

    public void setRealname(String realname) {
        this.realname = realname;
    }

    public String getIdno() {
        return idno;
    }

    public void setIdno(String idno) {
        this.idno = idno;
    }

    public List<String> getTestBase64Str() {
        return testBase64Str;
    }

    public void setTestBase64Str(List<String> testBase64Str) {
        this.testBase64Str = testBase64Str;
    }

    public String getSign() {
        return sign;
    }

    public void setSign(String sign) {
        this.sign = sign;
    }
}

4.签名类及测试类

代码语言:javascript复制
import com.alibaba.fastjson.JSON;
import org.apache.commons.beanutils.BeanUtils;
import org.apache.tomcat.util.security.MD5Encoder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;
import org.xml.sax.SAXException;

import javax.xml.parsers.ParserConfigurationException;
import java.io.FileWriter;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.*;


public class Signature {
    private static Logger log = LoggerFactory.getLogger(Signature.class);

    /**
     * 对象入参,对象转MAP
     * @param object
     * @return
     * @throws Exception
     */
    public static String getSignNew(Object object,String key) throws Exception {
        Map<String, String> map = BeanUtils.describe(object);
        return getSignNew(map,key);
    }

    public static String getSignNewArray(UploadReqVO object, String key) throws Exception {
        Map<String, String> map = BeanUtils.describe(object);
        //覆盖
        map.put("testBase64Str", JSON.toJSONString(object.getTestBase64Str()).replace(""",""));
        return getSignNew(map,key);
    }



    /**
     * 签名
     * @param map
     * @return
     */
    private static String getSignNew(Map<String,String> map,String key) throws Exception{
        ArrayList<String> list = new ArrayList<String>();
        for(Map.Entry<String,String> entry:map.entrySet()){
            if(entry.getValue() != null && !StringUtils.isEmpty(entry.getValue().toString()) && !"null".equals(entry.getValue())
            && !"class".equals(entry.getKey())){  //空字符串 entry.getValue()!=""){
                list.add(entry.getKey()   "="   entry.getValue()   "&");
            }
        }
        int size = list.size();
        String [] arrayToSort = list.toArray(new String[size]);
//        Arrays.sort(arrayToSort, String.CASE_INSENSITIVE_ORDER);  //忽略大小写
        Arrays.sort(arrayToSort);
        StringBuilder sb = new StringBuilder();
        for(int i = 0; i < size; i   ) {
            sb.append(arrayToSort[i]);
        }
        String result = sb.toString();
        //过滤最后一个字符串&
        int lastIdx = result.lastIndexOf("&");
        result = result.substring(0,lastIdx);
//        result  = "key="   key;   //去掉key= 字符串
        result  =  key;   //key直接拼接在后面

        try{
            log.info("Sign Before MD5:"  result);
            result = MD5.MD5Encode(result);
            log.info("Sign Result:"   result);
        }catch (Exception e) {
            e.printStackTrace();
        }

        return result;
    }



    public static boolean checkIsSignValidFromResyponseStringObject(Object object,String key) throws Exception {
        Map<String, String> map = org.apache.commons.beanutils.BeanUtils.describe(object);
        return checkIsSignValidFromResponseString(map,key);
    }

    public static boolean checkIsSignValidFromResponseStringArray(UploadReqVO object, String key) throws Exception {
        Map<String, String> map = BeanUtils.describe(object);
        //覆盖
        map.put("testBase64Str", JSON.toJSONString(object.getTestBase64Str()).replace(""",""));
        return checkIsSignValidFromResponseString(map,key);
    }


    /**
     * object转换为map  验证签名
     * @param map
     * @return
     * @throws ParserConfigurationException
     * @throws IOException
     * @throws SAXException
     * @throws IllegalAccessException 
     */
    private static boolean checkIsSignValidFromResponseString(Map<String,String> map,String key) throws Exception {
        String signFromAPIResponse = null;
        if(map.get("sign")!=null){
            signFromAPIResponse = map.get("sign").toString();
        }

        if(signFromAPIResponse=="" || signFromAPIResponse == null){
            log.info("signFromAPIResponse报空");
            return false;
        }
        
        //清掉返回数据对象里面的Sign数据(不能把这个数据也加进去进行签名),然后用签名算法进行签名
        map.put("sign","");
        map.put("class","");
        //将API返回的数据根据用签名算法进行计算新的签名,用来跟API返回的签名进行比较
        //重新签名
        log.info("签名前的map=" map);
        String signForAPIResponse = Signature.getSignNew(map,key);
        log.info("签名后的字符串=" signForAPIResponse);
        
        if(!signForAPIResponse.equals(signFromAPIResponse)){
            //签名验不过,表示这个API返回的数据有可能已经被篡改了
            log.info("匹配不一致");
            return false;
        }
        return true;
    }

    
    public static void main(String[] args) {
        String key = "testkey123testkey123testkey12345";

        try {
            UploadReqVO uploadReqVo = new UploadReqVO();

            List<String> pic1List = new ArrayList<String>();
            String pic5 = Base64.getEncoder().encodeToString("测试字符串1".getBytes(StandardCharsets.UTF_8));
            pic1List.add(pic5);
            String pic6 = Base64.getEncoder().encodeToString("测试字符串2".getBytes(StandardCharsets.UTF_8));
            pic1List.add(pic6);
            uploadReqVo.setTestBase64Str(pic1List);

            uploadReqVo.setIdno("465601200810081204");
            uploadReqVo.setRealname("测试员");
            uploadReqVo.setMobile("19945558899");
            uploadReqVo.setSign("");
            //数组方法
            String signStr3 = Signature.getSignNewArray(uploadReqVo,key);
            //非数组方法
//            String signStr3 = Signature.getSignNew(uploadReqVo,key);
            System.out.println("(上传图片)签名字符串:"   signStr3);
            uploadReqVo.setSign(signStr3);
            System.out.println("(上传图片)参数json="   JSON.toJSONString(uploadReqVo));

            //验证签名
            //数组方法
            boolean flag3 = Signature.checkIsSignValidFromResponseStringArray(uploadReqVo,key);
            //非数组方法
//            boolean flag3 = Signature.checkIsSignValidFromResyponseStringObject(uploadReqVo,key);
            System.out.println("(上传图片)验证签名是否一致=" flag3);

        } catch (Exception e) {
            e.printStackTrace();
        }
        
    }
}
代码语言:javascript复制
打印输出日志对比:	
//数组方式
16:56:50.014 [main] INFO com.example.utils.Signature - Sign Before MD5:idno=465601200810081204&mobile=19945558899&realname=测试员&testBase64Str=[5rWL6K V5a2X56ym5LiyMQ==,5rWL6K V5a2X56ym5LiyMg==]testkey123testkey123testkey12345
16:56:50.061 [main] INFO com.example.utils.Signature - Sign Result:61867a7f32594eec1967fcddea8d96c3
(上传图片)签名字符串:61867a7f32594eec1967fcddea8d96c3
(上传图片)参数json={"idno":"465601200810081204","mobile":"19945558899","realname":"测试员","sign":"61867a7f32594eec1967fcddea8d96c3","testBase64Str":["5rWL6K V5a2X56ym5LiyMQ==","5rWL6K V5a2X56ym5LiyMg=="]}

16:56:50.089 [main] INFO com.example.utils.Signature - 签名前的map={testBase64Str=[5rWL6K V5a2X56ym5LiyMQ==,5rWL6K V5a2X56ym5LiyMg==], mobile=19945558899, sign=, class=, idno=465601200810081204, realname=测试员}
16:56:50.089 [main] INFO com.example.utils.Signature - Sign Before MD5:idno=465601200810081204&mobile=19945558899&realname=测试员&testBase64Str=[5rWL6K V5a2X56ym5LiyMQ==,5rWL6K V5a2X56ym5LiyMg==]testkey123testkey123testkey12345
16:56:50.089 [main] INFO com.example.utils.Signature - Sign Result:61867a7f32594eec1967fcddea8d96c3
16:56:50.089 [main] INFO com.example.utils.Signature - 签名后的字符串=61867a7f32594eec1967fcddea8d96c3
(上传图片)验证签名是否一致=true
	

//非数组方法,弊端是:testBase64Str构建签名字符串的时候,默认取数组的第一个字符,而不是[]结构的全部数据。
16:59:15.692 [main] INFO com.example.utils.Signature - Sign Before MD5:idno=465601200810081204&mobile=19945558899&realname=测试员&testBase64Str=5rWL6K V5a2X56ym5LiyMQ==testkey123testkey123testkey12345
16:59:15.697 [main] INFO com.example.utils.Signature - Sign Result:bfc9246143246f1852b4a29732aabcf6
(上传图片)签名字符串:bfc9246143246f1852b4a29732aabcf6
(上传图片)参数json={"idno":"465601200810081204","mobile":"19945558899","realname":"测试员","sign":"bfc9246143246f1852b4a29732aabcf6","testBase64Str":["5rWL6K V5a2X56ym5LiyMQ==","5rWL6K V5a2X56ym5LiyMg=="]}

16:59:15.775 [main] INFO com.example.utils.Signature - 签名前的map={testBase64Str=5rWL6K V5a2X56ym5LiyMQ==, mobile=19945558899, sign=, class=, idno=465601200810081204, realname=测试员}
16:59:15.775 [main] INFO com.example.utils.Signature - Sign Before MD5:idno=465601200810081204&mobile=19945558899&realname=测试员&testBase64Str=5rWL6K V5a2X56ym5LiyMQ==testkey123testkey123testkey12345
16:59:15.775 [main] INFO com.example.utils.Signature - Sign Result:bfc9246143246f1852b4a29732aabcf6
16:59:15.775 [main] INFO com.example.utils.Signature - 签名后的字符串=bfc9246143246f1852b4a29732aabcf6
(上传图片)验证签名是否一致=true

0 人点赞