具体逻辑参考《java/springboot服务第三方接口安全签名(Signature)实现方案》,这边只是做了更细化的代码实现,另外也没有完全贴出所有代码。
封装SDK的pom文件
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>xiaweiyi-sample-parent</artifactId>
<groupId>com.xxx</groupId>
<version>1.0.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<groupId>com.xxx</groupId>
<artifactId>xiaweiyi-xxxx-sdk</artifactId>
<version>1.0.0</version>
<name>xiaweiyi-xxxx-sdk</name>
<packaging>jar</packaging>
<properties>
<maven.compiler.source>8</maven.compiler.source>
<maven.compiler.target>8</maven.compiler.target>
<fastjson.version>1.2.74</fastjson.version>
<httpcomponents.version>4.5.14</httpcomponents.version>
</properties>
<dependencies>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>${httpcomponents.version}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>
<version>${httpcomponents.version}</version>
</dependency>
<!--常用工具类 -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
</dependency>
<!--io常用工具类 -->
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.5</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>${fastjson.version}</version>
</dependency>
<!-- 工具类 -->
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>${java.version}</source>
<target>${java.version}</target>
<encoding>${project.build.sourceEncoding}</encoding>
</configuration>
</plugin>
</plugins>
</build>
</project>
封装的接口调用类
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpResponse;
public class MyHttpUtil {
private static final String SUCC_PRE = "2";
private static final String REDIRECT_PRE = "3";
public MyHttpUtil() {
}
public static String doGetMy(MyConfig myConfig, Map<String, String> path, Map<String, String> querys, String accept, String contentType, Map<String, String> header) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/text;charset=UTF-8");
}
if (header != null) {
headers.putAll(header);
}
Request request = new Request(Method.GET, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
Response response = Client.execute(request);
return response.getBody();
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static String doGetMy(MyConfig myConfig, Map<String, String> path, Map<String, String> querys, String accept, String contentType) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/text;charset=UTF-8");
}
Request request = new Request(Method.GET, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
Response response = Client.execute(request);
return response.getBody();
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static HttpResponse doGetResponse(MyConfig myConfig, Map<String, String> path, Map<String, String> querys, String accept, String contentType, Map<String, String> header) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
HttpResponse httpResponse = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/text;charset=UTF-8");
}
if (header != null) {
headers.putAll(header);
}
Request request = new Request(Method.GET_RESPONSE, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
Response response = Client.execute(request);
return response.getResponse();
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static String doPostFormMy(MyConfig myConfig, Map<String, String> path, Map<String, String> paramMap, Map<String, String> querys, String accept, String contentType, Map<String, String> header) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8");
}
if (header != null) {
headers.putAll(header);
}
Request request = new Request(Method.POST_FORM, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
request.setBodys(paramMap);
Response response = Client.execute(request);
return getResponseResult(response);
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static String doPostFormMy(MyConfig myConfig, Map<String, String> path, Map<String, Object> paramMap, Map<String, String> querys, String accept, String contentType) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8");
}
Request request = new Request(Method.POST_FORM, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
request.setBodys(paramMap);
Response response = Client.execute(request);
return getResponseResult(response);
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static HttpResponse doPostFormImgMy(MyConfig myConfig, Map<String, String> path, Map<String, String> paramMap, Map<String, String> querys, String accept, String contentType, Map<String, String> header) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
HttpResponse response = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8");
}
if (header != null) {
headers.putAll(header);
}
Request request = new Request(Method.POST_FORM_RESPONSE, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
request.setBodys(paramMap);
Response response1 = Client.execute(request);
return response1.getResponse();
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static String doPostStringMy(MyConfig myConfig, Map<String, String> path, String body, Map<String, String> querys, String accept, String contentType, Map<String, String> header) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/text;charset=UTF-8");
}
if (header != null) {
headers.putAll(header);
}
Request request = new Request(Method.POST_STRING, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
request.setStringBody(body);
Response response = Client.execute(request);
return getResponseResult(response);
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static String doPostStringMy(MyConfig myConfig, Map<String, String> path, String body, Map<String, String> querys, String accept, String contentType) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/text;charset=UTF-8");
}
Request request = new Request(Method.POST_STRING, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
request.setStringBody(body);
Response response = Client.execute(request);
return getResponseResult(response);
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static HttpResponse doPostStringImgMy(MyConfig myConfig, Map<String, String> path, String body, Map<String, String> querys, String accept, String contentType, Map<String, String> header) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
HttpResponse responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/text;charset=UTF-8");
}
if (header != null) {
headers.putAll(header);
}
Request request = new Request(Method.POST_STRING_RESPONSE, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
request.setStringBody(body);
Response response = Client.execute(request);
return response.getResponse();
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static String doPostBytesMy(MyConfig myConfig, Map<String, String> path, byte[] bytesBody, Map<String, String> querys, String accept, String contentType, Map<String, String> header) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (bytesBody != null) {
headers.put("Content-MD5", MessageDigestUtil.base64AndMD5(bytesBody));
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/text;charset=UTF-8");
}
if (header != null) {
headers.putAll(header);
}
Request request = new Request(Method.POST_BYTES, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
request.setBytesBody(bytesBody);
Response response = Client.execute(request);
return getResponseResult(response);
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static String doPostBytesMy(MyConfig myConfig, Map<String, String> path, byte[] bytesBody, Map<String, String> querys, String accept, String contentType) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (bytesBody != null) {
headers.put("Content-MD5", MessageDigestUtil.base64AndMD5(bytesBody));
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/text;charset=UTF-8");
}
Request request = new Request(Method.POST_BYTES, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
request.setBytesBody(bytesBody);
Response response = Client.execute(request);
return getResponseResult(response);
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static String doPostFileFormMy(MyConfig myConfig, Map<String, String> path, Map<String, Object> paramMap, Map<String, String> querys, String accept, String contentType) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "multipart/form-data;charset=UTF-8");
}
Request request = new Request(Method.POST_FILE, httpSchema + myConfig.getHost(), (String)path.get(httpSchema), myConfig.getAppKey(), myConfig.getAppSecret(), Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
request.setBodys(paramMap);
Response response = Client.execute(request);
return getResponseResult(response);
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static String doPutStringMy(MyConfig myConfig, Map<String, String> path, String body, String accept, String contentType) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(body)) {
headers.put("Content-MD5", MessageDigestUtil.base64AndMD5(body));
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/text;charset=UTF-8");
}
Request request = new Request(Method.PUT_STRING, httpSchema + myConfig.host, (String)path.get(httpSchema), myConfig.appKey, myConfig.appSecret, Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setStringBody(body);
Response response = Client.execute(request);
return getResponseResult(response);
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static String doPutBytesMy(MyConfig myConfig, Map<String, String> path, byte[] bytesBody, String accept, String contentType) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (bytesBody != null) {
headers.put("Content-MD5", MessageDigestUtil.base64AndMD5(bytesBody));
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
} else {
headers.put("Content-Type", "application/text;charset=UTF-8");
}
Request request = new Request(Method.PUT_BYTES, httpSchema + myConfig.host, (String)path.get(httpSchema), myConfig.appKey, myConfig.appSecret, Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setBytesBody(bytesBody);
Response response = Client.execute(request);
return getResponseResult(response);
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
public static String doDeleteMy(MyConfig myConfig, Map<String, String> path, Map<String, String> querys, String accept, String contentType) throws Exception {
String httpSchema = (String)path.keySet().toArray()[0];
if (httpSchema != null && !StringUtils.isEmpty(httpSchema)) {
String responseStr = null;
Map<String, String> headers = new HashMap();
if (StringUtils.isNotBlank(accept)) {
headers.put("Accept", accept);
} else {
headers.put("Accept", "*/*");
}
if (StringUtils.isNotBlank(contentType)) {
headers.put("Content-Type", contentType);
}
Request request = new Request(Method.DELETE, httpSchema + myConfig.host, (String)path.get(httpSchema), myConfig.appKey, myConfig.appSecret, Constants.DEFAULT_TIMEOUT);
request.setHeaders(headers);
request.setQuerys(querys);
Response response = Client.execute(request);
return getResponseResult(response);
} else {
throw new RuntimeException("http和https参数错误httpSchema: " + httpSchema);
}
}
private static String getResponseResult(Response response) {
String responseStr = null;
int statusCode = response.getStatusCode();
if (!String.valueOf(statusCode).startsWith("2") && !String.valueOf(statusCode).startsWith("3")) {
String msg = response.getErrorMessage();
responseStr = response.getBody();
} else {
responseStr = response.getBody();
}
return responseStr;
}
}
数据加密类
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import java.util.Map.Entry;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class SignUtil {
private static final Logger Logger = LoggerFactory.getLogger(StringUtils.class);
public SignUtil() {
}
public static String sign(String secret, String method, String path, Map<String, String> headers, Map<String, String> querys, Map<String, String> bodys, List<String> signHeaderPrefixList) {
try {
Mac hmacSha256 = Mac.getInstance("HmacSHA256");
byte[] keyBytes = secret.getBytes("UTF-8");
hmacSha256.init(new SecretKeySpec(keyBytes, 0, keyBytes.length, "HmacSHA256"));
String stringToSign = buildStringToSign(method, path, headers, querys, bodys, signHeaderPrefixList);
if (Logger.isDebugEnabled()) {
Logger.debug("StringToSign:\n{}", stringToSign);
}
return new String(Base64.encodeBase64(hmacSha256.doFinal(stringToSign.getBytes("UTF-8"))), "UTF-8");
} catch (Exception var10) {
throw new RuntimeException(var10);
}
}
private static String buildStringToSign(String method, String path, Map<String, String> headers, Map<String, String> querys, Map<String, String> bodys, List<String> signHeaderPrefixList) {
StringBuilder sb = new StringBuilder();
sb.append(method.toUpperCase()).append("\n");
if (null != headers) {
if (null != headers.get("Accept")) {
sb.append((String)headers.get("Accept"));
sb.append("\n");
}
if (null != headers.get("Content-MD5")) {
sb.append((String)headers.get("Content-MD5"));
sb.append("\n");
}
if (null != headers.get("Content-Type")) {
String contentType = (String)headers.get("Content-Type");
if (contentType.contains("boundary")) {
String[] strings = contentType.split(";");
String[] var9 = strings;
int var10 = strings.length;
for(int var11 = 0; var11 < var10; ++var11) {
String string = var9[var11];
if (!string.contains("boundary")) {
sb.append(string);
sb.append(";");
}
}
sb.deleteCharAt(sb.toString().length() - 1);
} else {
sb.append(contentType);
}
sb.append("\n");
}
if (null != headers.get("Date")) {
sb.append((String)headers.get("Date"));
sb.append("\n");
}
}
sb.append(buildHeaders(headers, signHeaderPrefixList));
sb.append(buildResource(path, querys, bodys));
return sb.toString();
}
private static String buildResource(String path, Map<String, String> querys, Map<String, String> bodys) {
StringBuilder sb = new StringBuilder();
if (!StringUtils.isBlank(path)) {
sb.append(path);
}
Map<String, String> sortMap = new TreeMap();
Iterator var5;
Entry body;
if (null != querys) {
var5 = querys.entrySet().iterator();
while(var5.hasNext()) {
body = (Entry)var5.next();
if (!StringUtils.isBlank((CharSequence)body.getKey())) {
sortMap.put(String.valueOf(body.getKey()), String.valueOf(body.getValue()));
}
}
}
if (null != bodys) {
var5 = bodys.entrySet().iterator();
while(var5.hasNext()) {
body = (Entry)var5.next();
if (!StringUtils.isBlank((CharSequence)body.getKey())) {
sortMap.put(String.valueOf(body.getKey()), String.valueOf(body.getValue()));
}
}
}
StringBuilder sbParam = new StringBuilder();
Iterator var9 = sortMap.entrySet().iterator();
while(var9.hasNext()) {
Entry<String, String> item = (Entry)var9.next();
if (!StringUtils.isBlank((CharSequence)item.getKey())) {
if (0 < sbParam.length()) {
sbParam.append("&");
}
sbParam.append((String)item.getKey());
if (!StringUtils.isBlank((CharSequence)item.getValue())) {
sbParam.append("=").append((String)item.getValue());
}
}
}
if (0 < sbParam.length()) {
sb.append("?");
sb.append(sbParam);
}
return sb.toString();
}
private static String buildHeaders(Map<String, String> headers, List<String> signHeaderPrefixList) {
StringBuilder sb = new StringBuilder();
if (null != signHeaderPrefixList) {
signHeaderPrefixList.remove("x-xwy-signature");
signHeaderPrefixList.remove("Accept");
signHeaderPrefixList.remove("Content-MD5");
signHeaderPrefixList.remove("Content-Type");
signHeaderPrefixList.remove("Date");
Collections.sort(signHeaderPrefixList);
}
if (null != headers) {
Map<String, String> sortMap = new TreeMap();
sortMap.putAll(headers);
StringBuilder signHeadersStringBuilder = new StringBuilder();
Iterator var5 = sortMap.entrySet().iterator();
while(var5.hasNext()) {
Entry<String, String> header = (Entry)var5.next();
if (isHeaderToSign((String)header.getKey(), signHeaderPrefixList)) {
sb.append((String)header.getKey());
sb.append(":");
if (!StringUtils.isBlank((CharSequence)header.getValue())) {
sb.append((String)header.getValue());
}
sb.append("\n");
if (0 < signHeadersStringBuilder.length()) {
signHeadersStringBuilder.append(",");
}
signHeadersStringBuilder.append((String)header.getKey());
}
}
headers.put("x-xwy-signature-headers", signHeadersStringBuilder.toString());
}
return sb.toString();
}
private static boolean isHeaderToSign(String headerName, List<String> signHeaderPrefixList) {
if (StringUtils.isBlank(headerName)) {
return false;
} else if (headerName.startsWith("x-xwy-")) {
return true;
} else {
if (null != signHeaderPrefixList) {
Iterator var2 = signHeaderPrefixList.iterator();
while(var2.hasNext()) {
String signHeaderPrefix = (String)var2.next();
if (headerName.equalsIgnoreCase(signHeaderPrefix)) {
return true;
}
}
}
return false;
}
}
}
Server端的拦截器
import cn.hutool.http.HttpStatus;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
/**
* 拦截给第三方应用提供的接口,校验数据安全性、身份合法性等
*/
@Slf4j
public class ThirdApplicationInterceptor extends HandlerInterceptorAdapter {
Cache<String, String> cache = CacheBuilder.newBuilder()
.maximumSize(100)
.expireAfterWrite(1, TimeUnit.MINUTES)
.build();
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
log.info("-------->进入ThirdApplicationInterceptor拦截器");
String method = request.getMethod();
String path = request.getServletPath();// /test/sync
String platId = request.getParameter("platId");
Map<String, String> querys = new HashMap<>();
querys.put("platId", platId);
String reqUrl = request.getRequestURL().toString(); // http://localhost:8000/xiaweiyi/test/sync
String requestURI = request.getRequestURI(); // /xiaweiyi/test/sync
String contextPath = request.getContextPath(); // /xiaweiyi
log.info("-------->获取到method:{},path:{},platId:{},pathInfo:{},queryString:{},reqUrl:{},requestURI:{},contextPath:{}",
method, path, platId, 1, 1, reqUrl, requestURI, contextPath);
String signature = request.getHeader("x-xwy-signature");
String timestamp = request.getHeader("x-xwy-timestamp");
String key = request.getHeader("x-xwy-key");
String nonce = request.getHeader("x-xwy-nonce");
String accept = request.getHeader("Accept");
String cm5 = request.getHeader("Content-MD5");
String contentType = request.getHeader("Content-Type");
// 根据appkey校验应用,查询appSec
// 根据timestamp校验超时
// 根据signature验签,防数据篡改
// 根据nonce,防重放和日志查询
ApplicationInfoMapper applicationInfoMapper = SpringUtils.getBean(ApplicationInfoMapper.class);
String appKey = key;
ApplicationInfo applicationInfo = applicationInfoMapper.selectOne(new QueryWrapper<ApplicationInfo>().lambda().eq(ApplicationInfo::getAppKey, appKey));
if (applicationInfo == null) {
response.setStatus(HttpStatus.HTTP_UNAUTHORIZED);
WebUtils.renderJson(response, R.builder().code(com.xxx.test.sample.comn.exception.ResultCode.IN_VALID_REQUEST.getCode()).msg(com.xxx.test.sample.comn.exception.ResultCode.IN_VALID_REQUEST.getDesc()).build());
log.info("-------->appKey的应用不存在-------");
}
String appSecret = applicationInfo.getAppSecret();
Map headers = new HashMap();
headers.put("x-xwy-timestamp", timestamp);
headers.put("x-xwy-nonce", nonce);
headers.put("x-xwy-key", appKey);
headers.put("Accept", accept);
headers.put("Content-MD5", cm5);
headers.put("Content-Type", contentType);
String sign = SignUtil.sign(appSecret, method, requestURI, headers, querys, querys, null);
if (!sign.equals(signature)) {
response.setStatus(HttpStatus.HTTP_UNAUTHORIZED);
WebUtils.renderJson(response, R.builder().code(com.xxx.test.sample.comn.exception.ResultCode.IN_VALID_REQUEST.getCode()).msg(com.xxx.test.sample.comn.exception.ResultCode.IN_VALID_REQUEST.getDesc()).build());
log.info("-------->验签不通过-------");
}
long t = System.currentTimeMillis() - Long.valueOf(timestamp);
boolean b = TimeUnit.MILLISECONDS.toMinutes(t) > 1;
if (b) {
response.setStatus(HttpStatus.HTTP_UNAUTHORIZED);
WebUtils.renderJson(response, R.builder().code(com.xxx.test.sample.comn.exception.ResultCode.IN_VALID_REQUEST.getCode()).msg(com.xxx.test.sample.comn.exception.ResultCode.IN_VALID_REQUEST.getDesc()).build());
log.info("-------->请求超时-------");
}
String c = cache.getIfPresent(nonce);
if (StringUtils.isNotBlank(c)) {
response.setStatus(HttpStatus.HTTP_UNAUTHORIZED);
WebUtils.renderJson(response, R.builder().code(com.xxx.test.sample.comn.exception.ResultCode.IN_VALID_REQUEST.getCode()).msg(com.xxx.test.sample.comn.exception.ResultCode.IN_VALID_REQUEST.getDesc()).build());
log.info("-------->请勿重复请求-------");
}
cache.put(nonce, "1");
return Boolean.TRUE;
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
Server端提供的接口
@RestController
@RequestMapping("/test")
@Api(value = "第三方调用的接口", tags = "第三方调用的接口")
@Slf4j
public class ThirdPartController {
@PostMapping("/sync")
@ApiOperation(value = "同步信息")
public ResponseResult sync(@ApiParam("应用id") @RequestParam String platId) throws Exception{
List<TreeDTO> dtos = service.sync(platId);
return ResponseResult.success(dtos);
}
}
调用SDK接口测试
import cn.hutool.json.JSONUtil;
import com.alibaba.fastjson.JSONObject;
import com.google.common.base.Throwables;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import java.util.HashMap;
import java.util.Map;
/**
* @Author: 夏威夷8080
* @Date: 2023/8/3 10:00
*/
@Slf4j
public class ThirdMock {
XwyTieasyProperties vcpVideoProperties = new XwyTieasyProperties();
public static void main(String[] args) {
ThirdMock thirdMock = new ThirdMock();
JSONObject jsonObject = new JSONObject();
jsonObject.put("url", "/test/sync");
JSONObject result = thirdMock.mockSync(jsonObject);
log.info("result:{}", result.toString());
}
public JSONObject mockSync(JSONObject jsonObject) {
MyConfig myConfig = new MyConfig();
myConfig.setHost(vcpVideoProperties.getUrl()); //平台(nginx)IP 和端口
myConfig.setAppKey(vcpVideoProperties.getAppkey()); //合作方 key
myConfig.setAppSecret(vcpVideoProperties.getAppSecret());//合作方 Secret
Map<String, String> querys = new HashMap<>();
querys.put("platId", "11111111111111");
// querys.put("type", "2");
JSONObject result = null;
try {
String body = jsonObject.toString();
log.info("请求的body:{}",body);
String apiPath = (String) jsonObject.get("url");
log.info("请求的apiPath:{}",apiPath);
String resultStr = MyHttpUtil.doPostStringMy(myConfig, buildXwyTieasyPara(apiPath), body, querys,
"*/*","application/json");
log.info("获取原始返回报文---"+resultStr);
log.info("报文格式后的数据"+ JSONUtil.parse(resultStr).toStringPretty());
result = JSONObject.parseObject(resultStr);
//R result = JSONUtil.toBean(resultStr,new TypeReference<R>(){},true);
return result;
}catch (Exception e){
log.error("请求平台报错,错误信息:{}", Throwables.getStackTraceAsString(e));
}
R<String> r = new R<>("200","访问异常!");
result = (JSONObject)JSONObject.toJSON(r);
return result;
}
public Map<String, String> buildXwyTieasyPara(String apiPath){
final String getSecurityApi = vcpVideoProperties.getMyPath() + apiPath; // 接口路径
Map<String, String> path = new HashMap<String, String>(2) {
{
put("http://", getSecurityApi); // 要是https就换成https
}
};
return path;
}
}
标签:Map,加密,String,request,解密,headers,httpSchema,put,SDK From: https://www.cnblogs.com/shamo89/p/17606560.html