加密傳參流程
每個接口固定參數timestamp,appkey,sign參數必傳!
1. 參數按照參數名ASCII碼從小到大排序(字典序),使用URL鍵值對的格式
(即key1=value1&key2=value2…)
注:時間戳timestamp和appkey參數也參與排序並url拼接
最終拼接得到字符串stringA
2. 在stringA最后拼接上appsecret參數 得到stringSignTemp字符串,並對stringSignTemp進行MD5運算得到32位小寫sign加密字符串
假設一個查詢接口提供2個參數id和name
則
StringA=” appkey=xxx&id=100&name=張三×tamp=1551528809”
stringSignTemp= StringA +”&appsecret=yyy”
sign=MD5(stringSignTemp)
最終Post表單傳參
| 參數名 |
說明 |
是否必選 |
類型 |
備注 |
| id |
|
否 |
int |
|
| name |
|
否 |
string |
|
| timestamp |
時間戳字符串 |
是 |
string |
時間戳字符串”1551528809” |
| appkey |
appkey值 |
是 |
string |
|
| sign |
sign簽名值 |
是 |
string |
|
攔截器代碼
public class ApiInterceptor implements HandlerInterceptor { private static final Logger log = LoggerFactory.getLogger(ApiInterceptor.class); @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { Gson gson = new GsonBuilder().serializeNulls().enableComplexMapKeySerialization().setDateFormat("yyyy-MM-dd HH:mm:ss").create(); Map parameterMap = MapUtil.getParameterMap(request); String requestUrl = request.getServletPath(); log.info(" 請求地址為: " + requestUrl + " 請求參數為: " + gson.toJson(parameterMap)); try { String timestamp = ""; String appkey = ""; String sign = ""; if (parameterMap.containsKey("timestamp")) { timestamp = parameterMap.get("timestamp").toString(); //驗證時間戳 Long timestampL = new Long(timestamp); Calendar timestampCalendar = Calendar.getInstance(); timestampCalendar.setTimeInMillis(timestampL * 1000L); //設置過期時間 timestampCalendar.add(Calendar.MINUTE, 10); Date timestampDate = timestampCalendar.getTime(); Date nowDate = new Date(); if (timestampDate.compareTo(nowDate) < 0) { responseJson(response, gson.toJson(ResponseBean.error(ResponseCodeMsg.FAIL_STATUS, ResponseCodeMsg.TIMESTAMP_EXPIRE_MSG, null))); return false; } } else { responseJson(response, gson.toJson(ResponseBean.error(ResponseCodeMsg.FAIL_STATUS, ResponseCodeMsg.TIMESTAMP_ERROR_MSG, null))); return false; } if (parameterMap.containsKey("appkey")) { appkey = parameterMap.get("appkey").toString(); } else { responseJson(response, gson.toJson(ResponseBean.error(ResponseCodeMsg.FAIL_STATUS, ResponseCodeMsg.APPKEY_ERROR_MSG, null))); return false; } if (parameterMap.containsKey("sign")) { sign = parameterMap.get("sign").toString(); } else { responseJson(response, gson.toJson(ResponseBean.error(ResponseCodeMsg.FAIL_STATUS, ResponseCodeMsg.SIGN_ERROR_MSG, null))); return false; } Map map2 = new HashMap(); map2.putAll(parameterMap); map2.remove("sign"); String urls = MapUtil.formatMapToUrl(map2, false); urls += "&appsecret=" + OakConfig.getApiAppSecret(); String newSign = MD5Util.md5(urls); //log.info("拼接urls參數為:" + urls + " 服務器端簽名sign為:" + newSign); if (!sign.equals(newSign)) { responseJson(response, gson.toJson(ResponseBean.error(ResponseCodeMsg.FAIL_STATUS, ResponseCodeMsg.SIGN_CHECK_ERROR_MSG, null))); return false; } return true; } catch (Exception e) { log.error(e.toString()); responseJson(response, gson.toJson(ResponseBean.error(ResponseCodeMsg.FAIL_STATUS, "請求異常!", null))); return false; } } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { } private void responseJson(HttpServletResponse response, String json) throws Exception { PrintWriter writer = null; response.setCharacterEncoding("UTF-8"); response.setContentType("text/json; charset=utf-8"); try { writer = response.getWriter(); writer.print(json); } catch (IOException e) { log.error(e.toString()); } finally { if (writer != null) writer.close(); } } }