0.UTF-8字符集
1.把timestamp+"\n"+密鑰當做簽名字符串,
2.使用HmacSHA256算法計算簽名
3.然后進行Base64 encode
4.最后再把簽名參數再進行urlEncode,得到最終的簽名。
| 參數 |
說明 |
| timestamp |
當前時間戳,單位是毫秒,與請求調用時間誤差不能超過1小時 |
| secret |
密鑰,機器人安全設置頁面,加簽一欄下面顯示的SEC開頭的字符串 |
簽名計算代碼示例(Java)
Long timestamp = System.currentTimeMillis();
String stringToSign = timestamp + "\n" + secret;
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(secret.getBytes("UTF-8"), "HmacSHA256"));
byte[] signData = mac.doFinal(stringToSign.getBytes("UTF-8"));
return URLEncoder.encode(new String(Base64.encodeBase64(signData)),"UTF-8");
C#版示例
private static byte[] getHmac(string message, string secret)
{
byte[] keyByte = Encoding.UTF8.GetBytes(secret);
byte[] messageBytes = Encoding.UTF8.GetBytes(message);
using (var hmacsha256 = new HMACSHA256(keyByte))
{
byte[] hashmessage = hmacsha256.ComputeHash(messageBytes);
return hashmessage;
}
}
public static Int64 ToUTC(this DateTime time)
{
var zts = TimeZoneInfo.Local.BaseUtcOffset;
var yc = new DateTime(1970, 1, 1).Add(zts);
return (long)(DateTime.Now - yc).TotalMilliseconds;
}
main.cs
var secret = "123";
var timeStamp = DateTime.Now.ToUTC();
var stringToSign = $"{timeStamp}\n{secret}";
var b64 = getHmac(stringToSign, secret);
var b64Str = Convert.ToBase64String(b64);
var sign = HttpUtility.UrlEncode(b64Str);
url = $"{url}×tamp={timeStamp}&sign={sign}";
ok!