Sign生成规则

签名规则

  1. header参数按照Accesstoken、Appid、Keyid、Nonce、Time字段顺序进行排序,并使用&符号拼接,拼接格式为Accesstoken=xxx&Appid=xxx&Keyid=xxx&Nonce=xxx&Time=xxx
  2. 对第一步产生的字符串末尾拼接AppKey;
  3. 对第二步产生的字符串,全部小写处理;
  4. 对第三步产生的字符串MD5 32位加密后,生成的数即为Sign的值。

注:部分接口请求header不需要Accesstoken参数,这种情况Accesstoken不参与生成签名。

  • 示例:
-------------------------------------- 第一步:拼接header参数 --------------------------------------
Accesstoken=532cad73c5493193d63d367016b98b27&Appid=4e693d54d75db580a56d1263&Keyid=k.78784564654feda454557&Nonce=C6wuzd0Qguxzelhb&Time=1618914078668

-------------------------------------- 第二步:拼接appKey参数 --------------------------------------
Accesstoken=532cad73c5493193d63d367016b98b27&Appid=4e693d54d75db580a56d1263&Keyid=k.78784564654feda454557&Nonce=C6wuzd0Qguxzelhb&Time=1618914078668gU7Qtxi4dWnYAdmudyxni52bWZ58b8uN

-------------------------------------- 第三步:字符串小写 ------------------------------------------
accesstoken=532cad73c5493193d63d367016b98b27&appid=4e693d54d75db580a56d1263&keyid=k.78784564654feda454557&nonce=c6wuzd0qguxzelhb&time=1618914078668gu7qtxi4dwnyadmudyxni52bwz58b8un

-------------------------------------- 第三步:MD5 32位加密 ----------------------------------------
314a6f6fd46264e6ec872e21f88361c3
  • 生成签名 Java demo
import org.apache.commons.lang3.StringUtils;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

/**
 * @author hww
 * @date 2021/5/24
 */
public class CreateSign {

    public static void main(String[] args) {
        String accessToken = "532cad73c5493193d63d367016b98b27";
        String appId = "4e693d54d75db580a56d1263";
        String keyId = "78784564654feda454557";
        String nonce = "C6wuzd0Qguxzelhb";
        String time = "1618914078668";
        String appKey = "gU7Qtxi4dWnYAdmudyxni52bWZ58b8uN";

        String sign = createSign(accessToken, appId, keyId, nonce, time, appKey);
        System.out.println(sign);
    }

    public static String createSign(String accessToken, String appId, String keyId, String nonce, String time, String appKey) {
        // 严格按照Accesstoken、Appid、Keyid、Nonce、Time
        // 顺序拼接为一个string串使用MD5生成签名值,将生成的签名值放在RequestHeader的Sign中;
        StringBuilder sb = new StringBuilder();
        if(StringUtils.isNotBlank(accessToken)){
            sb.append("Accesstoken=").append(accessToken).append("&");
        }
        sb.append("Appid=").append(appId);
        sb.append("&").append("Keyid=").append(keyId);
        sb.append("&").append("Nonce=").append(nonce);
        sb.append("&").append("Time=").append(time).append(appKey);

        String signStr = sb.toString().toLowerCase();
        try {
            return MD5_32(signStr);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }

    private static String MD5_32(String sourceStr) throws Exception {
        String result = "";

        try {
            byte[] b = md5(sourceStr.getBytes("UTF-8"));
            StringBuffer buf = new StringBuffer("");

            for(int offset = 0; offset < b.length; ++offset) {
                int i = b[offset];
                if (i < 0) {
                    i += 256;
                }

                if (i < 16) {
                    buf.append("0");
                }

                buf.append(Integer.toHexString(i));
            }

            result = buf.toString();
        } catch (NoSuchAlgorithmException var6) {
            var6.printStackTrace();
        }

        return result;
    }

    private static byte[] md5(byte[] bytes) throws Exception {
        MessageDigest md = MessageDigest.getInstance("MD5");
        md.update(bytes);
        return md.digest();
    }
}

Postman自动生成签名方法

1、设置全局变量,将Appid、Accesstoken、Keyid、AppKey、Time、Nonce、Sign创建配置好,其中Time、Nonce、Sign的value随便填(后面脚本会更新);

postman

2、在请求界面的pre-request script中填写以下脚本;

postman

var Appid = pm.globals.get("Appid");
var Accesstoken = pm.globals.get("Accesstoken");
var Keyid = pm.globals.get("Keyid");
var AppKey = pm.globals.get("AppKey");
var Time = Math.round(new Date().getTime());
var Nonce = Math.round(new Date().getTime());

var preSign = "";
if (Accesstoken != null && Accesstoken != "" && Accesstoken != undefined) {
    preSign = "Accesstoken=" + Accesstoken + "&";
}
preSign = preSign + "Appid=" + Appid + "&" + "Keyid=" + Keyid + "&" + "Nonce=" + Nonce + "&" + "Time=" + Time + AppKey;
var Sign= CryptoJS.MD5(preSign.toLowerCase()).toString();

postman.setGlobalVariable("Sign", Sign);
postman.setGlobalVariable("Time", Time);
postman.setGlobalVariable("Nonce", Nonce);

3、请求header使用全局变量;

postman以上,除了accessToken过期后需要在全局变量中更新,其他变量配置无需变更。

Copyright © 2023 深圳绿米联创科技有限公司 all right reserved,powered by Gitbook文档修改时间: 2024-09-27 21:51:47

results matching ""

    No results matching ""