验证sign的API 发表于 2018-10-17 | 分类于 java 验证sign的API 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132public class CommonServiceImpl implements CommonService { @Config(name = "token", defaultValue = "", description = "token") private static String token; @Config(name = "key", defaultValue = "", description = "key") private static String key; /** * 一卡通余额查询 */ @SuppressWarnings({ "unchecked", "rawtypes", "null" }) public Object cardInfo() { // 1.验证sign,并获取userID // 1.1 拿到请求体中json HttpServletRequest request = HttpUtils.getRequest(); // 1.2 声明变量 String rawData = null; JSONObject jsonObject = null; String echoStr1 = null; String sign = null; String timestamp = null; String nonce = null; //1.3获取json数据相应字段 try { rawData = Https.getRequestPostStr(request); jsonObject = JSONObject.parseObject(rawData); echoStr1 = (String) jsonObject.get("echoStr"); sign = (String) jsonObject.get("sign"); timestamp = (String) jsonObject.get("timestamp"); nonce = (String) jsonObject.get("nonce"); } catch (IOException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } // 1.4 添加sign验证字段 String compareSign = Md5Utils.getMD5String(token + timestamp + nonce + echoStr1); // 1.5 声明变量 String userId = null; String echoString = null; JSONObject jsonObject1 = null; // 1.6 AES解密请求体的echoStr字段 try { echoString = AESUtil.decrypt(echoStr1, key); System.out.println("echoString============================" + echoString); } catch (InvalidKeyException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } catch (IllegalBlockSizeException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } catch (BadPaddingException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } catch (NoSuchPaddingException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } catch (NoSuchAlgorithmException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } //1.8拿到解密后json数据,并去除空格 echoString = echoString.replaceAll(" ", ""); jsonObject1 = JSONObject.parseObject(echoString); //1.9拿到json数据中userId字段 userId = (String) jsonObject1.get("userId"); // 2.根据userId去查询相应数据 Map<String, Object> result = Maps.newHashMap(); Map<String, Object> tempmap = Maps.newHashMap(); String sql = "SELECT * FROM (SELECT to_char(cardaftbal,'fm99999999999999999990.00') AS cardaftbal FROM usr_datai.t_ykt_pubrecentdtl WHERE stuempno = ? ORDER BY transdate || transtime desc) WHERE rownum = 1 "; //本地测试sql // String sql = "SELECT CARDAFTBAL FROM T_IT_TESTAPI WHERE GH = ?"; //2.1 声明余额和url变量 String YE = null; String url = "http://ecard.sbs.edu.cn/web/ADMIN/"; //2.2 根据userIdsql查询 try { if (userId != null) { System.out.println("userId============================" + userId); List<Map<String, Object>> SSList = DbUtil.query(sql, new Object[] { userId }); System.out.println("SSList============================" + SSList); //如果没有查询到数据,返回YE为0 if (SSList != null) { for (Iterator iterators = SSList.iterator(); iterators.hasNext();) { Map<String, Object> example = (Map<String, Object>) iterators.next();// 获取当前遍历的元素,指定为Example对象 Iterator entries = example.entrySet().iterator(); while (entries.hasNext()) { Map.Entry entry = (Map.Entry) entries.next(); Object key = entry.getKey(); Object value = entry.getValue(); if (key.equals("CARDAFTBAL")) { YE = value.toString(); System.out.println("YE============================" + YE); } } } } else { YE = "0"; } //2.3 如果sign校验成功,就根据规范返回值 if (compareSign.equals(sign)) { // tempmap.put("Balance", YE); // tempmap.put("Url", url); List<Map<String, Object>> tempList = new ArrayList<Map<String, Object>>(); Map<String, Object> tempMap = new HashMap<String, Object>(); Map<String, Object> tempMap1 = new HashMap<String, Object>(); tempMap.put("key", "Balance"); tempMap.put("value ", YE); tempMap1.put("key", "Url"); tempMap1.put("value ", url); tempList.add(tempMap); tempList.add(tempMap1); tempmap.put("keyValues", tempList); JSONObject itemJSONObj = new JSONObject(tempmap); System.out.println("tempmap============================" + itemJSONObj); String StrTempmap = itemJSONObj.toString(); System.out.println("StrTempmap============================" + StrTempmap); String echoStr = AESUtil.encrypt(StrTempmap, key); result.put("status", "success"); result.put("echoStr", echoStr); } else { result.put("status", "false"); } } else { } } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } return result; } 本文地址:https://tonysteven.github.io/2018/10/17/IDS-Api/转载请注明出处,谢谢! 坚持原创技术分享,您的支持将鼓励我继续创作! 打赏 微信支付 支付宝