package cn.mb.cloud.gateway.auth;
|
|
import org.springframework.http.server.reactive.ServerHttpRequest;
|
import org.springframework.util.MultiValueMap;
|
|
import javax.servlet.http.HttpServletRequest;
|
import java.util.*;
|
|
/**
|
*
|
* 接口鉴权工具类
|
*
|
* @author gwx 2017-12-23
|
*
|
*/
|
public class AuthenticationKit {
|
public static final String utf8="UTF-8";
|
|
/**
|
* 返回64 位 token
|
*
|
* @param key 自定义安全字符
|
* @return
|
* @throws Exception
|
*/
|
public static String getToken(String key) throws Exception {
|
// 随机生成 32位字符
|
String salt = HashKit.generateSaltForSha256();
|
// 获取当前时间
|
long cur = System.currentTimeMillis();
|
// 生成64位token
|
String access_token = getToken256(key, salt, cur);
|
return access_token;
|
}
|
|
/**
|
* 返回64 位 token
|
*
|
* @param key
|
* @return
|
* @throws Exception
|
*/
|
public static String getToken256(String key, String salt, long cur) throws Exception {
|
// 生成64位token
|
String access_token = HashKit.sha256(salt + cur + key);
|
return access_token;
|
}
|
|
/**
|
* 返回到秒
|
*
|
* @return
|
*/
|
public static String createTimestamp() {
|
long l = System.currentTimeMillis();
|
return Long.toString(l / 1000);
|
}
|
|
/**
|
* 返回noce 不带 短杠"-"
|
*
|
* @return
|
*/
|
public static String createNonceStr() {
|
return getUUID();
|
}
|
|
public static String getUUID() {
|
UUID uuid = UUID.randomUUID();
|
String str = uuid.toString();
|
str = str.replaceAll("-", "");
|
return str;
|
}
|
|
/**
|
* 组装路径
|
*
|
* @param params
|
* @return
|
*/
|
public static String localSignParam(Map<String, Object> params) {
|
return localSignUrl(null, params, false);
|
}
|
|
|
/**
|
* 组装签名路径
|
* @param url
|
* @param params
|
* @return
|
*/
|
public static String localSignUrl(String url, Map<String, Object> params, boolean urlEncode) {
|
Set<Map.Entry<String, Object>> entries = params.entrySet();
|
List<Map.Entry<String, Object>> infoIds = new ArrayList<Map.Entry<String, Object>>(entries);
|
// 对所有传入参数按照字段名的 ASCII 码从小到大排序(字典序)
|
//Sort all incoming parameters in ascending order according to the ASCII code of the field name (lexicographic order).
|
Collections.sort(infoIds, new Comparator<Map.Entry<String, Object>>() {
|
public int compare(Map.Entry<String, Object> o1, Map.Entry<String, Object> o2) {
|
return (o1.getKey()).toString().compareTo(o2.getKey());
|
}
|
});
|
// 构造签名键值对的格式
|
// Format for constructing key-value pairs for signatures
|
StringBuilder sb = new StringBuilder();
|
for (Map.Entry<String, Object> item : infoIds) {
|
if (item.getKey() != null || item.getKey() != "") {
|
String key = item.getKey();
|
Object val = item.getValue();
|
if (!(val == "" || val == null)) {
|
sb.append(key + "=" + val + "&");
|
}
|
}
|
}
|
return sb.substring(0, sb.length() - 1);
|
}
|
|
|
/**
|
* 加密签名路径生成签名
|
*
|
* @param signUrl
|
* /token?appid=12345×tamp=1512440267&nonce=12345
|
* @param encryptKey
|
* @return
|
* @throws Exception
|
*/
|
public static String signUrlEncode(String signUrl, String encryptKey) throws Exception {
|
byte[] signByte = HMACSHA1.HmacSHA1Encrypt(signUrl, encryptKey);
|
String localSign = Base64.getEncoder().encodeToString(signByte);
|
return localSign;
|
}
|
|
|
|
/**
|
* 服务端 获取 客户端请求 组装验证签名
|
* @param delParams 移除不相关 的签名参数
|
* @return
|
*/
|
public static String getSignUrl(String url, Map<String, Object> queryParams, String... delParams) {
|
// 获取相对的访问路径
|
//Get the relative access path
|
if (queryParams.size() > 0) {
|
// 删除 Delete
|
for (int i = 0, len = delParams.length; i < len; i++) {
|
queryParams.remove(delParams[i]);
|
}
|
return localSignUrl(url, queryParams, false);
|
}
|
return null;
|
}
|
|
|
/**
|
* 组装签名路径 客户端测试用
|
* @param url api访问地址 "/apid"
|
* @param appid
|
* @return
|
*/
|
public static String getSignUrl(String url, String appid, Map<String, String> queryParas) {
|
Map<String, Object> params = new TreeMap<String, Object>();
|
params.put("appid", appid);
|
params.put("nonce", createNonceStr());
|
params.put("timestamp", createTimestamp());
|
if(queryParas!=null && queryParas.size()>0){
|
params.putAll(queryParas);
|
}
|
return localSignUrl(url, params, false);
|
}
|
|
/**
|
* 组装签名路径 客户端测试用
|
* @param url api访问地址 "/apid"
|
* @param appid
|
* @return
|
*/
|
public static String getSignUrl(String url, String appid) {
|
return getSignUrl(url, appid, "");
|
}
|
|
/**
|
*
|
* @param url
|
* @param appid
|
* @param params
|
* @return
|
*/
|
public static String getSignUrl(String url, String appid, String params) {
|
String urlTmp = getSignUrl(url, appid, new HashMap<String,String>());
|
return urlTmp + UrlEncoderUtils.encode(params);
|
}
|
|
|
}
|
