mirror of
https://gitee.com/huangge1199_admin/vue-pro.git
synced 2024-11-22 23:31:52 +08:00
!997 华为短信client实现,基于API方式
Merge pull request !997 from scholarli/develop
This commit is contained in:
commit
528200f326
@ -42,4 +42,15 @@ public class SmsCallbackController {
|
||||
return success(true);
|
||||
}
|
||||
|
||||
|
||||
@PostMapping("/huawei")
|
||||
@PermitAll
|
||||
@Operation(summary = "华为云短信的回调", description = "参见 https://support.huaweicloud.com/api-msgsms/sms_05_0003.html 文档")
|
||||
@OperateLog(enable = false)
|
||||
public CommonResult<Boolean> receiveHuaweiSmsStatus(HttpServletRequest request) throws Throwable {
|
||||
String text = ServletUtils.getBody(request);
|
||||
smsSendService.receiveSmsStatus(SmsChannelEnum.HUAWEI.getCode(), text);
|
||||
return success(true);
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -0,0 +1,215 @@
|
||||
package cn.iocoder.yudao.module.system.framework.sms.core.client.impl;
|
||||
|
||||
|
||||
import cn.hutool.core.lang.Assert;
|
||||
import cn.hutool.core.util.HexUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
|
||||
import cn.hutool.crypto.SecureUtil;
|
||||
import cn.hutool.crypto.digest.DigestUtil;
|
||||
import cn.hutool.json.JSONArray;
|
||||
import cn.iocoder.yudao.framework.common.core.KeyValue;
|
||||
import cn.iocoder.yudao.framework.common.util.json.JsonUtils;
|
||||
import cn.iocoder.yudao.module.system.framework.sms.core.client.dto.SmsReceiveRespDTO;
|
||||
import cn.iocoder.yudao.module.system.framework.sms.core.client.dto.SmsSendRespDTO;
|
||||
import cn.iocoder.yudao.module.system.framework.sms.core.client.dto.SmsTemplateRespDTO;
|
||||
import cn.iocoder.yudao.module.system.framework.sms.core.enums.SmsTemplateAuditStatusEnum;
|
||||
import cn.iocoder.yudao.module.system.framework.sms.core.property.SmsChannelProperties;
|
||||
import org.apache.http.client.methods.*;
|
||||
import org.apache.http.entity.StringEntity;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonFormat;
|
||||
import com.fasterxml.jackson.annotation.JsonProperty;
|
||||
import lombok.Data;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.http.HttpResponse;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URLEncoder;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.text.SimpleDateFormat;
|
||||
import java.util.*;
|
||||
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
|
||||
|
||||
import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.convertList;
|
||||
import static cn.iocoder.yudao.framework.common.util.date.DateUtils.FORMAT_YEAR_MONTH_DAY_HOUR_MINUTE_SECOND;
|
||||
import static cn.iocoder.yudao.framework.common.util.date.DateUtils.TIME_ZONE_DEFAULT;
|
||||
|
||||
|
||||
/**
|
||||
* 华为短信客户端的实现类
|
||||
*
|
||||
* @author scholar
|
||||
* @since 2024/6/02 11:55
|
||||
*/
|
||||
@Slf4j
|
||||
public class HuaweiSmsClient extends AbstractSmsClient {
|
||||
|
||||
/**
|
||||
* 调用成功 code
|
||||
*/
|
||||
public static final String API_CODE_SUCCESS = "OK";
|
||||
private static final Logger LOGGER = LoggerFactory.getLogger(HuaweiSmsClient.class);
|
||||
|
||||
public HuaweiSmsClient(SmsChannelProperties properties) {
|
||||
super(properties);
|
||||
Assert.notEmpty(properties.getApiKey(), "apiKey 不能为空");
|
||||
Assert.notEmpty(properties.getApiSecret(), "apiSecret 不能为空");
|
||||
}
|
||||
@Override
|
||||
protected void doInit() {
|
||||
|
||||
}
|
||||
@Override
|
||||
public SmsSendRespDTO sendSms(Long sendLogId, String mobile, String apiTemplateId,
|
||||
List<KeyValue<String, Object>> templateParams) throws Throwable {
|
||||
String url = "https://smsapi.cn-north-4.myhuaweicloud.com:443/sms/batchSendSms/v1"; //APP接入地址+接口访问URI
|
||||
// 相比较阿里短信,华为短信发送的时候需要额外的参数“通道号”,考虑到不破坏原有的的结构
|
||||
// 所以将 通道号 拼接到 apiTemplateId 字段中,格式为 "apiTemplateId 通道号"。空格为分隔符。
|
||||
String sender = StrUtil.subAfter(apiTemplateId, " ", true); //中国大陆短信签名通道号或全球短信通道号
|
||||
String templateId = StrUtil.subBefore(apiTemplateId, " ", true); //模板ID
|
||||
|
||||
//必填,全局号码格式(包含国家码),示例:+86151****6789,多个号码之间用英文逗号分隔
|
||||
String receiver = mobile; //短信接收人号码
|
||||
|
||||
//选填,短信状态报告接收地址,推荐使用域名,为空或者不填表示不接收状态报告
|
||||
String statusCallBack = properties.getCallbackUrl();
|
||||
|
||||
SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMdd'T'HHmmss'Z'", Locale.ENGLISH);
|
||||
sdf.setTimeZone(TimeZone.getTimeZone("UTC"));
|
||||
String singerDate = sdf.format(new Date());
|
||||
|
||||
// ************* 步骤 1:拼接规范请求串 *************
|
||||
String httpRequestMethod = "POST";
|
||||
String canonicalUri = "/sms/batchSendSms/v1/";
|
||||
String canonicalQueryString = "";//查询参数为空
|
||||
String canonicalHeaders = "content-type:application/x-www-form-urlencoded\n"
|
||||
+ "host:smsapi.cn-north-4.myhuaweicloud.com:443\n"
|
||||
+ "x-sdk-date:" + singerDate + "\n";
|
||||
String signedHeaders = "content-type;host;x-sdk-date";
|
||||
/**
|
||||
* 选填,使用无变量模板时请赋空值 String templateParas = "";
|
||||
* 单变量模板示例:模板内容为"您的验证码是${NUM_6}"时,templateParas可填写为"[\"111111\"]"
|
||||
* 双变量模板示例:模板内容为"您有${NUM_2}件快递请到${TXT_20}领取"时,templateParas可填写为"[\"3\",\"人民公园正门\"]"
|
||||
*/
|
||||
List<String> templateParas = new ArrayList<>();
|
||||
for (KeyValue<String, Object> kv : templateParams) {
|
||||
templateParas.add(String.valueOf(kv.getValue()));
|
||||
}
|
||||
|
||||
//请求Body,不携带签名名称时,signature请填null
|
||||
String body = buildRequestBody(sender, receiver, templateId, templateParas, statusCallBack, null);
|
||||
if (null == body || body.isEmpty()) {
|
||||
return null;
|
||||
}
|
||||
String hashedRequestBody = HexUtil.encodeHexStr(DigestUtil.sha256(body));
|
||||
String canonicalRequest = httpRequestMethod + "\n" + canonicalUri + "\n" + canonicalQueryString + "\n"
|
||||
+ canonicalHeaders + "\n" + signedHeaders + "\n" + hashedRequestBody;
|
||||
|
||||
// ************* 步骤 2:拼接待签名字符串 *************
|
||||
String hashedCanonicalRequest = HexUtil.encodeHexStr(DigestUtil.sha256(canonicalRequest));
|
||||
String stringToSign = "SDK-HMAC-SHA256" + "\n" + singerDate + "\n" + hashedCanonicalRequest;
|
||||
|
||||
// ************* 步骤 3:计算签名 *************
|
||||
String signature = SecureUtil.hmacSha256(properties.getApiSecret()).digestHex(stringToSign);
|
||||
|
||||
// ************* 步骤 4:拼接 Authorization *************
|
||||
String authorization = "SDK-HMAC-SHA256" + " " + "Access=" + properties.getApiKey() + ", "
|
||||
+ "SignedHeaders=" + signedHeaders + ", " + "Signature=" + signature;
|
||||
|
||||
// ************* 步骤 5:构造HttpRequest 并执行request请求,获得response *************
|
||||
HttpUriRequest postMethod = RequestBuilder.post()
|
||||
.setUri(url)
|
||||
.setEntity(new StringEntity(body, StandardCharsets.UTF_8))
|
||||
.setHeader("Content-Type","application/x-www-form-urlencoded")
|
||||
.setHeader("X-Sdk-Date",singerDate)
|
||||
.setHeader("Authorization",authorization)
|
||||
.build();
|
||||
CloseableHttpClient client = HttpClientBuilder.create().build();
|
||||
HttpResponse response = client.execute(postMethod);
|
||||
|
||||
return new SmsSendRespDTO().setSuccess(Objects.equals(response.getStatusLine().getReasonPhrase(), API_CODE_SUCCESS)).setSerialNo(Integer.toString(response.getStatusLine().getStatusCode()))
|
||||
.setApiRequestId(null).setApiCode(null).setApiMsg(null);
|
||||
}
|
||||
|
||||
static String buildRequestBody(String sender, String receiver, String templateId, List<String> templateParas,
|
||||
String statusCallBack, String signature) throws UnsupportedEncodingException {
|
||||
if (null == sender || null == receiver || null == templateId || sender.isEmpty() || receiver.isEmpty()
|
||||
|| templateId.isEmpty()) {
|
||||
System.out.println("buildRequestBody(): sender, receiver or templateId is null.");
|
||||
return null;
|
||||
}
|
||||
|
||||
StringBuilder body = new StringBuilder();
|
||||
appendToBody(body, "from=", sender);
|
||||
appendToBody(body, "&to=", receiver);
|
||||
appendToBody(body, "&templateId=", templateId);
|
||||
appendToBody(body, "&templateParas=", new JSONArray(templateParas).toString());
|
||||
appendToBody(body, "&statusCallback=", statusCallBack);
|
||||
appendToBody(body, "&signature=", signature);
|
||||
return body.toString();
|
||||
}
|
||||
|
||||
private static void appendToBody(StringBuilder body, String key, String val) throws UnsupportedEncodingException {
|
||||
if (null != val && !val.isEmpty()) {
|
||||
body.append(key).append(URLEncoder.encode(val, "UTF-8"));
|
||||
}
|
||||
}
|
||||
@Override
|
||||
public List<SmsReceiveRespDTO> parseSmsReceiveStatus(String text) {
|
||||
List<SmsReceiveStatus> statuses = JsonUtils.parseArray(text, SmsReceiveStatus.class);
|
||||
return convertList(statuses, status -> new SmsReceiveRespDTO().setSuccess(Objects.equals(status.getStatus(),"DELIVRD"))
|
||||
.setErrorCode(status.getStatus()).setErrorMsg(status.getStatus())
|
||||
.setMobile(status.getPhoneNumber()).setReceiveTime(status.getUpdateTime())
|
||||
.setSerialNo(status.getSmsMsgId()));
|
||||
}
|
||||
|
||||
@Override
|
||||
public SmsTemplateRespDTO getSmsTemplate(String apiTemplateId) throws Throwable {
|
||||
//华为短信模板查询和发送短信,是不同的两套key和secret,与阿里、腾讯的区别较大,这里模板查询校验暂不实现。
|
||||
return new SmsTemplateRespDTO().setId(null).setContent(null)
|
||||
.setAuditStatus(SmsTemplateAuditStatusEnum.SUCCESS.getStatus()).setAuditReason(null);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* 短信接收状态
|
||||
*
|
||||
* 参见 <a href="https://support.huaweicloud.com/api-msgsms/sms_05_0003.html">文档</a>
|
||||
*
|
||||
* @author scholar
|
||||
*/
|
||||
@Data
|
||||
public static class SmsReceiveStatus {
|
||||
|
||||
/**
|
||||
* 本条状态报告对应的短信的接收方号码,仅当状态报告中携带了extend参数时才会同时携带该参数
|
||||
*/
|
||||
@JsonProperty("to")
|
||||
private String phoneNumber;
|
||||
|
||||
/**
|
||||
* 短信资源的更新时间,通常为短信平台接收短信状态报告的时间
|
||||
*/
|
||||
@JsonFormat(pattern = FORMAT_YEAR_MONTH_DAY_HOUR_MINUTE_SECOND, timezone = TIME_ZONE_DEFAULT)
|
||||
private LocalDateTime updateTime;
|
||||
|
||||
/**
|
||||
* 短信状态报告枚举值
|
||||
*/
|
||||
private String status;
|
||||
|
||||
/**
|
||||
* 发送短信成功时返回的短信唯一标识。
|
||||
*/
|
||||
private String smsMsgId;
|
||||
}
|
||||
|
||||
}
|
@ -78,6 +78,7 @@ public class SmsClientFactoryImpl implements SmsClientFactory {
|
||||
case ALIYUN: return new AliyunSmsClient(properties);
|
||||
case DEBUG_DING_TALK: return new DebugDingTalkSmsClient(properties);
|
||||
case TENCENT: return new TencentSmsClient(properties);
|
||||
case HUAWEI: return new HuaweiSmsClient(properties);
|
||||
}
|
||||
// 创建失败,错误日志 + 抛出异常
|
||||
log.error("[createSmsClient][配置({}) 找不到合适的客户端实现]", properties);
|
||||
|
@ -0,0 +1,253 @@
|
||||
package cn.iocoder.yudao.module.system.framework.sms.core.client.utils;
|
||||
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URLDecoder;
|
||||
import java.net.URLEncoder;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Hashtable;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
/**
|
||||
* 华为短信待签名request
|
||||
*
|
||||
* @author scholar
|
||||
* @since 2024/6/02 11:55
|
||||
*/
|
||||
public class HuaweiRequest {
|
||||
private String key = null;
|
||||
private String secret = null;
|
||||
private String method = null;
|
||||
private String url = null;
|
||||
private String body = null;
|
||||
private String fragment = null;
|
||||
private Map<String, String> headers = new Hashtable();
|
||||
private Map<String, List<String>> queryString = new Hashtable();
|
||||
private static final Pattern PATTERN = Pattern.compile("^(?i)(post|put|patch|delete|get|options|head)$");
|
||||
|
||||
public HuaweiRequest() {
|
||||
}
|
||||
|
||||
/** @deprecated */
|
||||
@Deprecated
|
||||
public String getRegion() {
|
||||
return "";
|
||||
}
|
||||
|
||||
/** @deprecated */
|
||||
@Deprecated
|
||||
public String getServiceName() {
|
||||
return "";
|
||||
}
|
||||
|
||||
public String getKey() {
|
||||
return this.key;
|
||||
}
|
||||
|
||||
public String getSecrect() {
|
||||
return this.secret;
|
||||
}
|
||||
|
||||
// public HttpMethodName getMethod() {
|
||||
// return HttpMethodName.valueOf(this.method.toUpperCase(Locale.getDefault()));
|
||||
// }
|
||||
|
||||
public String getBody() {
|
||||
return this.body;
|
||||
}
|
||||
|
||||
public Map<String, String> getHeaders() {
|
||||
return this.headers;
|
||||
}
|
||||
|
||||
/** @deprecated */
|
||||
@Deprecated
|
||||
public void setRegion(String region) {
|
||||
}
|
||||
|
||||
/** @deprecated */
|
||||
@Deprecated
|
||||
public void setServiceName(String serviceName) {
|
||||
}
|
||||
|
||||
public void setAppKey(String appKey) throws RuntimeException {
|
||||
if (null != appKey && !appKey.trim().isEmpty()) {
|
||||
this.key = appKey;
|
||||
} else {
|
||||
throw new RuntimeException("appKey can not be empty");
|
||||
}
|
||||
}
|
||||
|
||||
public void setAppSecrect(String appSecret) throws RuntimeException {
|
||||
if (null != appSecret && !appSecret.trim().isEmpty()) {
|
||||
this.secret = appSecret;
|
||||
} else {
|
||||
throw new RuntimeException("appSecrect can not be empty");
|
||||
}
|
||||
}
|
||||
|
||||
public void setKey(String appKey) throws RuntimeException {
|
||||
if (null != appKey && !appKey.trim().isEmpty()) {
|
||||
this.key = appKey;
|
||||
} else {
|
||||
throw new RuntimeException("appKey can not be empty");
|
||||
}
|
||||
}
|
||||
|
||||
public void setSecret(String appSecret) throws RuntimeException {
|
||||
if (null != appSecret && !appSecret.trim().isEmpty()) {
|
||||
this.secret = appSecret;
|
||||
} else {
|
||||
throw new RuntimeException("appSecrect can not be empty");
|
||||
}
|
||||
}
|
||||
|
||||
public void setMethod(String method) throws RuntimeException {
|
||||
if (null == method) {
|
||||
throw new RuntimeException("method can not be empty");
|
||||
} else {
|
||||
Matcher match = PATTERN.matcher(method);
|
||||
if (!match.matches()) {
|
||||
throw new RuntimeException("unsupported method");
|
||||
} else {
|
||||
this.method = method;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public String getUrl() throws UnsupportedEncodingException {
|
||||
StringBuilder uri = new StringBuilder();
|
||||
uri.append(this.url);
|
||||
if (this.queryString.size() > 0) {
|
||||
uri.append("?");
|
||||
int loop = 0;
|
||||
Iterator var3 = this.queryString.entrySet().iterator();
|
||||
|
||||
while(var3.hasNext()) {
|
||||
Map.Entry<String, List<String>> entry = (Map.Entry)var3.next();
|
||||
|
||||
for(Iterator var5 = ((List)entry.getValue()).iterator(); var5.hasNext(); ++loop) {
|
||||
String value = (String)var5.next();
|
||||
if (loop > 0) {
|
||||
uri.append("&");
|
||||
}
|
||||
|
||||
uri.append(URLEncoder.encode((String)entry.getKey(), "UTF-8"));
|
||||
uri.append("=");
|
||||
uri.append(URLEncoder.encode(value, "UTF-8"));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (this.fragment != null) {
|
||||
uri.append("#");
|
||||
uri.append(this.fragment);
|
||||
}
|
||||
|
||||
return uri.toString();
|
||||
}
|
||||
|
||||
public void setUrl(String urlRet) throws RuntimeException, UnsupportedEncodingException {
|
||||
if (urlRet != null && !urlRet.trim().isEmpty()) {
|
||||
int i = urlRet.indexOf(35);
|
||||
if (i >= 0) {
|
||||
urlRet = urlRet.substring(0, i);
|
||||
}
|
||||
|
||||
i = urlRet.indexOf(63);
|
||||
this.url = urlRet;
|
||||
if (i >= 0) {
|
||||
String query = urlRet.substring(i + 1, urlRet.length());
|
||||
String[] var4 = query.split("&");
|
||||
int var5 = var4.length;
|
||||
|
||||
for(int var6 = 0; var6 < var5; ++var6) {
|
||||
String item = var4[var6];
|
||||
String[] spl = item.split("=", 2);
|
||||
String keyRet = spl[0];
|
||||
String value = "";
|
||||
if (spl.length > 1) {
|
||||
value = spl[1];
|
||||
}
|
||||
|
||||
if (!keyRet.trim().isEmpty()) {
|
||||
keyRet = URLDecoder.decode(keyRet, "UTF-8");
|
||||
value = URLDecoder.decode(value, "UTF-8");
|
||||
this.addQueryStringParam(keyRet, value);
|
||||
}
|
||||
}
|
||||
|
||||
urlRet = urlRet.substring(0, i);
|
||||
this.url = urlRet;
|
||||
}
|
||||
} else {
|
||||
throw new RuntimeException("url can not be empty");
|
||||
}
|
||||
}
|
||||
|
||||
public String getPath() {
|
||||
String urlRet = this.url;
|
||||
int i = urlRet.indexOf("://");
|
||||
if (i >= 0) {
|
||||
urlRet = urlRet.substring(i + 3);
|
||||
}
|
||||
|
||||
i = urlRet.indexOf(47);
|
||||
return i >= 0 ? urlRet.substring(i) : "/";
|
||||
}
|
||||
|
||||
public String getHost() {
|
||||
String urlRet = this.url;
|
||||
int i = urlRet.indexOf("://");
|
||||
if (i >= 0) {
|
||||
urlRet = urlRet.substring(i + 3);
|
||||
}
|
||||
|
||||
i = urlRet.indexOf(47);
|
||||
if (i >= 0) {
|
||||
urlRet = urlRet.substring(0, i);
|
||||
}
|
||||
|
||||
return urlRet;
|
||||
}
|
||||
|
||||
public void setBody(String body) {
|
||||
this.body = body;
|
||||
}
|
||||
|
||||
public void addQueryStringParam(String name, String value) {
|
||||
List<String> paramList = (List)this.queryString.get(name);
|
||||
if (paramList == null) {
|
||||
paramList = new ArrayList();
|
||||
this.queryString.put(name, paramList);
|
||||
}
|
||||
|
||||
((List)paramList).add(value);
|
||||
}
|
||||
|
||||
public Map<String, List<String>> getQueryStringParams() {
|
||||
return this.queryString;
|
||||
}
|
||||
|
||||
public String getFragment() {
|
||||
return this.fragment;
|
||||
}
|
||||
|
||||
public void setFragment(String fragment) throws RuntimeException, UnsupportedEncodingException {
|
||||
if (fragment != null && !fragment.trim().isEmpty()) {
|
||||
this.fragment = URLEncoder.encode(fragment, "UTF-8");
|
||||
} else {
|
||||
throw new RuntimeException("fragment can not be empty");
|
||||
}
|
||||
}
|
||||
|
||||
public void addHeader(String name, String value) {
|
||||
if (name != null && !name.trim().isEmpty()) {
|
||||
this.headers.put(name, value);
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,300 @@
|
||||
package cn.iocoder.yudao.module.system.framework.sms.core.client.utils;
|
||||
|
||||
|
||||
import cn.hutool.core.util.HexUtil;
|
||||
import cn.hutool.core.util.URLUtil;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.Security;
|
||||
import java.text.SimpleDateFormat;
|
||||
import java.util.*;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
import javax.crypto.Mac;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
import org.apache.commons.codec.binary.StringUtils;
|
||||
import org.bouncycastle.crypto.digests.SM3Digest;
|
||||
import org.openeuler.BGMJCEProvider;
|
||||
|
||||
/**
|
||||
* 华为短信request签名实现类
|
||||
*
|
||||
* @author scholar
|
||||
* @since 2024/6/02 11:55
|
||||
*/
|
||||
public class HuaweiSigner {
|
||||
public static final String LINE_SEPARATOR = "\n";
|
||||
public static final String SDK_SIGNING_ALGORITHM = "SDK-HMAC-SHA256";
|
||||
public static final String X_SDK_CONTENT_SHA256 = "x-sdk-content-sha256";
|
||||
public static final String X_SDK_DATE = "X-Sdk-Date";
|
||||
public static final String AUTHORIZATION = "Authorization";
|
||||
private static final Pattern AUTHORIZATION_PATTERN_SHA256 = Pattern.compile("SDK-HMAC-SHA256\\s+Access=([^,]+),\\s?SignedHeaders=([^,]+),\\s?Signature=(\\w+)");
|
||||
private static final Pattern AUTHORIZATION_PATTERN_SM3 = Pattern.compile("SDK-HMAC-SM3\\s+Access=([^,]+),\\s?SignedHeaders=([^,]+),\\s?Signature=(\\w+)");
|
||||
private static final String LINUX_NEW_LINE = "\n";
|
||||
public static final String HOST = "Host";
|
||||
public String messageDigestAlgorithm = "SDK-HMAC-SHA256";
|
||||
|
||||
public HuaweiSigner(String messageDigestAlgorithm) {
|
||||
this.messageDigestAlgorithm = messageDigestAlgorithm;
|
||||
}
|
||||
|
||||
public HuaweiSigner() {
|
||||
}
|
||||
|
||||
public void sign(HuaweiRequest request) throws UnsupportedEncodingException {
|
||||
String singerDate = this.getHeader(request, "X-Sdk-Date");
|
||||
SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMdd'T'HHmmss'Z'", Locale.ENGLISH);
|
||||
sdf.setTimeZone(TimeZone.getTimeZone("UTC"));
|
||||
if (singerDate == null) {
|
||||
singerDate = sdf.format(new Date());
|
||||
request.addHeader("X-Sdk-Date", singerDate);
|
||||
}
|
||||
|
||||
this.addHostHeader(request);
|
||||
String messageDigestContent = this.calculateContentHash(request);
|
||||
String[] signedHeaders = this.getSignedHeaders(request);
|
||||
String canonicalRequest = this.createCanonicalRequest(request, signedHeaders, messageDigestContent);
|
||||
byte[] signingKey = this.deriveSigningKey(request.getSecrect());
|
||||
String stringToSign = this.createStringToSign(canonicalRequest, singerDate);
|
||||
byte[] signature = this.computeSignature(stringToSign, signingKey);
|
||||
String signatureResult = this.buildAuthorizationHeader(signedHeaders, signature, request.getKey());
|
||||
request.addHeader("Authorization", signatureResult);
|
||||
}
|
||||
|
||||
protected String getCanonicalizedResourcePath(String resourcePath) throws UnsupportedEncodingException {
|
||||
if (resourcePath != null && !resourcePath.isEmpty()) {
|
||||
try {
|
||||
resourcePath = (new URI(resourcePath)).getPath();
|
||||
} catch (URISyntaxException var3) {
|
||||
return resourcePath;
|
||||
}
|
||||
|
||||
String value = URLUtil.encode(resourcePath);
|
||||
if (!value.startsWith("/")) {
|
||||
value = "/".concat(value);
|
||||
}
|
||||
|
||||
if (!value.endsWith("/")) {
|
||||
value = value.concat("/");
|
||||
}
|
||||
|
||||
return value;
|
||||
} else {
|
||||
return "/";
|
||||
}
|
||||
}
|
||||
|
||||
protected String getCanonicalizedQueryString(Map<String, List<String>> parameters) throws UnsupportedEncodingException {
|
||||
SortedMap<String, List<String>> sorted = new TreeMap();
|
||||
Iterator var3 = parameters.entrySet().iterator();
|
||||
|
||||
while(var3.hasNext()) {
|
||||
Map.Entry<String, List<String>> entry = (Map.Entry)var3.next();
|
||||
String encodedParamName = URLUtil.encode((String) entry.getKey());
|
||||
List<String> paramValues = (List)entry.getValue();
|
||||
List<String> encodedValues = new ArrayList(paramValues.size());
|
||||
Iterator var8 = paramValues.iterator();
|
||||
|
||||
while(var8.hasNext()) {
|
||||
String value = (String)var8.next();
|
||||
encodedValues.add(URLUtil.encode(value));
|
||||
}
|
||||
|
||||
Collections.sort(encodedValues);
|
||||
sorted.put(encodedParamName, encodedValues);
|
||||
}
|
||||
|
||||
StringBuilder result = new StringBuilder();
|
||||
Iterator var11 = sorted.entrySet().iterator();
|
||||
|
||||
while(var11.hasNext()) {
|
||||
Map.Entry<String, List<String>> entry = (Map.Entry)var11.next();
|
||||
|
||||
String value;
|
||||
for(Iterator var13 = ((List)entry.getValue()).iterator(); var13.hasNext(); result.append((String)entry.getKey()).append("=").append(value)) {
|
||||
value = (String)var13.next();
|
||||
if (result.length() > 0) {
|
||||
result.append("&");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return result.toString();
|
||||
}
|
||||
|
||||
protected String createCanonicalRequest(HuaweiRequest request, String[] signedHeaders, String messageDigestContent) throws UnsupportedEncodingException {
|
||||
return "POST" + "\n" + this.getCanonicalizedResourcePath(request.getPath()) + "\n" + this.getCanonicalizedQueryString(request.getQueryStringParams()) + "\n" + this.getCanonicalizedHeaderString(request, signedHeaders) + "\n" + this.getSignedHeadersString(signedHeaders) + "\n" + messageDigestContent;
|
||||
}
|
||||
|
||||
protected String createStringToSign(String canonicalRequest, String singerDate) {
|
||||
return StringUtils.equals(this.messageDigestAlgorithm, "SDK-HMAC-SHA256") ? this.messageDigestAlgorithm + "\n" + singerDate + "\n" + HexUtil.encodeHexStr(this.hash(canonicalRequest)) : this.messageDigestAlgorithm + "\n" + singerDate + "\n" + HexUtil.encodeHexStr(this.hashSm3(canonicalRequest));
|
||||
}
|
||||
|
||||
private byte[] deriveSigningKey(String secret) {
|
||||
return secret.getBytes(StandardCharsets.UTF_8);
|
||||
}
|
||||
|
||||
protected byte[] sign(byte[] data, byte[] key, String algorithm) {
|
||||
try {
|
||||
if (Objects.equals(algorithm, "HmacSM3")) {
|
||||
Security.insertProviderAt(new BGMJCEProvider(), 1);
|
||||
}
|
||||
|
||||
Mac mac = Mac.getInstance(algorithm);
|
||||
mac.init(new SecretKeySpec(key, algorithm));
|
||||
return mac.doFinal(data);
|
||||
} catch (InvalidKeyException | NoSuchAlgorithmException var5) {
|
||||
return new byte[0];
|
||||
}
|
||||
}
|
||||
|
||||
protected final byte[] computeSignature(String stringToSign, byte[] signingKey) {
|
||||
return StringUtils.equals(this.messageDigestAlgorithm, "SDK-HMAC-SHA256") ? this.sign(stringToSign.getBytes(StandardCharsets.UTF_8), signingKey, "HmacSHA256") : this.sign(stringToSign.getBytes(StandardCharsets.UTF_8), signingKey, "HmacSM3");
|
||||
}
|
||||
|
||||
private String buildAuthorizationHeader(String[] signedHeaders, byte[] signature, String accessKey) {
|
||||
String credential = "Access=" + accessKey;
|
||||
String signerHeaders = "SignedHeaders=" + this.getSignedHeadersString(signedHeaders);
|
||||
String signatureHeader = "Signature=" + HexUtil.encodeHexStr(signature);
|
||||
return this.messageDigestAlgorithm + " " + credential + ", " + signerHeaders + ", " + signatureHeader;
|
||||
}
|
||||
|
||||
protected String[] getSignedHeaders(HuaweiRequest request) {
|
||||
String[] signedHeaders = (String[])request.getHeaders().keySet().toArray(new String[0]);
|
||||
Arrays.sort(signedHeaders, String.CASE_INSENSITIVE_ORDER);
|
||||
return signedHeaders;
|
||||
}
|
||||
|
||||
protected String getCanonicalizedHeaderString(HuaweiRequest request, String[] signedHeaders) {
|
||||
Map<String, String> requestHeaders = request.getHeaders();
|
||||
StringBuilder buffer = new StringBuilder();
|
||||
String[] var5 = signedHeaders;
|
||||
int var6 = signedHeaders.length;
|
||||
|
||||
for(int var7 = 0; var7 < var6; ++var7) {
|
||||
String header = var5[var7];
|
||||
String key = header.toLowerCase(Locale.getDefault());
|
||||
String value = (String)requestHeaders.get(header);
|
||||
buffer.append(key).append(":");
|
||||
if (value != null) {
|
||||
buffer.append(value.trim());
|
||||
}
|
||||
|
||||
buffer.append("\n");
|
||||
}
|
||||
|
||||
return buffer.toString();
|
||||
}
|
||||
|
||||
protected String getSignedHeadersString(String[] signedHeaders) {
|
||||
StringBuilder buffer = new StringBuilder();
|
||||
String[] var3 = signedHeaders;
|
||||
int var4 = signedHeaders.length;
|
||||
|
||||
for(int var5 = 0; var5 < var4; ++var5) {
|
||||
String header = var3[var5];
|
||||
if (buffer.length() > 0) {
|
||||
buffer.append(";");
|
||||
}
|
||||
|
||||
buffer.append(header.toLowerCase(Locale.getDefault()));
|
||||
}
|
||||
|
||||
return buffer.toString();
|
||||
}
|
||||
|
||||
protected void addHostHeader(HuaweiRequest request) {
|
||||
boolean haveHostHeader = false;
|
||||
Iterator var3 = request.getHeaders().keySet().iterator();
|
||||
|
||||
while(var3.hasNext()) {
|
||||
String key = (String)var3.next();
|
||||
if ("Host".equalsIgnoreCase(key)) {
|
||||
haveHostHeader = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (!haveHostHeader) {
|
||||
request.addHeader("Host", request.getHost());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
protected String getHeader(HuaweiRequest request, String header) {
|
||||
if (header == null) {
|
||||
return null;
|
||||
} else {
|
||||
Map<String, String> headers = request.getHeaders();
|
||||
Iterator var4 = headers.entrySet().iterator();
|
||||
|
||||
Map.Entry entry;
|
||||
do {
|
||||
if (!var4.hasNext()) {
|
||||
return null;
|
||||
}
|
||||
|
||||
entry = (Map.Entry)var4.next();
|
||||
} while(!header.equalsIgnoreCase((String)entry.getKey()));
|
||||
|
||||
return (String)entry.getValue();
|
||||
}
|
||||
}
|
||||
|
||||
public boolean verify(HuaweiRequest request) throws UnsupportedEncodingException {
|
||||
String singerDate = this.getHeader(request, "X-Sdk-Date");
|
||||
String authorization = this.getHeader(request, "Authorization");
|
||||
Matcher match = AUTHORIZATION_PATTERN_SM3.matcher(authorization);
|
||||
if (StringUtils.equals(this.messageDigestAlgorithm, "SDK-HMAC-SHA256")) {
|
||||
match = AUTHORIZATION_PATTERN_SHA256.matcher(authorization);
|
||||
}
|
||||
|
||||
if (!match.find()) {
|
||||
return false;
|
||||
} else {
|
||||
String[] signedHeaders = match.group(2).split(";");
|
||||
byte[] signingKey = this.deriveSigningKey(request.getSecrect());
|
||||
String messageDigestContent = this.calculateContentHash(request);
|
||||
String canonicalRequest = this.createCanonicalRequest(request, signedHeaders, messageDigestContent);
|
||||
String stringToSign = this.createStringToSign(canonicalRequest, singerDate);
|
||||
byte[] signature = this.computeSignature(stringToSign, signingKey);
|
||||
String signatureResult = this.buildAuthorizationHeader(signedHeaders, signature, request.getKey());
|
||||
return signatureResult.equals(authorization);
|
||||
}
|
||||
}
|
||||
|
||||
protected String calculateContentHash(HuaweiRequest request) {
|
||||
String content_sha256 = this.getHeader(request, "x-sdk-content-sha256");
|
||||
if (content_sha256 != null) {
|
||||
return content_sha256;
|
||||
} else {
|
||||
return StringUtils.equals(this.messageDigestAlgorithm, "SDK-HMAC-SHA256") ? HexUtil.encodeHexStr(this.hash(request.getBody()),true) : HexUtil.encodeHexStr(this.hashSm3(request.getBody()));
|
||||
}
|
||||
}
|
||||
|
||||
public byte[] hash(String text) {
|
||||
try {
|
||||
MessageDigest md = MessageDigest.getInstance("SHA-256");
|
||||
md.update(text.getBytes(StandardCharsets.UTF_8));
|
||||
return md.digest();
|
||||
} catch (NoSuchAlgorithmException var3) {
|
||||
return new byte[0];
|
||||
}
|
||||
}
|
||||
|
||||
public byte[] hashSm3(String text) {
|
||||
byte[] srcData = text.getBytes(StandardCharsets.UTF_8);
|
||||
SM3Digest digest = new SM3Digest();
|
||||
digest.update(srcData, 0, srcData.length);
|
||||
byte[] hash = new byte[digest.getDigestSize()];
|
||||
digest.doFinal(hash, 0);
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
}
|
@ -17,7 +17,7 @@ public enum SmsChannelEnum {
|
||||
DEBUG_DING_TALK("DEBUG_DING_TALK", "调试(钉钉)"),
|
||||
ALIYUN("ALIYUN", "阿里云"),
|
||||
TENCENT("TENCENT", "腾讯云"),
|
||||
// HUA_WEI("HUA_WEI", "华为云"),
|
||||
HUAWEI("HUAWEI", "华为云"),
|
||||
;
|
||||
|
||||
/**
|
||||
|
Loading…
Reference in New Issue
Block a user