diff --git a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/sms/SmsCallbackController.java b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/sms/SmsCallbackController.java index f392ac759..0bb406710 100644 --- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/sms/SmsCallbackController.java +++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/sms/SmsCallbackController.java @@ -45,4 +45,15 @@ public class SmsCallbackController { return success(true); } + + @PostMapping("/huawei") + @PermitAll + @Operation(summary = "华为云短信的回调", description = "参见 https://support.huaweicloud.com/api-msgsms/sms_05_0003.html 文档") + @OperateLog(enable = false) + public CommonResult receiveHuaweiSmsStatus(HttpServletRequest request) throws Throwable { + String text = ServletUtils.getBody(request); + smsSendService.receiveSmsStatus(SmsChannelEnum.HUAWEI.getCode(), text); + return success(true); + } + } diff --git a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/impl/HuaweiSmsClient.java b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/impl/HuaweiSmsClient.java new file mode 100644 index 000000000..9f7946ec3 --- /dev/null +++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/impl/HuaweiSmsClient.java @@ -0,0 +1,201 @@ +package cn.iocoder.yudao.module.system.framework.sms.core.client.impl; + + +import cn.hutool.core.lang.Assert; +import cn.hutool.core.util.StrUtil; + +import cn.hutool.json.JSONArray; +import cn.iocoder.yudao.framework.common.core.KeyValue; +import cn.iocoder.yudao.framework.common.util.json.JsonUtils; +import cn.iocoder.yudao.module.system.framework.sms.core.client.dto.SmsReceiveRespDTO; +import cn.iocoder.yudao.module.system.framework.sms.core.client.dto.SmsSendRespDTO; +import cn.iocoder.yudao.module.system.framework.sms.core.client.dto.SmsTemplateRespDTO; +import cn.iocoder.yudao.module.system.framework.sms.core.client.utils.HuaweiRequest; +import cn.iocoder.yudao.module.system.framework.sms.core.client.utils.HuaweiSigner; +import cn.iocoder.yudao.module.system.framework.sms.core.enums.SmsTemplateAuditStatusEnum; +import cn.iocoder.yudao.module.system.framework.sms.core.property.SmsChannelProperties; +import org.apache.http.client.methods.*; +import org.apache.http.entity.StringEntity; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClientBuilder; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.fasterxml.jackson.annotation.JsonFormat; +import com.fasterxml.jackson.annotation.JsonProperty; +import lombok.Data; +import lombok.extern.slf4j.Slf4j; +import org.apache.http.HttpResponse; + +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.nio.charset.StandardCharsets; +import java.util.*; + + +import java.time.LocalDateTime; + + +import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.convertList; +import static cn.iocoder.yudao.framework.common.util.date.DateUtils.FORMAT_YEAR_MONTH_DAY_HOUR_MINUTE_SECOND; +import static cn.iocoder.yudao.framework.common.util.date.DateUtils.TIME_ZONE_DEFAULT; + + +/** + * 华为短信客户端的实现类 + * + * @author scholar + * @since 2024/6/02 11:55 + */ +@Slf4j +public class HuaweiSmsClient extends AbstractSmsClient { + + /** + * 调用成功 code + */ + public static final String API_CODE_SUCCESS = "OK"; + private static final Logger LOGGER = LoggerFactory.getLogger(HuaweiSmsClient.class); + public HuaweiSmsClient(SmsChannelProperties properties) { + super(properties); + Assert.notEmpty(properties.getApiKey(), "apiKey 不能为空"); + Assert.notEmpty(properties.getApiSecret(), "apiSecret 不能为空"); + } + @Override + protected void doInit() { + + } + @Override + public SmsSendRespDTO sendSms(Long sendLogId, String mobile, String apiTemplateId, + List> templateParams) throws Throwable { + String url = "https://smsapi.cn-north-4.myhuaweicloud.com:443/sms/batchSendSms/v1"; //APP接入地址+接口访问URI + // 相比较阿里短信,华为短信发送的时候需要额外的参数“通道号”,考虑到不破坏原有的的结构 + // 所以将 通道号 拼接到 apiTemplateId 字段中,格式为 "apiTemplateId 通道号"。空格为分隔符。 + String sender = StrUtil.subAfter(apiTemplateId, " ", true); //中国大陆短信签名通道号或全球短信通道号 + String templateId = StrUtil.subBefore(apiTemplateId, " ", true); //模板ID + + //必填,全局号码格式(包含国家码),示例:+86151****6789,多个号码之间用英文逗号分隔 + String receiver = mobile; //短信接收人号码 + + //选填,短信状态报告接收地址,推荐使用域名,为空或者不填表示不接收状态报告 + String statusCallBack = properties.getCallbackUrl(); + + /** + * 选填,使用无变量模板时请赋空值 String templateParas = ""; + * 单变量模板示例:模板内容为"您的验证码是${NUM_6}"时,templateParas可填写为"[\"111111\"]" + * 双变量模板示例:模板内容为"您有${NUM_2}件快递请到${TXT_20}领取"时,templateParas可填写为"[\"3\",\"人民公园正门\"]" + */ + List templateParas = new ArrayList<>(); + for (KeyValue kv : templateParams) { + templateParas.add(String.valueOf(kv.getValue())); + } + + //请求Body,不携带签名名称时,signature请填null + String body = buildRequestBody(sender, receiver, templateId, templateParas, statusCallBack, null); + if (null == body || body.isEmpty()) { + LOGGER.warn("body is null."); + return null; + } + + HuaweiRequest request = new HuaweiRequest(); + request.setKey(properties.getApiKey()); + request.setSecret(properties.getApiSecret()); + request.setMethod("POST"); + request.setUrl(url); + request.addHeader("Content-Type", "application/x-www-form-urlencoded"); + request.setBody(body); + LOGGER.info("Print the body: {}", body); + + HuaweiSigner signer = new HuaweiSigner("SDK-HMAC-SHA256"); + signer.sign(request); + HttpUriRequest postMethod = RequestBuilder.post() + .setUri(url) + .setEntity(new StringEntity(request.getBody(), StandardCharsets.UTF_8)) + .setHeader("Content-Type","application/x-www-form-urlencoded") + .setHeader("X-Sdk-Date",request.getHeaders().get("X-Sdk-Date")) + .setHeader("Authorization",request.getHeaders().get("Authorization")) + .build(); + CloseableHttpClient client = HttpClientBuilder.create().build(); + + HttpResponse response = client.execute(postMethod); + return new SmsSendRespDTO().setSuccess(Objects.equals(response.getStatusLine().getReasonPhrase(), API_CODE_SUCCESS)).setSerialNo(Integer.toString(response.getStatusLine().getStatusCode())) + .setApiRequestId(null).setApiCode(null).setApiMsg(null); + } + + static String buildRequestBody(String sender, String receiver, String templateId, List templateParas, + String statusCallBack, String signature) throws UnsupportedEncodingException { + if (null == sender || null == receiver || null == templateId || sender.isEmpty() || receiver.isEmpty() + || templateId.isEmpty()) { + System.out.println("buildRequestBody(): sender, receiver or templateId is null."); + return null; + } + + StringBuilder body = new StringBuilder(); + appendToBody(body, "from=", sender); + appendToBody(body, "&to=", receiver); + appendToBody(body, "&templateId=", templateId); + appendToBody(body, "&templateParas=", new JSONArray(templateParas).toString()); + appendToBody(body, "&statusCallback=", statusCallBack); + appendToBody(body, "&signature=", signature); + return body.toString(); + } + + private static void appendToBody(StringBuilder body, String key, String val) throws UnsupportedEncodingException { + if (null != val && !val.isEmpty()) { + LOGGER.info("Print appendToBody: {}:{}", key, val); + body.append(key).append(URLEncoder.encode(val, "UTF-8")); + } + } + @Override + public List parseSmsReceiveStatus(String text) { + List statuses = JsonUtils.parseArray(text, SmsReceiveStatus.class); + return convertList(statuses, status -> new SmsReceiveRespDTO().setSuccess(Objects.equals(status.getStatus(),"DELIVRD")) + .setErrorCode(status.getStatus()).setErrorMsg(status.getStatus()) + .setMobile(status.getPhoneNumber()).setReceiveTime(status.getUpdateTime()) + .setSerialNo(status.getSmsMsgId())); + } + + @Override + public SmsTemplateRespDTO getSmsTemplate(String apiTemplateId) throws Throwable { + //华为短信模板查询和发送短信,是不同的两套key和secret,与阿里、腾讯的区别较大,这里模板查询校验暂不实现。 + return new SmsTemplateRespDTO().setId(null).setContent(null) + .setAuditStatus(SmsTemplateAuditStatusEnum.SUCCESS.getStatus()).setAuditReason(null); + + } + + /** + * 短信接收状态 + * + * 参见 文档 + * + * @author scholar + */ + @Data + public static class SmsReceiveStatus { + + /** + * 本条状态报告对应的短信的接收方号码,仅当状态报告中携带了extend参数时才会同时携带该参数 + */ + @JsonProperty("to") + private String phoneNumber; + + /** + * 短信资源的更新时间,通常为短信平台接收短信状态报告的时间 + */ + @JsonProperty("updateTime") + @JsonFormat(pattern = FORMAT_YEAR_MONTH_DAY_HOUR_MINUTE_SECOND, timezone = TIME_ZONE_DEFAULT) + private LocalDateTime updateTime; + + /** + * 短信状态报告枚举值 + */ + @JsonProperty("status") + private String status; + + /** + * 发送短信成功时返回的短信唯一标识。 + */ + @JsonProperty("smsMsgId") + private String smsMsgId; + } + +} diff --git a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/impl/SmsClientFactoryImpl.java b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/impl/SmsClientFactoryImpl.java index 94fe88da9..326cad058 100644 --- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/impl/SmsClientFactoryImpl.java +++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/impl/SmsClientFactoryImpl.java @@ -78,6 +78,7 @@ public class SmsClientFactoryImpl implements SmsClientFactory { case ALIYUN: return new AliyunSmsClient(properties); case DEBUG_DING_TALK: return new DebugDingTalkSmsClient(properties); case TENCENT: return new TencentSmsClient(properties); + case HUAWEI: return new HuaweiSmsClient(properties); } // 创建失败,错误日志 + 抛出异常 log.error("[createSmsClient][配置({}) 找不到合适的客户端实现]", properties); diff --git a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/utils/HuaweiRequest.java b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/utils/HuaweiRequest.java new file mode 100644 index 000000000..048fe1dd8 --- /dev/null +++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/utils/HuaweiRequest.java @@ -0,0 +1,253 @@ +package cn.iocoder.yudao.module.system.framework.sms.core.client.utils; + + +import java.io.UnsupportedEncodingException; +import java.net.URLDecoder; +import java.net.URLEncoder; +import java.util.ArrayList; +import java.util.Hashtable; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +/** + * 华为短信待签名request + * + * @author scholar + * @since 2024/6/02 11:55 + */ +public class HuaweiRequest { + private String key = null; + private String secret = null; + private String method = null; + private String url = null; + private String body = null; + private String fragment = null; + private Map headers = new Hashtable(); + private Map> queryString = new Hashtable(); + private static final Pattern PATTERN = Pattern.compile("^(?i)(post|put|patch|delete|get|options|head)$"); + + public HuaweiRequest() { + } + + /** @deprecated */ + @Deprecated + public String getRegion() { + return ""; + } + + /** @deprecated */ + @Deprecated + public String getServiceName() { + return ""; + } + + public String getKey() { + return this.key; + } + + public String getSecrect() { + return this.secret; + } + +// public HttpMethodName getMethod() { +// return HttpMethodName.valueOf(this.method.toUpperCase(Locale.getDefault())); +// } + + public String getBody() { + return this.body; + } + + public Map getHeaders() { + return this.headers; + } + + /** @deprecated */ + @Deprecated + public void setRegion(String region) { + } + + /** @deprecated */ + @Deprecated + public void setServiceName(String serviceName) { + } + + public void setAppKey(String appKey) throws RuntimeException { + if (null != appKey && !appKey.trim().isEmpty()) { + this.key = appKey; + } else { + throw new RuntimeException("appKey can not be empty"); + } + } + + public void setAppSecrect(String appSecret) throws RuntimeException { + if (null != appSecret && !appSecret.trim().isEmpty()) { + this.secret = appSecret; + } else { + throw new RuntimeException("appSecrect can not be empty"); + } + } + + public void setKey(String appKey) throws RuntimeException { + if (null != appKey && !appKey.trim().isEmpty()) { + this.key = appKey; + } else { + throw new RuntimeException("appKey can not be empty"); + } + } + + public void setSecret(String appSecret) throws RuntimeException { + if (null != appSecret && !appSecret.trim().isEmpty()) { + this.secret = appSecret; + } else { + throw new RuntimeException("appSecrect can not be empty"); + } + } + + public void setMethod(String method) throws RuntimeException { + if (null == method) { + throw new RuntimeException("method can not be empty"); + } else { + Matcher match = PATTERN.matcher(method); + if (!match.matches()) { + throw new RuntimeException("unsupported method"); + } else { + this.method = method; + } + } + } + + public String getUrl() throws UnsupportedEncodingException { + StringBuilder uri = new StringBuilder(); + uri.append(this.url); + if (this.queryString.size() > 0) { + uri.append("?"); + int loop = 0; + Iterator var3 = this.queryString.entrySet().iterator(); + + while(var3.hasNext()) { + Map.Entry> entry = (Map.Entry)var3.next(); + + for(Iterator var5 = ((List)entry.getValue()).iterator(); var5.hasNext(); ++loop) { + String value = (String)var5.next(); + if (loop > 0) { + uri.append("&"); + } + + uri.append(URLEncoder.encode((String)entry.getKey(), "UTF-8")); + uri.append("="); + uri.append(URLEncoder.encode(value, "UTF-8")); + } + } + } + + if (this.fragment != null) { + uri.append("#"); + uri.append(this.fragment); + } + + return uri.toString(); + } + + public void setUrl(String urlRet) throws RuntimeException, UnsupportedEncodingException { + if (urlRet != null && !urlRet.trim().isEmpty()) { + int i = urlRet.indexOf(35); + if (i >= 0) { + urlRet = urlRet.substring(0, i); + } + + i = urlRet.indexOf(63); + this.url = urlRet; + if (i >= 0) { + String query = urlRet.substring(i + 1, urlRet.length()); + String[] var4 = query.split("&"); + int var5 = var4.length; + + for(int var6 = 0; var6 < var5; ++var6) { + String item = var4[var6]; + String[] spl = item.split("=", 2); + String keyRet = spl[0]; + String value = ""; + if (spl.length > 1) { + value = spl[1]; + } + + if (!keyRet.trim().isEmpty()) { + keyRet = URLDecoder.decode(keyRet, "UTF-8"); + value = URLDecoder.decode(value, "UTF-8"); + this.addQueryStringParam(keyRet, value); + } + } + + urlRet = urlRet.substring(0, i); + this.url = urlRet; + } + } else { + throw new RuntimeException("url can not be empty"); + } + } + + public String getPath() { + String urlRet = this.url; + int i = urlRet.indexOf("://"); + if (i >= 0) { + urlRet = urlRet.substring(i + 3); + } + + i = urlRet.indexOf(47); + return i >= 0 ? urlRet.substring(i) : "/"; + } + + public String getHost() { + String urlRet = this.url; + int i = urlRet.indexOf("://"); + if (i >= 0) { + urlRet = urlRet.substring(i + 3); + } + + i = urlRet.indexOf(47); + if (i >= 0) { + urlRet = urlRet.substring(0, i); + } + + return urlRet; + } + + public void setBody(String body) { + this.body = body; + } + + public void addQueryStringParam(String name, String value) { + List paramList = (List)this.queryString.get(name); + if (paramList == null) { + paramList = new ArrayList(); + this.queryString.put(name, paramList); + } + + ((List)paramList).add(value); + } + + public Map> getQueryStringParams() { + return this.queryString; + } + + public String getFragment() { + return this.fragment; + } + + public void setFragment(String fragment) throws RuntimeException, UnsupportedEncodingException { + if (fragment != null && !fragment.trim().isEmpty()) { + this.fragment = URLEncoder.encode(fragment, "UTF-8"); + } else { + throw new RuntimeException("fragment can not be empty"); + } + } + + public void addHeader(String name, String value) { + if (name != null && !name.trim().isEmpty()) { + this.headers.put(name, value); + } + } +} diff --git a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/utils/HuaweiSigner.java b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/utils/HuaweiSigner.java new file mode 100644 index 000000000..4d2d1647c --- /dev/null +++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/utils/HuaweiSigner.java @@ -0,0 +1,300 @@ +package cn.iocoder.yudao.module.system.framework.sms.core.client.utils; + + +import cn.hutool.core.util.HexUtil; +import cn.hutool.core.util.URLUtil; +import java.io.UnsupportedEncodingException; +import java.net.URI; +import java.net.URISyntaxException; +import java.nio.charset.StandardCharsets; +import java.security.InvalidKeyException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.Security; +import java.text.SimpleDateFormat; +import java.util.*; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import javax.crypto.Mac; +import javax.crypto.spec.SecretKeySpec; +import org.apache.commons.codec.binary.StringUtils; +import org.bouncycastle.crypto.digests.SM3Digest; +import org.openeuler.BGMJCEProvider; + +/** + * 华为短信request签名实现类 + * + * @author scholar + * @since 2024/6/02 11:55 + */ +public class HuaweiSigner { + public static final String LINE_SEPARATOR = "\n"; + public static final String SDK_SIGNING_ALGORITHM = "SDK-HMAC-SHA256"; + public static final String X_SDK_CONTENT_SHA256 = "x-sdk-content-sha256"; + public static final String X_SDK_DATE = "X-Sdk-Date"; + public static final String AUTHORIZATION = "Authorization"; + private static final Pattern AUTHORIZATION_PATTERN_SHA256 = Pattern.compile("SDK-HMAC-SHA256\\s+Access=([^,]+),\\s?SignedHeaders=([^,]+),\\s?Signature=(\\w+)"); + private static final Pattern AUTHORIZATION_PATTERN_SM3 = Pattern.compile("SDK-HMAC-SM3\\s+Access=([^,]+),\\s?SignedHeaders=([^,]+),\\s?Signature=(\\w+)"); + private static final String LINUX_NEW_LINE = "\n"; + public static final String HOST = "Host"; + public String messageDigestAlgorithm = "SDK-HMAC-SHA256"; + + public HuaweiSigner(String messageDigestAlgorithm) { + this.messageDigestAlgorithm = messageDigestAlgorithm; + } + + public HuaweiSigner() { + } + + public void sign(HuaweiRequest request) throws UnsupportedEncodingException { + String singerDate = this.getHeader(request, "X-Sdk-Date"); + SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMdd'T'HHmmss'Z'", Locale.ENGLISH); + sdf.setTimeZone(TimeZone.getTimeZone("UTC")); + if (singerDate == null) { + singerDate = sdf.format(new Date()); + request.addHeader("X-Sdk-Date", singerDate); + } + + this.addHostHeader(request); + String messageDigestContent = this.calculateContentHash(request); + String[] signedHeaders = this.getSignedHeaders(request); + String canonicalRequest = this.createCanonicalRequest(request, signedHeaders, messageDigestContent); + byte[] signingKey = this.deriveSigningKey(request.getSecrect()); + String stringToSign = this.createStringToSign(canonicalRequest, singerDate); + byte[] signature = this.computeSignature(stringToSign, signingKey); + String signatureResult = this.buildAuthorizationHeader(signedHeaders, signature, request.getKey()); + request.addHeader("Authorization", signatureResult); + } + + protected String getCanonicalizedResourcePath(String resourcePath) throws UnsupportedEncodingException { + if (resourcePath != null && !resourcePath.isEmpty()) { + try { + resourcePath = (new URI(resourcePath)).getPath(); + } catch (URISyntaxException var3) { + return resourcePath; + } + + String value = URLUtil.encode(resourcePath); + if (!value.startsWith("/")) { + value = "/".concat(value); + } + + if (!value.endsWith("/")) { + value = value.concat("/"); + } + + return value; + } else { + return "/"; + } + } + + protected String getCanonicalizedQueryString(Map> parameters) throws UnsupportedEncodingException { + SortedMap> sorted = new TreeMap(); + Iterator var3 = parameters.entrySet().iterator(); + + while(var3.hasNext()) { + Map.Entry> entry = (Map.Entry)var3.next(); + String encodedParamName = URLUtil.encode((String) entry.getKey()); + List paramValues = (List)entry.getValue(); + List encodedValues = new ArrayList(paramValues.size()); + Iterator var8 = paramValues.iterator(); + + while(var8.hasNext()) { + String value = (String)var8.next(); + encodedValues.add(URLUtil.encode(value)); + } + + Collections.sort(encodedValues); + sorted.put(encodedParamName, encodedValues); + } + + StringBuilder result = new StringBuilder(); + Iterator var11 = sorted.entrySet().iterator(); + + while(var11.hasNext()) { + Map.Entry> entry = (Map.Entry)var11.next(); + + String value; + for(Iterator var13 = ((List)entry.getValue()).iterator(); var13.hasNext(); result.append((String)entry.getKey()).append("=").append(value)) { + value = (String)var13.next(); + if (result.length() > 0) { + result.append("&"); + } + } + } + + return result.toString(); + } + + protected String createCanonicalRequest(HuaweiRequest request, String[] signedHeaders, String messageDigestContent) throws UnsupportedEncodingException { + return "POST" + "\n" + this.getCanonicalizedResourcePath(request.getPath()) + "\n" + this.getCanonicalizedQueryString(request.getQueryStringParams()) + "\n" + this.getCanonicalizedHeaderString(request, signedHeaders) + "\n" + this.getSignedHeadersString(signedHeaders) + "\n" + messageDigestContent; + } + + protected String createStringToSign(String canonicalRequest, String singerDate) { + return StringUtils.equals(this.messageDigestAlgorithm, "SDK-HMAC-SHA256") ? this.messageDigestAlgorithm + "\n" + singerDate + "\n" + HexUtil.encodeHexStr(this.hash(canonicalRequest)) : this.messageDigestAlgorithm + "\n" + singerDate + "\n" + HexUtil.encodeHexStr(this.hashSm3(canonicalRequest)); + } + + private byte[] deriveSigningKey(String secret) { + return secret.getBytes(StandardCharsets.UTF_8); + } + + protected byte[] sign(byte[] data, byte[] key, String algorithm) { + try { + if (Objects.equals(algorithm, "HmacSM3")) { + Security.insertProviderAt(new BGMJCEProvider(), 1); + } + + Mac mac = Mac.getInstance(algorithm); + mac.init(new SecretKeySpec(key, algorithm)); + return mac.doFinal(data); + } catch (InvalidKeyException | NoSuchAlgorithmException var5) { + return new byte[0]; + } + } + + protected final byte[] computeSignature(String stringToSign, byte[] signingKey) { + return StringUtils.equals(this.messageDigestAlgorithm, "SDK-HMAC-SHA256") ? this.sign(stringToSign.getBytes(StandardCharsets.UTF_8), signingKey, "HmacSHA256") : this.sign(stringToSign.getBytes(StandardCharsets.UTF_8), signingKey, "HmacSM3"); + } + + private String buildAuthorizationHeader(String[] signedHeaders, byte[] signature, String accessKey) { + String credential = "Access=" + accessKey; + String signerHeaders = "SignedHeaders=" + this.getSignedHeadersString(signedHeaders); + String signatureHeader = "Signature=" + HexUtil.encodeHexStr(signature); + return this.messageDigestAlgorithm + " " + credential + ", " + signerHeaders + ", " + signatureHeader; + } + + protected String[] getSignedHeaders(HuaweiRequest request) { + String[] signedHeaders = (String[])request.getHeaders().keySet().toArray(new String[0]); + Arrays.sort(signedHeaders, String.CASE_INSENSITIVE_ORDER); + return signedHeaders; + } + + protected String getCanonicalizedHeaderString(HuaweiRequest request, String[] signedHeaders) { + Map requestHeaders = request.getHeaders(); + StringBuilder buffer = new StringBuilder(); + String[] var5 = signedHeaders; + int var6 = signedHeaders.length; + + for(int var7 = 0; var7 < var6; ++var7) { + String header = var5[var7]; + String key = header.toLowerCase(Locale.getDefault()); + String value = (String)requestHeaders.get(header); + buffer.append(key).append(":"); + if (value != null) { + buffer.append(value.trim()); + } + + buffer.append("\n"); + } + + return buffer.toString(); + } + + protected String getSignedHeadersString(String[] signedHeaders) { + StringBuilder buffer = new StringBuilder(); + String[] var3 = signedHeaders; + int var4 = signedHeaders.length; + + for(int var5 = 0; var5 < var4; ++var5) { + String header = var3[var5]; + if (buffer.length() > 0) { + buffer.append(";"); + } + + buffer.append(header.toLowerCase(Locale.getDefault())); + } + + return buffer.toString(); + } + + protected void addHostHeader(HuaweiRequest request) { + boolean haveHostHeader = false; + Iterator var3 = request.getHeaders().keySet().iterator(); + + while(var3.hasNext()) { + String key = (String)var3.next(); + if ("Host".equalsIgnoreCase(key)) { + haveHostHeader = true; + break; + } + } + + if (!haveHostHeader) { + request.addHeader("Host", request.getHost()); + } + + } + + protected String getHeader(HuaweiRequest request, String header) { + if (header == null) { + return null; + } else { + Map headers = request.getHeaders(); + Iterator var4 = headers.entrySet().iterator(); + + Map.Entry entry; + do { + if (!var4.hasNext()) { + return null; + } + + entry = (Map.Entry)var4.next(); + } while(!header.equalsIgnoreCase((String)entry.getKey())); + + return (String)entry.getValue(); + } + } + + public boolean verify(HuaweiRequest request) throws UnsupportedEncodingException { + String singerDate = this.getHeader(request, "X-Sdk-Date"); + String authorization = this.getHeader(request, "Authorization"); + Matcher match = AUTHORIZATION_PATTERN_SM3.matcher(authorization); + if (StringUtils.equals(this.messageDigestAlgorithm, "SDK-HMAC-SHA256")) { + match = AUTHORIZATION_PATTERN_SHA256.matcher(authorization); + } + + if (!match.find()) { + return false; + } else { + String[] signedHeaders = match.group(2).split(";"); + byte[] signingKey = this.deriveSigningKey(request.getSecrect()); + String messageDigestContent = this.calculateContentHash(request); + String canonicalRequest = this.createCanonicalRequest(request, signedHeaders, messageDigestContent); + String stringToSign = this.createStringToSign(canonicalRequest, singerDate); + byte[] signature = this.computeSignature(stringToSign, signingKey); + String signatureResult = this.buildAuthorizationHeader(signedHeaders, signature, request.getKey()); + return signatureResult.equals(authorization); + } + } + + protected String calculateContentHash(HuaweiRequest request) { + String content_sha256 = this.getHeader(request, "x-sdk-content-sha256"); + if (content_sha256 != null) { + return content_sha256; + } else { + return StringUtils.equals(this.messageDigestAlgorithm, "SDK-HMAC-SHA256") ? HexUtil.encodeHexStr(this.hash(request.getBody()),true) : HexUtil.encodeHexStr(this.hashSm3(request.getBody())); + } + } + + public byte[] hash(String text) { + try { + MessageDigest md = MessageDigest.getInstance("SHA-256"); + md.update(text.getBytes(StandardCharsets.UTF_8)); + return md.digest(); + } catch (NoSuchAlgorithmException var3) { + return new byte[0]; + } + } + + public byte[] hashSm3(String text) { + byte[] srcData = text.getBytes(StandardCharsets.UTF_8); + SM3Digest digest = new SM3Digest(); + digest.update(srcData, 0, srcData.length); + byte[] hash = new byte[digest.getDigestSize()]; + digest.doFinal(hash, 0); + return hash; + } + + +} diff --git a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/enums/SmsChannelEnum.java b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/enums/SmsChannelEnum.java index 7bd192223..88f578a18 100644 --- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/enums/SmsChannelEnum.java +++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/enums/SmsChannelEnum.java @@ -17,7 +17,7 @@ public enum SmsChannelEnum { DEBUG_DING_TALK("DEBUG_DING_TALK", "调试(钉钉)"), ALIYUN("ALIYUN", "阿里云"), TENCENT("TENCENT", "腾讯云"), -// HUA_WEI("HUA_WEI", "华为云"), + HUAWEI("HUAWEI", "华为云"), ; /**