# 美团企业版免登签名
# 1. Java签名示例
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.21</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.7</version>
</dependency>
import org.apache.commons.lang3.RandomStringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.net.URLEncoder;
import java.security.interfaces.RSAPrivateKey;
import java.text.SimpleDateFormat;
import java.util.Date;
//调用该类main方法前,需要通过com.meituan.sqt.h5Access.RsaUtil.main生成公钥和私钥
public class SqtH5Access {
private static Logger logger = LoggerFactory.getLogger(SqtH5Access.class);
/**
* 获取h5免登url
* @param url 美团企业版接口地址
* @param privateKey 私钥,可通过RsaUtil.genKey()生成
* @param appkey
* @param entId 企业Id,美团企业版提供
* @param productType
* @param staffNo 该字段与企业员工唯一标志对应,可能为staffPhoneNo字段
*/
public static String getH5AccessUrl(String url, String privateKey, String appkey, Integer entId, String productType, String staffNo){
try {
// params是待签名文本,包括所有需要签名的参数,不包括value为空的参数、signature参数
// 另外,params中,每一个键值对按key从a-z进行排序,首字母相同,则比较下一个,以此类推
String params = "appKey=" + appkey + "&entId=" + entId + "&nounce=" + getNounce() + "&productType=" + productType + "&requestTime=" + getRequestTime() + "&staffNo=" + staffNo;
RSAPrivateKey rsaPrivateKey = RsaUtil.loadPrivateKey(privateKey);
String signature = RsaUtil.sign(params.getBytes(), rsaPrivateKey);
//signature参数需encode
String h5AccessUrl = url+"?"+params + "&signature="+ URLEncoder.encode(signature,"utf-8");
return h5AccessUrl;
} catch (Exception e) {
logger.error("获取h5AccessUrl失败",e);
}
return null;
}
private static String getRequestTime(){
SimpleDateFormat formatter= new SimpleDateFormat("yyyyMMddHHmmss");
Date now = new Date(System.currentTimeMillis());
return formatter.format(now);
}
private static String getNounce(){
return RandomStringUtils.random(36, true, true);
}
public static void main(String[] args) {
//接口地址
String url = "https://m-sqt.meituan.com/open/commonaccess/access";
//美团企业版提供
String appkey = null;
//私钥,通过 com.meituan.sqt.h5Access.RsaUtil.main 生成
String privateKey = null;
// 企业Id,美团企业版提供
Integer entId = null;
// 详情见业务接口描述
String productType = null;
// 与企业员工唯一标志对应,可能为staffPhoneNo字段
String staffNo = null;
String h5AccessUrl = SqtH5Access.getH5AccessUrl(url, privateKey, appkey, entId, productType, staffNo);
System.out.println(h5AccessUrl);
}
}
# 2. 签名工具类
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.21</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.7</version>
</dependency>
import org.apache.commons.codec.binary.Base64;
import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
public class RsaUtil {
public static final String ENCRYPT_ALGORTHM = "RSA";
public static final String SIGNATURE_ALGORITHM = "SHA1withRSA";
/**
* RSA最大加密明文大小
*/
private static final int MAX_ENCRYPT_BLOCK = 117;
/**
* RSA最大解密密文大小
*/
private static final int MAX_DECRYPT_BLOCK = 128;
public static void genKey() throws Exception {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ENCRYPT_ALGORTHM);
keyPairGenerator.initialize(1024);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
//公钥 发送给美团企业版
String publicKeyStr = new String(Base64.encodeBase64(publicKey.getEncoded()));
//私钥 企业保存 用于签名
String privateKeyStr = new String(Base64.encodeBase64(privateKey.getEncoded()));
System.out.println("公钥,发送给美团企业版:" + publicKeyStr);
System.out.println("私钥,企业保存:" + privateKeyStr);
}
public static RSAPublicKey loadPublicKey(String publicKeyStr) throws Exception {
try {
byte[] buffer = Base64.decodeBase64(publicKeyStr);
KeyFactory keyFactory = KeyFactory.getInstance(ENCRYPT_ALGORTHM);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(buffer);
return (RSAPublicKey) keyFactory.generatePublic(keySpec);
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此算法", e);
} catch (InvalidKeySpecException e) {
throw new Exception("公钥非法", e);
} catch (NullPointerException e) {
throw new Exception("公钥数据为空", e);
}
}
public static RSAPrivateKey loadPrivateKey(String privateKeyStr) throws Exception {
try {
byte[] buffer = Base64.decodeBase64(privateKeyStr);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(buffer);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return (RSAPrivateKey) keyFactory.generatePrivate(keySpec);
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此算法", e);
} catch (InvalidKeySpecException e) {
throw new Exception("私钥非法", e);
} catch (NullPointerException e) {
throw new Exception("私钥数据为空", e);
}
}
/**
* 用私钥对信息生成数字签名
*
* @param data
* //加密数据
* @param privateKey
* //私钥
* @return
* @throws Exception
*/
public static String sign(byte[] data, RSAPrivateKey privateKey) throws Exception {
// 用A方私钥对信息生成数字签名
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initSign(privateKey);
signature.update(data);
return Base64.encodeBase64String(signature.sign());
}
/**
* 用公钥验证签名
*
* @param data
* //加密数据
* @param publicKey
* //公钥
* @param sign
* //签名
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
* @throws SignatureException
* @throws Exception
*/
public static boolean validate(byte[] data, RSAPublicKey publicKey, String sign) throws Exception {
Signature signature;
signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initVerify(publicKey);
signature.update(data);
return signature.verify(Base64.decodeBase64(sign));
}
public static boolean validate(byte[] data, String publicKey, String sign) throws Exception {
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initVerify(loadPublicKey(publicKey));
signature.update(data);
return signature.verify(Base64.decodeBase64(sign));
}
/**
* <P>
* 私钥解密
* </p>
*
* @param privateKey 私钥
* @return
* @throws Exception
*/
public static String decryptByPrivateKey(String encryptedString, RSAPrivateKey privateKey)
throws Exception {
Cipher cipher = Cipher.getInstance(ENCRYPT_ALGORTHM);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] encryptedData = Base64.decodeBase64(encryptedString);
int inputLen = encryptedData.length;
byte[] decryptedData;
ByteArrayOutputStream out = null;
try {
out = new ByteArrayOutputStream();
int offSet = 0;
byte[] cache;
int i = 0;
// 对数据分段解密
while (inputLen - offSet > 0) {
if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
} else {
cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * MAX_DECRYPT_BLOCK;
}
decryptedData = out.toByteArray();
} finally {
out.close();
}
return new String(decryptedData, "UTF-8");
}
/**
* <p>
* 公钥解密
* </p>
*
* @param publicKey 公钥
* @return
* @throws Exception
*/
public static String decryptByPublicKey(String encryptedString, RSAPublicKey publicKey)
throws Exception {
Cipher cipher = Cipher.getInstance(ENCRYPT_ALGORTHM);
cipher.init(Cipher.DECRYPT_MODE, publicKey);
byte[] encryptedData = Base64.decodeBase64(encryptedString);
int inputLen = encryptedData.length;
ByteArrayOutputStream out = null;
byte[] decryptedData;
try {
out = new ByteArrayOutputStream();
int offSet = 0;
byte[] cache;
int i = 0;
// 对数据分段解密
while (inputLen - offSet > 0) {
if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
} else {
cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * MAX_DECRYPT_BLOCK;
}
decryptedData = out.toByteArray();
} finally {
out.close();
}
return new String(decryptedData, "UTF-8");
}
/**
* <p>
* 公钥加密
* </p>
*
* @param publicKey 公钥
* @return
* @throws Exception
*/
public static String encryptByPublicKey(String plainText, RSAPublicKey publicKey)
throws Exception {
byte[] data = plainText.getBytes("UTF-8");
// 对数据加密
Cipher cipher = Cipher.getInstance(ENCRYPT_ALGORTHM);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
int inputLen = data.length;
ByteArrayOutputStream out = null;
byte[] encryptedData;
try {
out = new ByteArrayOutputStream();
int offSet = 0;
byte[] cache;
int i = 0;
// 对数据分段加密
while (inputLen - offSet > 0) {
if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
} else {
cache = cipher.doFinal(data, offSet, inputLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * MAX_ENCRYPT_BLOCK;
}
encryptedData = out.toByteArray();
} finally {
out.close();
}
return Base64.encodeBase64String(encryptedData);
}
/**
* <p>
* 私钥加密
* </p>
*
* @param privateKey
* @return
* @throws Exception
*/
public static String encryptByPrivateKey(String plainText, RSAPrivateKey privateKey)
throws Exception {
byte[] data = plainText.getBytes("UTF-8");
Cipher cipher = Cipher.getInstance(ENCRYPT_ALGORTHM);
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
int inputLen = data.length;
ByteArrayOutputStream out = null;
byte[] encryptedData;
try {
out = new ByteArrayOutputStream();
int offSet = 0;
byte[] cache;
int i = 0;
// 对数据分段加密
while (inputLen - offSet > 0) {
if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
} else {
cache = cipher.doFinal(data, offSet, inputLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * MAX_ENCRYPT_BLOCK;
}
encryptedData = out.toByteArray();
} finally {
out.close();
}
return Base64.encodeBase64String(encryptedData);
}
//获取公钥和私钥
public static void main(String[] args) throws Exception {
genKey();
}
}