huangjiajun
/
community_team
1
0
포크 0
코드 이슈 0 풀 리퀘스트 0 릴리즈 0 위키 활동
附近小店
25개 이상의 토픽을 선택하실 수 없습니다. Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19 커밋
1 브렌치
2.3 MiB
 
 
 
트리: 96ac9809e3
브랜치 태그
${ item.name }
${ searchTerm } 브랜치 생성
from '96ac9809e3'
${ noResults }
community_team/app/utils/sign_check.go

220 lines
6.2 KiB
Raw Blame 히스토리 

  1. package utils

  2. 

  3. import (

  4. 	"applet/app/cfg"

  5. 	"applet/app/utils/logx"

  6. 	"fmt"

  7. 	"github.com/forgoer/openssl"

  8. 	"github.com/gin-gonic/gin"

  9. 	"github.com/syyongx/php2go"

  10. 	"strings"

  11. 	"time"

  12. )

  13. 

  14. var publicKey = []byte(`-----BEGIN PUBLIC KEY-----

  15. MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCFQD7RL2tDNuwdg0jTfV0zjAzh

  16. WoCWfGrcNiucy2XUHZZU2oGhHv1N10qu3XayTDD4pu4sJ73biKwqR6ZN7IS4Sfon

  17. vrzaXGvrTG4kmdo3XrbrkzmyBHDLTsJvv6pyS2HPl9QPSvKDN0iJ66+KN8QjBpw1

  18. FNIGe7xbDaJPY733/QIDAQAB

  19. -----END PUBLIC KEY-----`)

  20. 

  21. var privateKey = []byte(`-----BEGIN RSA PRIVATE KEY-----

  22. MIICXAIBAAKBgQCFQD7RL2tDNuwdg0jTfV0zjAzhWoCWfGrcNiucy2XUHZZU2oGh

  23. Hv1N10qu3XayTDD4pu4sJ73biKwqR6ZN7IS4SfonvrzaXGvrTG4kmdo3Xrbrkzmy

  24. BHDLTsJvv6pyS2HPl9QPSvKDN0iJ66+KN8QjBpw1FNIGe7xbDaJPY733/QIDAQAB

  25. AoGADi14wY8XDY7Bbp5yWDZFfV+QW0Xi2qAgSo/k8gjeK8R+I0cgdcEzWF3oz1Q2

  26. 9d+PclVokAAmfj47e0AmXLImqMCSEzi1jDBUFIRoJk9WE1YstE94mrCgV0FW+N/u

  27. +L6OgZcjmF+9dHKprnpaUGQuUV5fF8j0qp8S2Jfs3Sw+dOECQQCQnHALzFjmXXIR

  28. Ez3VSK4ZoYgDIrrpzNst5Hh6AMDNZcG3CrCxlQrgqjgTzBSr3ZSavvkfYRj42STk

  29. TqyX1tQFAkEA6+O6UENoUTk2lG7iO/ta7cdIULnkTGwQqvkgLIUjk6w8E3sBTIfw

  30. rerTEmquw5F42HHE+FMrRat06ZN57lENmQJAYgUHlZevcoZIePZ35Qfcqpbo4Gc8

  31. Fpm6vwKr/tZf2Vlt0qo2VkhWFS6L0C92m4AX6EQmDHT+Pj7BWNdS+aCuGQJBAOkq

  32. NKPZvWdr8jNOV3mKvxqB/U0uMigIOYGGtvLKt5vkh42J7ILFbHW8w95UbWMKjDUG

  33. X/hF3WQEUo//Imsa2yECQHSZIpJxiTRueoDiyRt0LH+jdbYFUu/6D0UIYXhFvP/p

  34. EZX+hfCfUnNYX59UVpRjSZ66g0CbCjuBPOhmOD+hDeQ=

  35. -----END RSA PRIVATE KEY-----`)

  36. 

  37. func GetApiVersion(c *gin.Context) int {

  38. 	var apiVersion = c.GetHeader("apiVersion")

  39. 	if StrToInt(apiVersion) == 0 { //没有版本号先不校验

  40. 		apiVersion = c.GetHeader("Apiversion")

  41. 	}

  42. 	if StrToInt(apiVersion) == 0 { //没有版本号先不校验

  43. 		apiVersion = c.GetHeader("api_version")

  44. 	}

  45. 	if StrToInt(apiVersion) == 0 { //没有版本号先不校验

  46. 		apiVersion = c.GetString("apiVersion")

  47. 	}

  48. 	if StrToInt(apiVersion) == 0 {

  49. 		platform := c.GetHeader("platform")

  50. 		if InArr(platform, []string{"ios", "android"}) == false && c.GetString("h5_applet_must_sign") == "1" {

  51. 			apiVersion = "1"

  52. 		}

  53. 		if InArr(platform, []string{"android"}) && c.GetString("android_must_sign") == "1" {

  54. 			apiVersion = "1"

  55. 		}

  56. 		if InArr(platform, []string{"ios"}) && c.GetString("ios_must_sign") == "1" {

  57. 			apiVersion = "1"

  58. 		}

  59. 	}

  60. 	if c.GetString("api_version") == "1" && cfg.Prd {

  61. 		apiVersion = "1"

  62. 	}

  63. 	if (strings.Contains(c.Request.Host, "zhios-app") || strings.Contains(c.Request.Host, "api.zhios.cn")) && apiVersion == "1" {

  64. 		apiVersion = "0"

  65. 		c.Set("api_version", "0")

  66. 	}

  67. 

  68. 	//if InArr(c.GetHeader("platform"), []string{"ios", "android"}) {

  69. 	//	apiVersion = "0"

  70. 	//}

  71. 	var uri = c.Request.RequestURI

  72. 	if InArr(c.GetHeader("platform"), []string{"ios", "android", "pc"}) { //不用签名的接口

  73. 		var filterList = []string{

  74. 			"/api/v1/appcheck",

  75. 			"/api/v1/app/guide",

  76. 			"/api/v1/new/config.json",

  77. 			"pub.flutter.web_download_page",

  78. 		}

  79. 		for _, v := range filterList {

  80. 			if strings.Contains(uri, v) {

  81. 				apiVersion = "0"

  82. 			}

  83. 		}

  84. 	}

  85. 	return StrToInt(apiVersion)

  86. }

  87. func CheckUri(c *gin.Context) int {

  88. 	apiVersion := "1"

  89. 	//var uri = c.Request.RequestURI

  90. 	if InArr(c.GetHeader("platform"), []string{"ios", "android"}) { //不用签名的接口

  91. 		//var filterList = []string{

  92. 		//	"/api/v1/appcheck",

  93. 		//	"/api/v1/app/guide",

  94. 		//	"/api/v1/new/config.json",

  95. 		//	"api/v1/rec",

  96. 		//	"api/v1/custom/mod/",

  97. 		//	"api/v1/mod/",

  98. 		//	"api/v1/s/",

  99. 		//}

  100. 		//for _, v := range filterList {

  101. 		//	if strings.Contains(uri, v) {

  102. 		//		apiVersion = "0"

  103. 		//	}

  104. 		//}

  105. 		apiVersion = "0"

  106. 	}

  107. 	if c.GetHeader("mp") == "jd" {

  108. 		apiVersion = "0"

  109. 	}

  110. 	return StrToInt(apiVersion)

  111. }

  112. 

  113. // 签名校验

  114. func SignCheck(c *gin.Context) bool {

  115. 	var apiVersion = GetApiVersion(c)

  116. 	if apiVersion == 0 { //没有版本号先不校验

  117. 		return true

  118. 	}

  119. 	//1.通过rsa 解析出 aes

  120. 	var key = c.GetHeader("key")

  121. 

  122. 	//拼接对应参数

  123. 	var uri = c.Request.RequestURI

  124. 	var query = GetQueryParam(uri)

  125. 	fmt.Println(query)

  126. 	query["timestamp"] = c.GetHeader("timestamp")

  127. 	query["nonce"] = c.GetHeader("nonce")

  128. 	query["key"] = key

  129. 	token := c.GetHeader("Authorization")

  130. 	if token != "" {

  131. 		// 按空格分割

  132. 		parts := strings.SplitN(token, " ", 2)

  133. 		if len(parts) == 2 && parts[0] == "Bearer" {

  134. 			token = parts[1]

  135. 		}

  136. 	}

  137. 	query["token"] = token

  138. 	//2.query参数按照 ASCII 码从小到大排序

  139. 	str := JoinStringsInASCII(query, "&", false, false, "")

  140. 	//3.拼上密钥

  141. 	secret := ""

  142. 	if InArr(c.GetHeader("platform"), []string{"android", "ios"}) {

  143. 		secret = c.GetString("app_api_secret_key")

  144. 	} else if c.GetHeader("platform") == "wap" {

  145. 		secret = c.GetString("h5_api_secret_key")

  146. 	} else {

  147. 		secret = c.GetString("applet_api_secret_key")

  148. 	}

  149. 

  150. 	str = fmt.Sprintf("%s&secret=%s", str, secret)

  151. 	fmt.Println(str)

  152. 	//4.md5加密 转小写

  153. 	sign := strings.ToLower(Md5(str))

  154. 	//5.判断跟前端传来的sign是否一致

  155. 	if sign != c.GetHeader("sign") {

  156. 		return false

  157. 	}

  158. 

  159. 	if StrToInt64(query["timestamp"])/1000 < time.Now().Unix()-300 {

  160. 		fmt.Println("============" + query["timestamp"])

  161. 		return false

  162. 	}

  163. 	//if query["nonce"] != "" {

  164. 	//	//TODO s

  165. 	//	getString, err := cache.GetString(query["nonce"])

  166. 	//	if err != nil {

  167. 	//		fmt.Println("nonce", err)

  168. 	//	}

  169. 	//	if getString != "" {

  170. 	//		fmt.Println("nonce", "============"+getString)

  171. 	//		return false

  172. 	//	} else {

  173. 	//		cache.SetEx(query["nonce"], "1", 300)

  174. 	//	}

  175. 	//}

  176. 	return true

  177. }

  178. 

  179. func ResultAes(c *gin.Context, raw []byte) string {

  180. 	var key = c.GetHeader("key")

  181. 	base, _ := php2go.Base64Decode(key)

  182. 	aes, err := RsaDecrypt([]byte(base), privateKey)

  183. 	if err != nil {

  184. 		logx.Info(err)

  185. 		return ""

  186. 	}

  187. 	fmt.Println("============aes============")

  188. 	fmt.Println(string(aes))

  189. 	fmt.Println(string(raw))

  190. 	str, _ := openssl.AesECBEncrypt(raw, aes, openssl.PKCS7_PADDING)

  191. 	value := php2go.Base64Encode(string(str))

  192. 	fmt.Println(value)

  193. 

  194. 	return value

  195. }

  196. 

  197. func ResultAesDecrypt(c *gin.Context, raw string) string {

  198. 	var key = c.GetHeader("key")

  199. 	if key == "" {

  200. 		key = c.GetHeader("Key")

  201. 	}

  202. 	fmt.Println("验签", key)

  203. 	base, _ := php2go.Base64Decode(key)

  204. 	aes, err := RsaDecrypt([]byte(base), privateKey)

  205. 	if err != nil {

  206. 		logx.Info(err)

  207. 		return ""

  208. 	}

  209. 	raw = strings.ReplaceAll(raw, "\"", "")

  210. 	fmt.Println(raw)

  211. 	value1, _ := php2go.Base64Decode(raw)

  212. 	if value1 == "" {

  213. 		return ""

  214. 	}

  215. 	str1, _ := openssl.AesECBDecrypt([]byte(value1), aes, openssl.PKCS7_PADDING)

  216. 	fmt.Println("==========解码=========")

  217. 	fmt.Println(string(str1))

  218. 	return string(str1)

  219. }