diff --git a/game-service/src/main/java/awesome/group/game/service/WxService.java b/game-service/src/main/java/awesome/group/game/service/WxService.java index 7a3e8fc..eb39376 100644 --- a/game-service/src/main/java/awesome/group/game/service/WxService.java +++ b/game-service/src/main/java/awesome/group/game/service/WxService.java @@ -103,11 +103,14 @@ public class WxService { return JwtUtils.generatorToken(u.getId() + "", 20 * 86400); } - public LoginBo loginV2(String code, String appId, String inviteCode) { + public LoginBo loginV2(String code, String appId, String inviteCode, String rawData) { WeGameUser u = login(code, appId); LoginBo res = new LoginBo(); res.inviteCode = u.getInviteCode(); res.jwtToken = JwtUtils.generatorToken(u.getId() + "", 20 * 86400); + if(StringUtils.hasText(rawData)) { + res.signature = EncryptUtil.hmacSHA256(u.getSessionKey(), rawData); + } if (!StringUtils.hasText(inviteCode)) { return res; } diff --git a/game-service/src/main/java/awesome/group/game/service/bo/LoginBo.java b/game-service/src/main/java/awesome/group/game/service/bo/LoginBo.java index f15168c..1736555 100644 --- a/game-service/src/main/java/awesome/group/game/service/bo/LoginBo.java +++ b/game-service/src/main/java/awesome/group/game/service/bo/LoginBo.java @@ -3,4 +3,5 @@ package awesome.group.game.service.bo; public class LoginBo { public String jwtToken; public String inviteCode; + public String signature; } diff --git a/game-service/src/main/java/awesome/group/game/service/util/EncryptUtil.java b/game-service/src/main/java/awesome/group/game/service/util/EncryptUtil.java index 8f9c857..676339c 100644 --- a/game-service/src/main/java/awesome/group/game/service/util/EncryptUtil.java +++ b/game-service/src/main/java/awesome/group/game/service/util/EncryptUtil.java @@ -1,6 +1,11 @@ package awesome.group.game.service.util; +import awesome.group.game.service.common.log.L; + +import javax.crypto.Mac; +import javax.crypto.spec.SecretKeySpec; import java.nio.charset.StandardCharsets; +import java.security.InvalidKeyException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Formatter; @@ -19,6 +24,29 @@ public class EncryptUtil { return sha1; } + /** + * sha256_HMAC加密 + * + * @param message 消息 + * @param secret 秘钥 + * @return 加密后字符串 + */ + public static String hmacSHA256(String secret, String message) { + String hash = ""; + try { + Mac hmacSha256 = Mac.getInstance("HmacSHA256"); + SecretKeySpec secret_key = new SecretKeySpec(secret.getBytes(), "HmacSHA256"); + hmacSha256.init(secret_key); + byte[] bytes = hmacSha256.doFinal(message.getBytes()); + hash = byteToHex(bytes); + } catch (NoSuchAlgorithmException e) { + } catch (InvalidKeyException e) { + L.trace("hmacSHA256_invalid_key", "secret:" + secret + ", message:" + message, e); + } + + return hash; + } + public static String byteToHex(final byte[] hash) { Formatter formatter = new Formatter(); for (byte b : hash) { diff --git a/game-web/src/main/java/awesome/group/controller/LoginController.java b/game-web/src/main/java/awesome/group/controller/LoginController.java index c83ba5a..b4f0537 100644 --- a/game-web/src/main/java/awesome/group/controller/LoginController.java +++ b/game-web/src/main/java/awesome/group/controller/LoginController.java @@ -39,8 +39,8 @@ public class LoginController { @PostMapping("/loginV2") @RestApi - public R wxLoginV2(@RequestParam String code, @RequestParam String appId, @RequestParam(required = false) String inviteCode) { - return new R<>(R.CODE_SUCCESS, "", wxService.loginV2(code, appId, inviteCode)); + public R wxLoginV2(@RequestParam String code, @RequestParam String appId, @RequestParam(required = false) String inviteCode, @RequestParam(required = false)String rawData) { + return new R<>(R.CODE_SUCCESS, "", wxService.loginV2(code, appId, inviteCode, rawData)); } @GetMapping("/test")