loginV2加signature

1 year ago · 708880e737
4 changed files with 35 additions and 3 deletions
--- a/game-service/src/main/java/awesome/group/game/service/WxService.java
+++ b/game-service/src/main/java/awesome/group/game/service/WxService.java
@ -103,11 +103,14 @@ public class WxService {
        return JwtUtils.generatorToken(u.getId() + "", 20 * 86400);
    }

-    public LoginBo loginV2(String code, String appId, String inviteCode) {
+    public LoginBo loginV2(String code, String appId, String inviteCode, String rawData) {
        WeGameUser u = login(code, appId);
        LoginBo res = new LoginBo();
        res.inviteCode = u.getInviteCode();
        res.jwtToken = JwtUtils.generatorToken(u.getId() + "", 20 * 86400);
+        if(StringUtils.hasText(rawData)) {
+            res.signature = EncryptUtil.hmacSHA256(u.getSessionKey(), rawData);
+        }
        if (!StringUtils.hasText(inviteCode)) {
            return res;
        }
--- a/game-service/src/main/java/awesome/group/game/service/bo/LoginBo.java
+++ b/game-service/src/main/java/awesome/group/game/service/bo/LoginBo.java
@ -3,4 +3,5 @@ package awesome.group.game.service.bo;
 public class LoginBo {
    public String jwtToken;
    public String inviteCode;
+    public String signature;
 }
--- a/game-service/src/main/java/awesome/group/game/service/util/EncryptUtil.java
+++ b/game-service/src/main/java/awesome/group/game/service/util/EncryptUtil.java
@ -1,6 +1,11 @@
 package awesome.group.game.service.util;

+import awesome.group.game.service.common.log.L;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
 import java.nio.charset.StandardCharsets;
+import java.security.InvalidKeyException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.Formatter;
@ -19,6 +24,29 @@ public class EncryptUtil {
        return sha1;
    }

+    /**
+     * sha256_HMAC加密
+     *
+     * @param message 消息
+     * @param secret  秘钥
+     * @return 加密后字符串
+     */
+    public static String hmacSHA256(String secret, String message) {
+        String hash = "";
+        try {
+            Mac hmacSha256 = Mac.getInstance("HmacSHA256");
+            SecretKeySpec secret_key = new SecretKeySpec(secret.getBytes(), "HmacSHA256");
+            hmacSha256.init(secret_key);
+            byte[] bytes = hmacSha256.doFinal(message.getBytes());
+            hash = byteToHex(bytes);
+        } catch (NoSuchAlgorithmException e) {
+        } catch (InvalidKeyException e) {
+            L.trace("hmacSHA256_invalid_key", "secret:" + secret + ", message:" + message, e);
+        }
+
+        return hash;
+    }
+
    public static String byteToHex(final byte[] hash) {
        Formatter formatter = new Formatter();
        for (byte b : hash) {
--- a/game-web/src/main/java/awesome/group/controller/LoginController.java
+++ b/game-web/src/main/java/awesome/group/controller/LoginController.java
@ -39,8 +39,8 @@ public class LoginController {

    @PostMapping("/loginV2")
    @RestApi
-    public R<LoginBo> wxLoginV2(@RequestParam String code, @RequestParam String appId, @RequestParam(required = false) String inviteCode) {
-        return new R<>(R.CODE_SUCCESS, "", wxService.loginV2(code, appId, inviteCode));
+    public R<LoginBo> wxLoginV2(@RequestParam String code, @RequestParam String appId, @RequestParam(required = false) String inviteCode, @RequestParam(required = false)String rawData) {
+        return new R<>(R.CODE_SUCCESS, "", wxService.loginV2(code, appId, inviteCode, rawData));
    }

    @GetMapping("/test")