HMAC-SHA 1アルゴリズム署名およびAuthorizationヘッダ認証
17160 ワード
PHPを使用してHMAC-SHA 1署名を行い、Authorizationヘッダ認証Deom
添付:javaアルゴリズムの例:
$app_id = 'id';
$host = "test.abc.com";
$port = "80";
$app_Key = "key";
$app_timestamp = time();
$app_nonce = "8FINtYTUsKbSZGfl".time().rand(10,1000);
$uri = "/account/ass/verify.do";
//build string
$arr = array($app_timestamp, $app_nonce, "POST", $uri, $host, $port);
$text = join("
", $arr) . "
";
var_dump($text);
$sig = get_signature($text, $app_Key);
var_dump($sig);
$headers=array();
$headers[] = "Authorization: MAC id=\"$app_id\",ts=\"$app_timestamp\",nonce=\"$app_nonce\",mac=\"$sig\"";
$headers[]="Content-Type: application/json";
$data='{"h":"2D4D9BE245FC4172989BC5FAD7EC8784","n":"97C5237B","t":"1428462620","v":"8F2ACF569FCBFDA9081248486240170B325AFF6D"}';
$result = curlPost('http://t-id.gionee.com'.$uri, $headers, $data);
/**
* @ HMAC-SHA1 oauth_signature
*
* @param $key
* @param $str
*
* @return
*/
function get_signature($str, $key) {
$signature = "";
if (function_exists('hash_hmac')) {
$signature = base64_encode(hash_hmac("sha1", $str, $key, true));
} else {
$blocksize = 64;
$hashfunc = 'sha1';
if (strlen($key) > $blocksize) {
$key = pack('H*', $hashfunc($key));
}
$key = str_pad($key, $blocksize, chr(0x00));
$ipad = str_repeat(chr(0x36), $blocksize);
$opad = str_repeat(chr(0x5c), $blocksize);
$hmac = pack(
'H*', $hashfunc(
($key ^ $opad) . pack(
'H*', $hashfunc(
($key ^ $ipad) . $str
)
)
)
);
$signature = base64_encode($hmac);
}
return $signature;
}
function curlPost($url, $headers = array(), $data = array()) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // ssl, https
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); // ssl, https
if (!empty($data)) {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
}
if (!empty($headers)) {
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
var_dump('set header');
var_dump($headers);
}
$output = curl_exec($ch);
curl_close($ch);
return $output;
}
添付:javaアルゴリズムの例:
package net.svr.cas.test.demo;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import net.iharder.Base64;
public class sig_demo_app {
private static final String MAC_NAME = "HmacSHA1";
private static final String UTF8 = "UTF-8";
private static final byte[] BYTEARRAY = new byte[0];
public static void main(String[] args) {
String host = "id.test.cn";
String port = "443";
String app_Key = " AppKey";
String app_timestamp = "1369732102";
String app_nonce = "8FINtYTUsKbSZGfl";
String uri = "/account/verify.do";
String sig = macSig(host, port, app_Key, app_timestamp, app_nonce, "POST", uri);
System.out.println(sig);
}
public static String macSig(String host, String port, String macKey, String timestamp, String nonce, String method, String uri) {
// 1. build mac string
// 2. hmac-sha1
// 3. base64-encoded
StringBuffer buffer = new StringBuffer();
buffer.append(timestamp).append("
");
buffer.append(nonce).append("
");
buffer.append(method.toUpperCase()).append("
");
buffer.append(uri).append("
");
buffer.append(host.toLowerCase()).append("
");
buffer.append(port).append("
");
buffer.append("
");
String text = buffer.toString();
System.out.println(text);
byte[] ciphertext = null;
try {
ciphertext = hmacSHA1Encrypt(macKey, text);
} catch (Throwable e) {
return null;
}
String sigString = Base64.encodeBytes(ciphertext);
return sigString;
}
public static byte[] hmacSHA1Encrypt(String encryptKey, String encryptText) throws InvalidKeyException, NoSuchAlgorithmException {
Mac mac = Mac.getInstance(MAC_NAME);
mac.init(new SecretKeySpec(getBytes(encryptKey), MAC_NAME));
return mac.doFinal(getBytes(encryptText));
}
public static byte[] getBytes(String value) {
return getBytes(value, UTF8);
}
public static byte[] getBytes(String value, String charset) {
if (isNullOrEmpty(value))
return BYTEARRAY;
if (isNullOrEmpty(charset))
charset = UTF8;
try {
return value.getBytes(charset);
} catch (UnsupportedEncodingException e) {
return BYTEARRAY;
}
}
public static boolean isNullOrEmpty(String s) {
if (s == null || s.isEmpty() || s.trim().isEmpty())
return true;
return false;
}
}