===== 帮我吧查看提交工单免登录动态签名规则说明 =====
>注: 此规则仅当后台在工单模板开启链接保护签名项才生效。
1. URL需传参数:
* signature 签名token
* timestamp 时间戳
* nonce 随机数
* authaccount 第三方系统与帮我吧对应客户的唯一标识(要求小写)
* mobile 联系人手机号码(要对应帮我吧联系人手机号码)
参数说明:
(1).authaccount和mobile传其中一个参数即可,按authaccount查询的优先级高于mobile,即如果两个参数都传,会按authaccount来提交工单
(2).提交的是工单模板发布且绑定该手机号码的工单,如手机号码传值为空,提示验证失败
(3).提交的是工单模板发布的工单,如已绑定authaccount,且绑定的authaccount有值,如果authaccount参数没传值,手机号码参数也传值,提示验证失败
(4).authaccount 和手机号码字段都已绑定,且都有值,提交的时候绑定的是authaccount有值的工单;authaccount和手机号码字段都存在,但是authaccount传值为
空,提交绑定的是对应的手机号码的;authaccount和手机号码字段都存在,值都为空,提示验证失败
2. 签名规则说明:
- 对private_key,timestamp,nonce三个参数以及所需的authaccount或者mobile参数,先字典升序后hash:
sha1(private_key,timestamp,nonce,param1...)
* private_key: 私钥(在后台设置中生成和重置)
* timestamp 时间戳1小时内有效
* 其余参数根据实际需要传递
* 中文参数UTF-8编码,必须urlencode
3. 签名代码示例\
* PHP版
nonce = time();
$this->timestamp = $this->getUnixMicroTime();
}
//获取13位时间戳
protected function getUnixMicroTime() {
$time = microtime(1);
return floor($time * 1000);
}
//生成签名
public function makeSignature(array $params){
$params['private_key'] = $this->private_key;
$params['timestamp'] = $this->timestamp;
$params['nonce'] = $this->nonce =123456;
$tmpArr = array_values($params);
sort($tmpArr, SORT_STRING);
return $tmpStr = sha1(implode($tmpArr));
}
}
//参数需要根据实际情况传递
$params = [
'mobile'=>'15564532345'
'authaccount'=>'dhif948'
];
$signObj = new Signature();
$signature = $signObj->makeSignature($params);
* Java版
import java.util.Collections;
import java.util.Comparator;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.List;
import java.util.Map.Entry;
class Signature{
public String makeSignature(Map map){
map.put("private_key", "aef2l3gze982ew");
map.put("timestamp", String.valueOf(System.currentTimeMillis()));
map.put("nonce", "123456");
List> list = new ArrayList>(map.entrySet());
Collections.sort(list,new Comparator>() {
public int compare(Entry o1,
Entry o2) {
return o1.getValue().compareTo(o2.getValue());
}
});
String tempStr = "";
for(Map.Entry mapping:list){
tempStr += mapping.getValue();
}
return sha1(tempStr);
}
public String sha1(String str){
char hexDigits[] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
'a', 'b', 'c', 'd', 'e', 'f' };
try {
MessageDigest mdTemp = MessageDigest.getInstance("SHA1");
mdTemp.update(str.getBytes("UTF-8"));
byte[] md = mdTemp.digest();
int j = md.length;
char buf[] = new char[j * 2];
int k = 0;
for (int i = 0; i < j; i++) {
byte byte0 = md[i];
buf[k++] = hexDigits[byte0 >>> 4 & 0xf];
buf[k++] = hexDigits[byte0 & 0xf];
}
return new String(buf);
} catch (Exception e) {
return null;
}
}
public static void main(String[] args) {
Map map = new TreeMap();
map.put("mobile", "15564532345");
map.put("authaccount", "dhif948");
Signature signature = new Signature();
String sign = signature.makeSignature(map);
System.out.println(sign);
}
}
4. 最终生成的带签名的url链接示例:
>注: 此链接打开一小时后失效。
(1)先把params后面的参数加密部分通过base64进行解密\\
(2)然后在后方拼接上文档中的必要参数\\
(3)最后将params后方部分整体base64加密拼接好链接,就可实现免登录提交工单了\\
''http://abtest.bangwo8.com/h.php?params=ZmllbGRfY29sdW1uTmFtZT1zdWJqZWN0LGRlc2NyaXB0LGNvbl9yZWFsTmFtZSxjb25fbW9iaWxlLGNvbl9waG9uZSxjb25fZW1haWwsY29uX1FRLGNvbl9wb3NpdGlvbixjb25fYXV0aGFjY291bnQsY29uX2ZpZWxkXzEsY29tX2NvbXBhbnlOYW1lLGNvbV9hZGRyZXNzLGNvbV93ZW5iZW4sJmZpZWxkX3JlYWRvbmx5PSZmaWVsZF9pbnZpc2libGU9JmZpZWxkX3JlcXVpcmVkPWNvbl9tb2JpbGUsY29uX2VtYWlsLGNvbV9jb21wYW55TmFtZSwmZmllbGRfZGVmYXVsdD0mZmllbGRfbWlubGVuZ3RoPSZmaWVsZF9tYXhsZW5ndGg9JmZpZWxkX3NvcnQ9c3ViamVjdCxkZXNjcmlwdCxjb25fcmVhbE5hbWUsY29uX21vYmlsZSxjb25fcGhvbmUsY29uX2VtYWlsLGNvbl9RUSxjb25fcG9zaXRpb24sY29uX2F1dGhhY2NvdW50LGNvbl9maWVsZF8xLGNvbV9jb21wYW55TmFtZSxjb21fYWRkcmVzcyxjb21fd2VuYmVuLCZmaWVsZF92ZXJpZnk9JmNob3NlVHlwZT0xJnNob3dSZXBseUxpc3Q9MSZhZGRSZXBseT0yJnJJZD05MCZhSWQ9MTYxMzUzJm5vbmNlPTEyMzQ1NiZ0aW1lc3RhbXA9MTU3ODQ2Mzg4MzM4MSZzaWduYXR1cmU9YmZjMDI0MTU0OTc5Njk0ZjBiNTg1MGNhODgyODEwNzgyZTc1ODRjMg==''