注: 此规则仅当后台在工单模板开启链接保护签名项才生效。
1. URL需传参数:
参数说明:
(1).authaccount和mobile传其中一个参数即可,按authaccount查询的优先级高于mobile,即如果两个参数都传,会按authaccount来提交工单 (2).提交的是工单模板发布且绑定该手机号码的工单,如手机号码传值为空,提示验证失败 (3).提交的是工单模板发布的工单,如已绑定authaccount,且绑定的authaccount有值,如果authaccount参数没传值,手机号码参数也传值,提示验证失败 (4).authaccount 和手机号码字段都已绑定,且都有值,提交的时候绑定的是authaccount有值的工单;authaccount和手机号码字段都存在,但是authaccount传值为 空,提交绑定的是对应的手机号码的;authaccount和手机号码字段都存在,值都为空,提示验证失败
2. 签名规则说明: - 对private_key,timestamp,nonce三个参数以及所需的authaccount或者mobile参数,先字典升序后hash:
sha1(private_key,timestamp,nonce,param1...)
3. 签名代码示例\
<?php /** * 签名类 * Class Signature */ class Signature{ private $nonce; private $timestamp; private $private_key = 'aef2l3gze982ew'; public function __construct() { $this->nonce = time(); $this->timestamp = $this->getUnixMicroTime(); } //获取13位时间戳 protected function getUnixMicroTime() { $time = microtime(1); return floor($time * 1000); } //生成签名 public function makeSignature(array $params){ $params['private_key'] = $this->private_key; $params['timestamp'] = $this->timestamp; $params['nonce'] = $this->nonce =123456; $tmpArr = array_values($params); sort($tmpArr, SORT_STRING); return $tmpStr = sha1(implode($tmpArr)); } } //参数需要根据实际情况传递 $params = [ 'mobile'=>'15564532345' 'authaccount'=>'dhif948' ]; $signObj = new Signature(); $signature = $signObj->makeSignature($params);
import java.util.Collections; import java.util.Comparator; import java.util.Iterator; import java.util.Map; import java.util.Set; import java.util.TreeMap; import java.security.MessageDigest; import java.util.ArrayList; import java.util.List; import java.util.Map.Entry; class Signature{ public String makeSignature(Map<String, String> map){ map.put("private_key", "aef2l3gze982ew"); map.put("timestamp", String.valueOf(System.currentTimeMillis())); map.put("nonce", "123456"); List<Map.Entry<String,String>> list = new ArrayList<Map.Entry<String,String>>(map.entrySet()); Collections.sort(list,new Comparator<Map.Entry<String,String>>() { public int compare(Entry<String, String> o1, Entry<String, String> o2) { return o1.getValue().compareTo(o2.getValue()); } }); String tempStr = ""; for(Map.Entry<String,String> mapping:list){ tempStr += mapping.getValue(); } return sha1(tempStr); } public String sha1(String str){ char hexDigits[] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; try { MessageDigest mdTemp = MessageDigest.getInstance("SHA1"); mdTemp.update(str.getBytes("UTF-8")); byte[] md = mdTemp.digest(); int j = md.length; char buf[] = new char[j * 2]; int k = 0; for (int i = 0; i < j; i++) { byte byte0 = md[i]; buf[k++] = hexDigits[byte0 >>> 4 & 0xf]; buf[k++] = hexDigits[byte0 & 0xf]; } return new String(buf); } catch (Exception e) { return null; } } public static void main(String[] args) { Map<String, String> map = new TreeMap<String, String>(); map.put("mobile", "15564532345"); map.put("authaccount", "dhif948"); Signature signature = new Signature(); String sign = signature.makeSignature(map); System.out.println(sign); } }
4. 最终生成的带签名的url链接示例:
注: 此链接打开一小时后失效。
(1)先把params后面的参数加密部分通过base64进行解密
(2)然后在后方拼接上文档中的必要参数
(3)最后将params后方部分整体base64加密拼接好链接,就可实现免登录提交工单了
http://abtest.bangwo8.com/h.php?params=ZmllbGRfY29sdW1uTmFtZT1zdWJqZWN0LGRlc2NyaXB0LGNvbl9yZWFsTmFtZSxjb25fbW9iaWxlLGNvbl9waG9uZSxjb25fZW1haWwsY29uX1FRLGNvbl9wb3NpdGlvbixjb25fYXV0aGFjY291bnQsY29uX2ZpZWxkXzEsY29tX2NvbXBhbnlOYW1lLGNvbV9hZGRyZXNzLGNvbV93ZW5iZW4sJmZpZWxkX3JlYWRvbmx5PSZmaWVsZF9pbnZpc2libGU9JmZpZWxkX3JlcXVpcmVkPWNvbl9tb2JpbGUsY29uX2VtYWlsLGNvbV9jb21wYW55TmFtZSwmZmllbGRfZGVmYXVsdD0mZmllbGRfbWlubGVuZ3RoPSZmaWVsZF9tYXhsZW5ndGg9JmZpZWxkX3NvcnQ9c3ViamVjdCxkZXNjcmlwdCxjb25fcmVhbE5hbWUsY29uX21vYmlsZSxjb25fcGhvbmUsY29uX2VtYWlsLGNvbl9RUSxjb25fcG9zaXRpb24sY29uX2F1dGhhY2NvdW50LGNvbl9maWVsZF8xLGNvbV9jb21wYW55TmFtZSxjb21fYWRkcmVzcyxjb21fd2VuYmVuLCZmaWVsZF92ZXJpZnk9JmNob3NlVHlwZT0xJnNob3dSZXBseUxpc3Q9MSZhZGRSZXBseT0yJnJJZD05MCZhSWQ9MTYxMzUzJm5vbmNlPTEyMzQ1NiZ0aW1lc3RhbXA9MTU3ODQ2Mzg4MzM4MSZzaWduYXR1cmU9YmZjMDI0MTU0OTc5Njk0ZjBiNTg1MGNhODgyODEwNzgyZTc1ODRjMg==