# openapi-sdk **Repository Path**: ufudig/openapi-sdk ## Basic Information - **Project Name**: openapi-sdk - **Description**: 公开服务密钥验证开发库 - **Primary Language**: Unknown - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2025-09-07 - **Last Updated**: 2025-09-07 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # Openapi-SDK # 依赖 ```xml com.touscm openapi-sdk 1.0 ``` # 生成密钥 ```java public static final String CREDENTIALS_ID_PREFIX = "AKID"; public static final int CREDENTIALS_LEN = 32; public static final String SERVICE_OPEN = "open"; public static final String VERSION = "V1"; String SECRET_ID = CREDENTIALS_ID_PREFIX + RandomStringUtils.randomAlphanumeric(CREDENTIALS_LEN); String SECRET_KEY = RandomStringUtils.randomAlphanumeric(CREDENTIALS_LEN); ``` # 发送请求 ```java import com.touscm.openapi.utils.SignUtils; import com.touscm.quicker.base.KeyValuePair; import com.touscm.quicker.domain.web.ReqCondition; import com.touscm.quicker.domain.web.ReqModel; import com.touscm.quicker.utils.DateUtils; import com.touscm.quicker.utils.EntryUtils; import com.touscm.quicker.utils.OkHttpUtils; public class SignMocker { static final String SERVICE_OPEN = "open"; static final String VERSION = "V1"; public static void main(String[] args) { String host = "http://127.0.0.1:8001"; String uri = "/open/api/gate"; queryLocation(SERVICE_OPEN, host, uri, VERSION); } private static void queryLocation(String service, String host, String uri, String version) { String action = "QueryLocation"; var param = new HashMap(); param.put("companyId", "bae4f6212b104c64b480dc1b7caab9fa"); param.put("carNo", "蒙L63966"); var content = EntryUtils.toString(param); var sign = SignUtils.sign(SECRET_ID, SECRET_KEY, uri, content, service, action, version); var headers = new ArrayList>(); sign.getData().getHeaders().forEach((key, value) -> headers.add(new KeyValuePair<>(key, value))); System.out.println("查询定位"); System.out.println(OkHttpUtils.json(host + uri, content, headers)); } } ``` # 接口处理(原生认证) ```java @RestController @RequestMapping("/open/api") public class ApiController { private static final Logger logger = LoggerFactory.getLogger(ApiController.class); static final String SERVICE_OPEN = "open"; static final String VERSION = "V1"; static final List authHeaders = Arrays.asList(AUTH_HEADER_ACTION, AUTH_HEADER_TIMESTAMP, AUTH_HEADER_VERSION, SIGN_HEADER_KEY); @RequestMapping("gate") public RestResult gate(@Autowired HttpServletRequest request, @RequestBody Object model) { var session = validateToken(request); if (session.isEmpty()) { return new RestResult<>(RestResultStatus.NoAuth, "认证失败"); } // 请求Action验证 var action = session.flatMap(a -> QueryAction.parseOptional(a.getName())); if (action.isEmpty()) { return new RestResult<>(RestResultStatus.ParamError, "Action无法识别"); } try { final RestResult process = SpringContext.getBean(action.get().code(), IServiceProcessor.class).process(group.get(), model); return process; } catch (Exception e) { logger.error("处理异常, action:{}, group:{}, reqModel:{}", action.get().code(), EntryUtils.toString(group.get()), EntryUtils.toString(model), e); return new RestResult<>(RestResultStatus.Error, "处理失败"); } } public Optional validateToken(HttpServletRequest request) { String method = request.getMethod(); String uri = request.getRequestURI(); String authContent = request.getHeader(AuthConstants.AUTH_KEY); Map headers = RequestUtils.getHeaders(request, authHeaders); String body = RequestUtils.getRequestBody(request); var ref = new AtomicReference(); var checkSignRes = com.touscm.openapi.utils.SignUtils.check(method, uri, body, headers, authContent, signParam -> { if (!SERVICE_OPEN.equalsIgnoreCase(signParam.getService())) { return new SignResult("Open认证失败, Service=" + signParam.getService() + "不支持"); } if (!VERSION.equalsIgnoreCase(signParam.getVersion())) { return new SignResult("Open认证失败, Version=" + signParam.getVersion() + "不支持"); } // 请求密钥ID验证 if (!SECRET_ID.equals(signParam.getSecretId())) { logger.debug("Open认证失败, 密钥ID不存在, secretId:{}", signParam.getSecretId()); return new SignResult("Open认证失败, 密钥ID不存在"); } return new SignResult(true, SECRET_KEY); }); if (!checkSignRes.isSuccess()) { logger.warn("Open认证失败, {}", checkSignRes.getMessage()); return Optional.empty(); } var groups = Collections.singletonList(new GroupInfo().setId(ref.get().getSpId()).setName(ref.get().getSpName()).setType(GROUP_TYPE_SP_CREDENTIAL)); //noinspection unchecked return Optional.of(new UserInfo().setId(ref.get().getId()).setName(checkSignRes.getData().getAction()).setPassword(ref.get().getSecretId()).setCurrentGroupId(ref.get().getSpId()).setGroups(groups)); } } ``` # 接口处理(框架认证) ```java @RestController @RequestMapping("/open/api") public class ApiController { private static final Logger logger = LoggerFactory.getLogger(ApiController.class); @RequestMapping("gate") @Permission(groupTypes = {GROUP_TYPE_SP_CREDENTIAL}) public RestResult gate(@RequestBody Object model) { var session = SessionHandler.getSession(); if (session.isEmpty()) { return new RestResult<>(RestResultStatus.NoAuth, "认证失败"); } //noinspection unchecked var group = session.flatMap(a -> (Optional>) a.getCurrentGroup()); if (group.isEmpty()) { return new RestResult<>(RestResultStatus.NoAuth, "无法识别当前服务商"); } var action = session.flatMap(a -> QueryAction.parseOptional(a.getName())); if (action.isEmpty()) { return new RestResult<>(RestResultStatus.ParamError, "Action无法识别"); } try { final RestResult process = SpringContext.getBean(action.get().code(), IServiceProcessor.class).process(group.get(), model); return process; } catch (Exception e) { logger.error("处理异常, action:{}, group:{}, reqModel:{}", action.get().code(), EntryUtils.toString(group.get()), EntryUtils.toString(model), e); return new RestResult<>(RestResultStatus.Error, "处理失败"); } } } ``` # 验证密钥(框架认证) ```java @Primary @Service public class AuthHandler implements IAuthHandler { private final List authHeaders = Arrays.asList(AUTH_HEADER_ACTION, AUTH_HEADER_TIMESTAMP, AUTH_HEADER_VERSION, SIGN_HEADER_KEY); @Resource private CredentialsService credentialsService; @Override public boolean isValidateIncludeHeaders() { return true; } @Override public List validateIncludeHeaders() { return authHeaders; } /** * 登录验证信息验证 * * @param method 请求方法 * @param uri 请求路由 * @param authContent 登录信息 * @param body 请求内容 * @param headers 请求头列表 * @return 用户信息 */ @Override public Optional validateToken(String method, String uri, String authContent, String body, Map headers) { var checkSignRes = com.touscm.openapi.utils.SignUtils.check(method, uri, body, headers, authContent, signParam -> { if (!SERVICE_OPEN.equalsIgnoreCase(signParam.getService())) { logger.debug("Open认证失败, Service不支持, service:{}", signParam.getService()); return new SignResult("Open认证失败, Service=" + signParam.getService() + "不支持"); } if (!VERSION.equalsIgnoreCase(signParam.getVersion())) { logger.debug("Open认证失败, Version不支持, service:{}", signParam.getVersion()); return new SignResult("Open认证失败, Version=" + signParam.getVersion() + "不支持"); } // 请求密钥ID验证 if (!SECRET_ID.equals(signParam.getSecretId())) { logger.debug("Open认证失败, 密钥ID不存在, secretId:{}", signParam.getSecretId()); return new SignResult("Open认证失败, 密钥ID不存在"); } return new SignResult(true, SECRET_KEY); }); if (!checkSignRes.isSuccess()) { logger.warn("Open认证失败, {}", checkSignRes.getMessage()); return Optional.empty(); } var groups = Collections.singletonList(new GroupInfo().setId(ref.get().getSpId()).setName(ref.get().getSpName()).setType(GROUP_TYPE_SP_CREDENTIAL)); //noinspection unchecked return Optional.of(new UserInfo().setId(ref.get().getId()).setName(checkSignRes.getData().getAction()).setPassword(ref.get().getSecretId()).setCurrentGroupId(ref.get().getSpId()).setGroups(groups)); } } ```