java动态口令登录实现过程详解
更新时间:2019年07月04日 15:21:10 作者:Shen_sy
这篇文章主要介绍了java动态口令登录实现过程详解,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下
1.实现一个ItsClient 客户端用来实例化调用验证功能
public class ItsClient { private static final String routing = "/v1.0/sectoken/otp_validation"; // ! HTTPS消息验证地址 private String httpsVerifyUrl = ""; // ! otp ipAddr private String ipAddr = ""; // ! otp port private String port = ""; // ! otp appID private String appID = ""; // ! otp appKey private String appKey = ""; // ! 错误码 private int errorCode = 0; // ! 错误消息 private String errorMessage = ""; TreeMap<Integer, String> errorCodeTable = new TreeMap<Integer, String>() { { put(200, "请求成功"); put(400, "输入不合法,比如请求数据不是json"); put(401, "AppID不合法"); put(402, "指纹不合法"); put(410, "非法用户,验证otp时,传入的uid有误,找不到用户"); put(411, "错误的otp"); put(412, "一个周期内动态口令只能使用一次"); put(413, "已达一个周期内最大尝试次数"); put(500, "ITS服务器内部错误"); put(601, "参数错误"); put(602, "sha1签名失败"); put(603, "操作json失败"); put(604, "url访问错误:"); put(605, "较验返回指纹失败"); } }; public ItsClient() { this.ipAddr = ItsConf.GetIpAddr(); this.port = ItsConf.GetPort(); this.appID = ItsConf.GetOtpAppID(); this.appKey = ItsConf.GetOtpAppKey(); httpsVerifyUrl = "https://" + this.ipAddr + ':' + this.port + routing; } //获取错误信息 public St ring GetErrorMessage() { return this.errorMessage; } //获取错误码 public int GetErrorCode() { return this.errorCode; } public void SetError(int errorCode, String extMessage) { this.errorCode = errorCode; this.errorMessage = this.errorCodeTable.get(this.errorCode).toString() + extMessage; } public static String SHA1(String decript) throws NoSuchAlgorithmException { String ret = ""; MessageDigest sha1 = MessageDigest.getInstance("SHA1"); byte[] sha1bytes = sha1.digest(decript.getBytes()); if (sha1bytes != null) { ret = new BASE64Encoder().encode(sha1bytes); } return ret; } public String EncodeJson(TreeMap<String, String> map) { JSONObject jmap = new JSONObject(map); return jmap.toString(); } public TreeMap<String, Object> DecodeJson(String jsonStr) throws ParseException { JSONObject jsonObject = new JSONObject(jsonStr); TreeMap<String, Object> retMap = new TreeMap<String, Object>(); Iterator<String> iter = jsonObject.keys(); String key = null; Object value = null; while (iter.hasNext()) { key = iter.next(); value = jsonObject.get(key); retMap.put(key, value); } return retMap; } public String BuildQueryStr(TreeMap<String, String> params) { String queryStr = ""; Iterator<String> itr = params.keySet().iterator(); while (itr.hasNext()) { String key = itr.next(); queryStr += (key + "=" + params.get(key).toString() + "&"); } return queryStr.substring(0, queryStr.length() - 1); } public boolean IsEmptyOrNull(String param) { return param == null || param.length() <= 0; } /** * @brief 验证otp * @param uid ITS主账号UID或已配置的从账号 * @param otp 需要验证的动态口令 * @return bool true: 成功, false: 失败 */ @SuppressWarnings("serial") public boolean AuthOtp(final String uid, final String otp) { if (IsEmptyOrNull(this.ipAddr) || IsEmptyOrNull(this.port) || IsEmptyOrNull(this.appID) || IsEmptyOrNull(this.appKey) || IsEmptyOrNull(uid) || IsEmptyOrNull(otp)) { SetError(601, ""); return false; } TreeMap<String, String> params = new TreeMap<String, String>() { { put("app_id", appID); put("app_key", appKey); put("uid", uid); put("otp", otp); } }; String qureyStr = this.BuildQueryStr(params); String fingerprint = ""; try { fingerprint = SHA1(qureyStr); } catch (Exception ex) { ex.printStackTrace(); SetError(602, ex.getMessage()); return false; } params.remove("app_key"); params.put("fingerprint", fingerprint); String postStr = ""; try { postStr = EncodeJson(params); } catch (Exception ex) { ex.printStackTrace(); SetError(603, "json encode" + ex.getMessage()); return false; } HttpsClient conn = null; String res = ""; try { conn = new HttpsClient(); res = conn.post(this.httpsVerifyUrl, postStr); // 访问接口调取返回结果 } catch (Exception ex) { ex.printStackTrace(); SetError(604, ex.getMessage()); return false; } TreeMap<String, Object> ret = null; try { ret = DecodeJson(res); } catch (Exception ex) { ex.printStackTrace(); SetError(603, "json decode " + ex.getMessage()); return false; } int retCode = (Integer) ret.get("status"); if (200 != retCode) { SetError(retCode, ""); return false; } return true; } }
2.实现一个HttpsClient 请求工具
public class HttpsClient { final static HostnameVerifier doNotVerifier = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }; /** * @brief 发送请求 * @param httpsUrl 请求的地址 * @param postStr 请求的数据 * @throws Exception */ public String post(String httpsUrl, String postStr) throws Exception { HttpsURLConnection conn = null; StringBuffer recvBuff = new StringBuffer(); String resData = ""; try { conn = (HttpsURLConnection) (new URL(httpsUrl)).openConnection(); conn.setHostnameVerifier(doNotVerifier); conn.setDoInput(true); conn.setDoOutput(true); conn.setRequestMethod("POST"); conn.setRequestProperty("Content-Type", " application/json"); conn.setRequestProperty("Content-Length", String.valueOf(postStr.getBytes("utf-8").length)); conn.setUseCaches(false); //设置为utf-8可以解决服务器接收时读取的数据中文乱码问题 conn.getOutputStream().write(postStr.getBytes("utf-8")); conn.getOutputStream().flush(); conn.getOutputStream().close(); BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream())); String line; while ((line = in.readLine()) != null) { recvBuff.append(line); } resData = recvBuff.toString(); return resData; } catch (MalformedURLException ex) { throw ex; } catch (IOException ex) { throw ex; } catch (Exception ex) { throw ex; } } }
3.实现Its一个配置用来配置Its服务器信息接口访问地址
public class ItsConf { // ITS服务器地址 1.1.1.1 或 xxx.xxx.com的形式 private static String ipAddr = ""; // ITS服务器端口 private static String port = ""; // OTP服务的AppID private static String otpAppID = ""; // OTP服务的AppKey private static String otpAppKey = ""; public static String GetIpAddr() { return ipAddr; } public static String GetPort() { return port; } public static String GetOtpAppID() { return otpAppID; } public static String GetOtpAppKey() { return otpAppKey; } }
4.接下来就是LoginContorller 完成口令认证
//username 用户名 //code动态口令密码 ItsClient itsClient = new ItsClient(); if(itsClient.AuthOtp(username, code)){ //认证成功,跳转页面 }
5.登陆页面就省略了,自己完成吧
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持脚本之家。
相关文章
PostMan如何传参给@RequestBody(接受前端参数)
这篇文章主要介绍了PostMan如何传参给@RequestBody(接受前端参数),具有很好的参考价值,希望对大家有所帮助。如有错误或未考虑完全的地方,望不吝赐教2021-10-10
最新评论