yudao
/
spring-cloud
mirror of https://gitee.com/zhijiantianya/yudao-cloud.git
3
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

补上了参数x-acs-content-sha256,详见官方openapi说明文档https://help.aliyun.com/zh/sdk/product-overview/v3-request-structure-and-signature?spm=a2c4g.11186623.0.0.121d3922Z4zJZc#section-mqj-l8f-ak0 

Signed-off-by: 曟颵 <yi3624@163.com>
pull/159/head
曟颵 2024-12-11 07:34:28 +00:00 committed by Gitee
parent 527a635155
commit 953a33b4f7
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
1 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/sms/core/client/impl/AliyunSmsClient.java
View File

@ -136,15 +136,20 @@ public class AliyunSmsClient extends AbstractSmsClient {
.map(entry -> percentCode(entry.getKey()) + "=" + percentCode(String.valueOf(entry.getValue())))
.collect(Collectors.joining("&"));
// 2.1 请求 Header
// 2. 请求 Body
String requestBody = ""; // 短信 API 为 RPC 接口query parameters 在 uri 中拼接,因此 request body 如果没有特殊要求,设置为空。
String hashedRequestPayload = DigestUtil.sha256Hex(requestBody);
// 3.1 请求 Header
TreeMap<String, String> headers = new TreeMap<>();
headers.put("host", HOST);
headers.put("x-acs-version", VERSION);
headers.put("x-acs-action", apiName);
headers.put("x-acs-date", FastDateFormat.getInstance("yyyy-MM-dd'T'HH:mm:ss'Z'", TimeZone.getTimeZone("GMT")).format(new Date()));
headers.put("x-acs-signature-nonce", IdUtil.randomUUID());
headers.put("x-acs-content-sha256", hashedRequestPayload);
// 2.2 构建签名 Header
// 3.2 构建签名 Header
StringBuilder canonicalHeaders = new StringBuilder(); // 构造请求头,多个规范化消息头,按照消息头名称(小写)的字符代码顺序以升序排列后拼接在一起
StringBuilder signedHeadersBuilder = new StringBuilder(); // 已签名消息头列表,多个请求头名称(小写)按首字母升序排列并以英文分号(;)分隔
headers.entrySet().stream().filter(entry -> entry.getKey().toLowerCase().startsWith("x-acs-")
@ -157,13 +162,13 @@ public class AliyunSmsClient extends AbstractSmsClient {
});
String signedHeaders = signedHeadersBuilder.substring(0, signedHeadersBuilder.length() - 1);
// 3. 请求 Body
String requestBody = ""; // 短信 API 为 RPC 接口query parameters 在 uri 中拼接,因此 request body 如果没有特殊要求,设置为空。
String hashedRequestBody = DigestUtil.sha256Hex(requestBody);
// 4. 构建 Authorization 签名
String canonicalRequest = "POST" + "\n" + "/" + "\n" + queryString + "\n"
+ canonicalHeaders + "\n" + signedHeaders + "\n" + hashedRequestBody;
String canonicalRequest = "POST" + "\n" +
"/" + "\n" +
queryString + "\n" +
canonicalHeaders + "\n" +
signedHeaders + "\n" +
hashedRequestPayload;
String hashedCanonicalRequest = DigestUtil.sha256Hex(canonicalRequest);
String stringToSign = "ACS3-HMAC-SHA256" + "\n" + hashedCanonicalRequest;
String signature = SecureUtil.hmacSha256(properties.getApiSecret()).digestHex(stringToSign); // 计算签名