解密或验签失败，传参带加号“+”被转换为空格的办法

最新推荐文章于 2021-12-26 01:16:32 发布

贾宝玉的贾

最新推荐文章于 2021-12-26 01:16:32 发布

阅读量1.4k

点赞数

分类专栏： spring js校验 java 文章标签：验签失败加号转空格

本文链接：https://blog.csdn.net/jialiuyang/article/details/111593223

版权

java 同时被 3 个专栏收录

25 篇文章 0 订阅

订阅专栏

spring

8 篇文章 0 订阅

订阅专栏

js校验

2 篇文章 0 订阅

订阅专栏

HTTP post请求时把参数做了拼接 ”= & ? “ 后放在url后面，导致加密参数容易出现 ”+“ 转空格，对方解密或验签失败

解决办法，不要用拼接 ”= & ? “ 方式传参！传json格式字符串

将HTTP post请求传参方式改掉

改成 head "Content-Type", "application/json" json格式

Map<String,Object> map 
map.put("sign",sign.toUpperCase()); xxxx
body=JSON.toJSONString(map)

HttpUtils.doPost(url, body,head

 Map<String,Object> map= JSON.parseObject(JSON.toJSONString(request),Map.class);
        String signString= buildSignSourceDesc(map);
        //加签
        String sign = MD5Util.MD5(appSecret + signString);
        map.put("sign",sign.toUpperCase());
        String body =  JSON.toJSONString(map);
        log.info("请求报文, 参数:{}", body);
        String returnStr = HttpUtils.doPost(baisidaurl, body, null, 3, 10, "utf-8");
        log.info("调用,返回:{}", returnStr);




    /**
     * map key升序排序
     * @param requestParams
     * @return
     */
    public static String buildSignSourceDesc(Map<String, Object> requestParams) {
        requestParams.remove("responseClass");//移除不需要的字段
        if (null != requestParams && !requestParams.isEmpty()) {
            Map<String, Object> treeMap = new TreeMap<>(String::compareTo);
            treeMap.putAll(requestParams);
            StringBuilder signSrcBuilder = new StringBuilder();
            Iterator var4 = ((Map)treeMap).entrySet().iterator();
            while(var4.hasNext()) {
                Map.Entry<String, Object> entry = (Map.Entry)var4.next();
                signSrcBuilder.append(String.valueOf(entry.getKey()) ).append(String.valueOf(entry.getValue()));
            }
            return signSrcBuilder.toString();
        } else {
            return "";
        }
    }


public static String doPost(String url, String body, String[][] headers, int connectionTimeout, int readTimeout,
								String charset) {
		long startTime = System.currentTimeMillis();
		log.info(">>>doPost() #url:[{}] #body:[{}]", url, body);
		URL uri = null;
		HttpURLConnection urlConnection = null;
		try {
			uri = new URL(url);
			urlConnection = (HttpURLConnection) uri.openConnection();
			urlConnection.setRequestMethod("POST");
			urlConnection.setConnectTimeout(1000 * connectionTimeout); // 连接超时时间
			urlConnection.setReadTimeout(1000 * readTimeout); // 响应超时时间
			urlConnection.setDoOutput(true);
			urlConnection.setDoInput(true);
			urlConnection.setUseCaches(false);

			if (null == headers) {
				urlConnection.addRequestProperty("Content-Type", "application/json");
			} else {
				// 设置Http报文请求头
				for (String[] header : headers) {
					urlConnection.addRequestProperty(header[0], header[1]);
				}
			}

			// 提交Http请求参数
			urlConnection.connect();
			if (null != body) {
				log.info(">>>doPost() #url:[{}] #body:[{}]", url, body);
				urlConnection.getOutputStream().write(body.getBytes(charset));
				urlConnection.getOutputStream().flush();
				urlConnection.getOutputStream().close();
			}

			// 读取响应参数
			int responseCode = urlConnection.getResponseCode();
			if (HttpURLConnection.HTTP_OK == responseCode) {
				InputStream is = urlConnection.getInputStream();
				BufferedReader br = new BufferedReader(new InputStreamReader(is, charset));
				StringBuffer response = new StringBuffer();
				String line = br.readLine();
				while (null != line) {
					response.append(line);
					line = br.readLine();
				}
				br.close();
				is.close();
//				log.info(">>>doPost() #resp:[{}] #interval:[{}]", response, System.currentTimeMillis() - startTime);
				return response.toString();
			} else {
				log.info("#doPost() 请求失败！" + responseCode);
			}
		} catch (Exception e) {
			log.error("#doPost() 请求异常:" + e.toString(), e);
		} finally {
			if (null != urlConnection) {
				urlConnection.disconnect();
			}
		}
		return null;
	}