签名的时候,我们一般是需要获取源数据进行签名,在生成加密前源数据时,可能因为没有指定字段顺序导致加密验签失败。因此我们为了确保双发的签名前源数据一致,通常做法有2种:
1、根据ASCII顺序/倒叙排列
2、双方约定好加密的字段顺序
本文就针对方法2,处理json数据的时候给于一些指引。
Gson指定转化为字符串字段顺序格式
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.TypeAdapter;
import com.google.gson.stream.JsonReader;
import com.google.gson.stream.JsonWriter;
import lombok.Data;
import java.io.IOException;
public class GsonAdapter extends TypeAdapter<User> {
@Override
public void write(JsonWriter out, User user) throws IOException {
out.beginObject();
//按自定义顺序输出字段信息
out.name("name").value(user.getName());
out.name("password").value(user.getPassword());
out.endObject();
}
@Override
public User read(JsonReader in) {
return null;
}
public static void main(String[] args) {
User user = new User();
user.setName("name-001");
user.setName("password-001");
Gson gson = new GsonBuilder().registerTypeAdapter(User.class, new TAdapter()).create();
String result = gson.toJson(user);
System.out.println(result);
}
}
@Data
class User {
private String name;
private String password;
}
FastJson
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.annotation.JSONField;
import com.alibaba.fastjson.annotation.JSONType;
import lombok.Data;
public class FastJsonAdapter {
public static void main(String[] args) {
Student student = new Student();
student.setName("name-001");
student.setPassword("password-001");
String result = JSON.toJSONString(student);
System.out.println(result);
}
}
@Data
// 方法1:类上面定义字段顺序
@JSONType(orders={"password","name"})
class Student {
// 方法2:字段上面定义顺序-ordinal为顺序,name为转化为json字符串字段
@JSONField(ordinal = 2, name = "a")
private String name;
@JSONField(ordinal = 2, name = "b")
private String password;
}