最近项目使用了极光的一键登录,后端使用的Java,Springboot
前端请求完成后会获得loginToken,再由后端换取加密后的手机号
String requestBody = "{\"loginToken\": \""+token+"\"}";
String request = HttpTools.post("https://api.verification.jpush.cn/v1/web/loginTokenVerify",requestBody,appkey,masterSecret);
我封装了一个post请求的方法,极光一键登录需要用到Basic认证
/**
* 发送POST请求
* @param url 请求的URL
* @param param 请求的参数
* @param appkey 应用key
* @param ms 应用secret
* @return 响应结果
* @throws Exception 异常
*/
public static String post(String url, String param, String appkey, String ms) throws Exception {
String result = HttpRequest.post(url).
header("Authorization", "Basic " + Base64.encodeBase64String((appkey + ":" + ms).getBytes())).
header("Content-Type", "application/json; charset=UTF-8").
body(param).
execute().body();
return result;
}
这里我直接返回JsonString然后再进行处理
JSONObject jsonObject = new JSONObject(request);
if ((int)(jsonObject.getInt("code")) == 8000) {
return RSADecrypt.decrypt(jsonObject.getStr("phone"));
} else {
return null;
}
接下来就要使用私钥进行解密操作,因为是RSA编码,不能出现其他特殊符号,所以先进行了编码处理。处理后会出现+全部变成空格的情况,再重新替换回来。
特别注意:私钥不需要头尾标注,不能有换行符
/**
* 解密加密后的字符串
* @param cryptograph 加密后的字符串
* @return 解密后的字符串
* @throws Exception
*/
public static String decrypt(String cryptograph) throws Exception {
cryptograph = URLDecoder.decode(cryptograph, "UTF-8");
cryptograph = cryptograph.replace(" ", "+");
String prikey =
"MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMrLBjPk5Zxxxxxx" +
"qglD4ONZtPGH7KxRBZZR4NATmJ/2uTpTMUg58jWOIry+MPsqHcA8yxmmCCxxxxxx" +
"RfBdALjZ/YMbj/apkZXXhypU6rsSqbuJs/X9eVIrlqqXSO2bH3LWOoKHZoxxxxxx" +
"4ZNx6QNAfOHImZyftN+TYMiHv1QtAgMBAAECgYEAw9ZGWi0NVaq5hsoopKxxxxxx" +
"CZvjAhGIXL8bZLXX6XrBK8MVT5OuBOwLPcxJzvPAIVpUJKPDKwJRc58aE2xxxxxx" +
"cAlLHCH78K+glU7DwozyDzrrPGITdcJODHwVYXctLhLRb8YBifGk2LBNtAxxxxxx" +
"FmM8YXXfu4hXxnFY9P0CQQD1sStfZjto4EYac+jrZSAkXGL+C4eyEbcBcmxxxxxx" +
"jzBmlG39Bef5Ijf07W/jY5e5cB8fIOc4TOXqFyeF6ovzAkEA000aOH/ubtxxxxxx" +
"sn8PKMX1BBLlejODFP7VWrooVh+ipRvORByT1ap/eCYrVHdtOsdR7q5rI0xxxxxx" +
"xcdHXwJALZcnpjcxNP/Q4l25zdxg/35JPDzlfCx/WfxiUqNYb990KsTGOBxxxxxx" +
"P83DYl17rQRaMguH/FGApFSRl+7y8wJBAJE0whkjqUnVqBcS19dFQ7ikWRxxxxxx" +
"P+N0wE/J8CBHOzE1q4jZDqrdsR1zNYGlVJX5FY/tositG+Xh1f8/VAcCQHxxxxxx" +
"6yKa+3zWskoKks1C94slp9Xy6nuZN4b0GYUBCDkbb5tx6xQ5FKR7j+EyYsxxxxxx" +
"1Jf/f1H7nxxxxxx";
byte[] privateKeyBytes = Base64.getDecoder().decode(prikey);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] decryptedBytes = cipher.doFinal(Base64.getDecoder().decode(cryptograph));
String decryptedData = new String(decryptedBytes);
System.out.println("解密后:" + decryptedData);
return decryptedData;
}
至此,返回的解密后数据即为手机号。