溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
java中怎么實現動態口令登錄,相信很多沒有經驗的人對此束手無策,為此本文總結了問題出現的原因和解決方法,通過這篇文章希望你能解決這個問題。
1.實現一個ItsClient 客戶端用來實例化調用驗證功能
public class ItsClient {private static final String routing = "/v1.0/sectoken/otp_validation";// ! HTTPS消息驗證地址private String httpsVerifyUrl = "";// ! otp ipAddrprivate String ipAddr = "";// ! otp portprivate String port = "";// ! otp appIDprivate String appID = "";// ! otp appKeyprivate String appKey = "";// ! 錯誤碼private int errorCode = 0;// ! 錯誤消息private String errorMessage = "";TreeMap<Integer, String> errorCodeTable = new TreeMap<Integer, String>() {{put(200, "請求成功");put(400, "輸入不合法,比如請求數據不是json");put(401, "AppID不合法");put(402, "指紋不合法");put(410, "非法用戶,驗證otp時,傳入的uid有誤,找不到用戶");put(411, "錯誤的otp");put(412, "一個周期內動態口令只能使用一次");put(413, "已達一個周期內最大嘗試次數");put(500, "ITS服務器內部錯誤");put(601, "參數錯誤");put(602, "sha1簽名失敗");put(603, "操作json失敗");put(604, "url訪問錯誤:");put(605, "較驗返回指紋失敗");}};public ItsClient() {this.ipAddr = ItsConf.GetIpAddr();this.port = ItsConf.GetPort();this.appID = ItsConf.GetOtpAppID();this.appKey = ItsConf.GetOtpAppKey();httpsVerifyUrl = "https://" + this.ipAddr + ':' + this.port + routing;}//獲取錯誤信息public String GetErrorMessage() {return this.errorMessage;} //獲取錯誤碼public int GetErrorCode() {return this.errorCode;}public void SetError(int errorCode, String extMessage) {this.errorCode = errorCode;this.errorMessage = this.errorCodeTable.get(this.errorCode).toString() + extMessage;}public static String SHA1(String decript) throws NoSuchAlgorithmException {String ret = "";MessageDigest sha1 = MessageDigest.getInstance("SHA1");byte[] sha1bytes = sha1.digest(decript.getBytes());if (sha1bytes != null) {ret = new BASE64Encoder().encode(sha1bytes);}return ret;}public String EncodeJson(TreeMap<String, String> map) {JSONObject jmap = new JSONObject(map);return jmap.toString();}public TreeMap<String, Object> DecodeJson(String jsonStr) throws ParseException {JSONObject jsonObject = new JSONObject(jsonStr);TreeMap<String, Object> retMap = new TreeMap<String, Object>();Iterator<String> iter = jsonObject.keys();String key = null;Object value = null;while (iter.hasNext()) {key = iter.next();value = jsonObject.get(key);retMap.put(key, value);}return retMap;}public String BuildQueryStr(TreeMap<String, String> params) {String queryStr = "";Iterator<String> itr = params.keySet().iterator();while (itr.hasNext()) {String key = itr.next();queryStr += (key + "=" + params.get(key).toString() + "&");}return queryStr.substring(0, queryStr.length() - 1);}public boolean IsEmptyOrNull(String param) {return param == null || param.length() <= 0;}/** * @brief 驗證otp * @param uid ITS主賬號UID或已配置的從賬號 * @param otp 需要驗證的動態口令 * @return bool true: 成功, false: 失敗 */@SuppressWarnings("serial")public boolean AuthOtp(final String uid, final String otp) {if (IsEmptyOrNull(this.ipAddr) || IsEmptyOrNull(this.port) || IsEmptyOrNull(this.appID)|| IsEmptyOrNull(this.appKey) || IsEmptyOrNull(uid) || IsEmptyOrNull(otp)) {SetError(601, "");return false;}TreeMap<String, String> params = new TreeMap<String, String>() {{put("app_id", appID);put("app_key", appKey);put("uid", uid);put("otp", otp);}};String qureyStr = this.BuildQueryStr(params);String fingerprint = "";try {fingerprint = SHA1(qureyStr);} catch (Exception ex) {ex.printStackTrace();SetError(602, ex.getMessage());return false;}params.remove("app_key");params.put("fingerprint", fingerprint);String postStr = "";try {postStr = EncodeJson(params);} catch (Exception ex) {ex.printStackTrace();SetError(603, "json encode" + ex.getMessage());return false;}HttpsClient conn = null;String res = "";try {conn = new HttpsClient();res = conn.post(this.httpsVerifyUrl, postStr); // 訪問接口調取返回結果} catch (Exception ex) {ex.printStackTrace();SetError(604, ex.getMessage());return false;}TreeMap<String, Object> ret = null;try {ret = DecodeJson(res);} catch (Exception ex) {ex.printStackTrace();SetError(603, "json decode " + ex.getMessage());return false;}int retCode = (Integer) ret.get("status");if (200 != retCode) {SetError(retCode, "");return false;}return true;}}
2.實現一個HttpsClient 請求工具
public class HttpsClient { final static HostnameVerifier doNotVerifier = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }; /** * @brief 發送請求 * @param httpsUrl 請求的地址 * @param postStr 請求的數據 * @throws Exception */ public String post(String httpsUrl, String postStr) throws Exception { HttpsURLConnection conn = null; StringBuffer recvBuff = new StringBuffer(); String resData = ""; try { conn = (HttpsURLConnection) (new URL(httpsUrl)).openConnection(); conn.setHostnameVerifier(doNotVerifier); conn.setDoInput(true); conn.setDoOutput(true); conn.setRequestMethod("POST"); conn.setRequestProperty("Content-Type", " application/json"); conn.setRequestProperty("Content-Length", String.valueOf(postStr.getBytes("utf-8").length)); conn.setUseCaches(false); //設置為utf-8可以解決服務器接收時讀取的數據中文亂碼問題 conn.getOutputStream().write(postStr.getBytes("utf-8")); conn.getOutputStream().flush(); conn.getOutputStream().close(); BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream())); String line; while ((line = in.readLine()) != null) { recvBuff.append(line); } resData = recvBuff.toString(); return resData; } catch (MalformedURLException ex) { throw ex; } catch (IOException ex) { throw ex; } catch (Exception ex) { throw ex; } }}
3.實現Its一個配置用來配置Its服務器信息接口訪問地址
public class ItsConf {// ITS服務器地址 1.1.1.1 或 xxx.xxx.com的形式private static String ipAddr = "";// ITS服務器端口private static String port = "";// OTP服務的AppIDprivate static String otpAppID = "";// OTP服務的AppKeyprivate static String otpAppKey = "";public static String GetIpAddr() {return ipAddr;}public static String GetPort() {return port;}public static String GetOtpAppID() {return otpAppID;}public static String GetOtpAppKey() {return otpAppKey;}}
4.接下來就是LoginContorller 完成口令認證
//username 用戶名//code動態口令密碼ItsClient itsClient = new ItsClient();if(itsClient.AuthOtp(username, code)){//認證成功,跳轉頁面}
看完上述內容,你們掌握java中怎么實現動態口令登錄的方法了嗎?如果還想學到更多技能或想了解更多相關內容,歡迎關注億速云行業資訊頻道,感謝各位的閱讀!
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
