通知回调签名验签
第一步:
在拿到通知过来的Json数据后通过Json转成Json对象,然后取Data中的对象数据如:
拿到的数据如下
{"Code":1,"Msg":"ok","Data":{"SoftGuid":"c7927bb1-6c17-415e-9ed0-05639c0abffc","SoftVersion":"5.0.0.0","ItemId":4,"TimeStamp":1671457477,"IsComplete":false,"Sign":"ABCDEFGHIGKLMN123456789","Data":[{"awemeId":"123456"......}]}}
然后取Data数据后结果如下
{"SoftGuid":"c7927bb1-6c17-415e-9ed0-05639c0abffc","SoftVersion":"5.0.0.0","ItemId":4,"TimeStamp":1671457477,"IsComplete":false,"Sign":"ABCDEFGHIGKLMN123456789","Data":[{"awemeId":"123456"......}]}
第二步:
将取出的Data数据移除Sign参数并进行格式压缩,最后转为字符串,得到的字符串如
{"SoftGuid":"c7927bb1-6c17-415e-9ed0-05639c0abffc","SoftVersion":"5.0.0.0","ItemId":4,"TimeStamp":1671457477,"IsComplete":false,"Data":[{"awemeId":"123456"......}]}
第三步:
将第二步所得到的字符串最后加上当时调用运行脚本时传入的回调加密密钥,然后进行MD5加密并把结果转换为大写,假如我们传入的密钥是abc123456,那么就按下面例子
MD5(" {"SoftGuid":"c7927bb1-6c17-415e-9ed0-05639c0abffc","SoftVersion":"5.0.0.0","ItemId":4,"TimeStamp":1671457477,"IsComplete":false,"Data":[{"awemeId":"123456"......}]}abc123456")
第四步:
将MD5加密后的字符跟第一步拿到的数据中的Sign参数值进行对比。如果一致则验签成功!