基于java的动态口令_java动态口令登录实现过程详解

1.实现一个ItsClient 客户端用来实例化调用验证功能

public class ItsClient {

private static final String routing = “/v1.0/sectoken/otp_validation”;

// ! HTTPS消息验证地址

private String httpsVerifyUrl = “”;

// ! otp ipAddr

private String ipAddr = “”;

// ! otp port

private String port = “”;

// ! otp appID

private String appID = “”;

// ! otp appKey

private String appKey = “”;

// ! 错误码

private int errorCode = 0;

// ! 错误消息

private String errorMessage = “”;

TreeMap errorCodeTable = new TreeMap() {

{

put(200, “请求成功”);

put(400, “输入不合法,比如请求数据不是json”);

put(401, “AppID不合法”);

put(402, “指纹不合法”);

put(410, “非法用户，验证otp时,传入的uid有误,找不到用户”);

put(411, “错误的otp”);

put(412, “一个周期内动态口令只能使用一次”);

put(413, “已达一个周期内最大尝试次数”);

put(500, “ITS服务器内部错误”);

put(601, “参数错误”);

put(602, “sha1签名失败”);

put(603, “操作json失败”);

put(604, “url访问错误:”);

put(605, “较验返回指纹失败”);

}

};

public ItsClient() {

this.ipAddr = ItsConf.GetIpAddr();

this.port = ItsConf.GetPort();

this.appID = ItsConf.GetOtpAppID();

this.appKey = ItsConf.GetOtpAppKey();

httpsVerifyUrl = “https://” + this.ipAddr + ‘:’ + this.port + routing;

}

//获取错误信息

public String GetErrorMessage() {

return this.errorMessage;

}

//获取错误码

public int GetErrorCode() {

return this.errorCode;

}

public void SetError(int errorCode, String extMessage) {

this.errorCode = errorCode;

this.errorMessage = this.errorCodeTable.get(this.errorCode).toString() + extMessage;

}

public static String SHA1(String decript) throws NoSuchAlgorithmException {

String ret = “”;

MessageDigest sha1 = MessageDigest.getInstance(“SHA1”);

byte[] sha1bytes = sha1.digest(decript.getBytes());

if (sha1bytes != null) {

ret = new BASE64Encoder().encode(sha1bytes);

}

return ret;

}

public String EncodeJson(TreeMap map) {

JSONObject jmap = new JSONObject(map);

return jmap.toString();

}

public TreeMap DecodeJson(String jsonStr) throws ParseException {

JSONObject jsonObject = new JSONObject(jsonStr);

TreeMap retMap = new TreeMap();

Iterator iter = jsonObject.keys();

String key = null;

Object value = null;

while (iter.hasNext()) {

key = iter.next();

value = jsonObject.get(key);

retMap.put(key, value);

}

return retMap;

}

public String BuildQueryStr(TreeMap params) {

String queryStr = “”;

Iterator itr = params.keySet().iterator();

while (itr.hasNext()) {

String key = itr.next();

queryStr += (key + “=” + params.get(key).toString() + “&”);

}

return queryStr.substring(0, queryStr.length() – 1);

}

public boolean IsEmptyOrNull(String param) {

return param == null || param.length() <= 0;

}

/**

* @brief 验证otp

* @param uid ITS主账号UID或已配置的从账号

* @param otp 需要验证的动态口令

* @return bool true: 成功, false: 失败

*/

@SuppressWarnings(“serial”)

public boolean AuthOtp(final String uid, final String otp) {

if (IsEmptyOrNull(this.ipAddr) || IsEmptyOrNull(this.port) || IsEmptyOrNull(this.appID)

|| IsEmptyOrNull(this.appKey) || IsEmptyOrNull(uid) || IsEmptyOrNull(otp)) {

SetError(601, “”);

return false;

}

TreeMap params = new TreeMap() {

{

put(“app_id”, appID);

put(“app_key”, appKey);

put(“uid”, uid);

put(“otp”, otp);

}

};

String qureyStr = this.BuildQueryStr(params);

String fingerprint = “”;

try {

fingerprint = SHA1(qureyStr);

} catch (Exception ex) {

ex.printStackTrace();

SetError(602, ex.getMessage());

return false;

}

params.remove(“app_key”);

params.put(“fingerprint”, fingerprint);

String postStr = “”;

try {

postStr = EncodeJson(params);

} catch (Exception ex) {

ex.printStackTrace();

SetError(603, “json encode” + ex.getMessage());

return false;

}

HttpsClient conn = null;

String res = “”;

try {

conn = new HttpsClient();

res = conn.post(this.httpsVerifyUrl, postStr); // 访问接口调取返回结果

} catch (Exception ex) {

ex.printStackTrace();

SetError(604, ex.getMessage());

return false;

}

TreeMap ret = null;

try {

ret = DecodeJson(res);

} catch (Exception ex) {

ex.printStackTrace();

SetError(603, “json decode ” + ex.getMessage());

return false;

}

int retCode = (Integer) ret.get(“status”);

if (200 != retCode) {

SetError(retCode, “”);

return false;

}

return true;

}

}

2.实现一个HttpsClient 请求工具

public class HttpsClient {

final static HostnameVerifier doNotVerifier = new HostnameVerifier() {

public boolean verify(String hostname, SSLSession session) {

return true;

}

};

/**

* @brief 发送请求

* @param httpsUrl 请求的地址

* @param postStr 请求的数据

* @throws Exception

*/

public String post(String httpsUrl, String postStr) throws Exception {

HttpsURLConnection conn = null;

StringBuffer recvBuff = new StringBuffer();

String resData = “”;

try {

conn = (HttpsURLConnection) (new URL(httpsUrl)).openConnection();

conn.setHostnameVerifier(doNotVerifier);

conn.setDoInput(true);

conn.setDoOutput(true);

conn.setRequestMethod(“POST”);

conn.setRequestProperty(“Content-Type”, ” application/json”);

conn.setRequestProperty(“Content-Length”, String.valueOf(postStr.getBytes(“utf-8”).length));

conn.setUseCaches(false);

//设置为utf-8可以解决服务器接收时读取的数据中文乱码问题

conn.getOutputStream().write(postStr.getBytes(“utf-8”));

conn.getOutputStream().flush();

conn.getOutputStream().close();

BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));

String line;

while ((line = in.readLine()) != null) {

recvBuff.append(line);

}

resData = recvBuff.toString();

return resData;

} catch (MalformedURLException ex) {

throw ex;

} catch (IOException ex) {

throw ex;

} catch (Exception ex) {

throw ex;

}

}

}

3.实现Its一个配置用来配置Its服务器信息接口访问地址

public class ItsConf {

// ITS服务器地址 1.1.1.1 或 xxx.xxx.com的形式

private static String ipAddr = “”;

// ITS服务器端口

private static String port = “”;

// OTP服务的AppID

private static String otpAppID = “”;

// OTP服务的AppKey

private static String otpAppKey = “”;

public static String GetIpAddr() {

return ipAddr;

}

public static String GetPort() {

return port;

}

public static String GetOtpAppID() {

return otpAppID;

}

public static String GetOtpAppKey() {

return otpAppKey;

}

}

4.接下来就是LoginContorller 完成口令认证

//username 用户名

//code动态口令密码

ItsClient itsClient = new ItsClient();

if(itsClient.AuthOtp(username, code)){

//认证成功,跳转页面

}

5.登陆页面就省略了,自己完成吧

以上就是本文的全部内容，希望对大家的学习有所帮助，也希望大家多多支持聚米学院。