腾讯会议签名校验_办公协同解决方案
为了让企业确认调用来自腾讯会议,腾讯会议在回调时,会在 Header 中带上消息签名,以参数 signature 为标识,企业需要验证此参数的正确性后再解码数据。
验证步骤
1. 计算签名:
dev_signature = sha1(sort(token、timestamp、nonce、data))
说明sort 的含义是将参数值按照字母字典排序,然后从小到大拼接成一个字符串,最后再进行 sha1 加密得到最终的签名串。2. 比较 dev_signature 和 signature 是否相等,相等则表示验证通过。
验证示例
1. 将 token、timestamp、nonce、data 这四个参数值以字符串类型按照字典序排序:
nonce:"14964161"timestamp:"1609239040864"token:"bVPU6F8Htxxxxxxxp3jGV2xWp"data:"eyJldmVudCI6Im1lZXRpbmcuY3JlYXRlZCIsInVuaXF1ZV9zZXF1ZW5jZSI6ImYyMDA5NmVlLThhYzgtNGRmMi1hN2RlLTA1NzQ2NDlmMjExYiIsInBheWxvYWQiOlt7Im9wZXJhdGVfdGltZSI6IjIwMjAtMTItMjkgMTc6NDE6MDYiLCJvcGVyYXRvciI6eyJ1c2VyaWQiOiJ0ZXN0ZXIwMDAwNmJhNWJhYjMzOTg1OGMxM2M5MzBjY2E5NTY4NCJ9LCJtZWV0aW5nX2luZm8iOnsibWVldGluZ19pZCI6IjYwNTg4OTAzODU0ODA5MjEwNTIiLCJtZWV0aW5nX2NvZGUiOiI1MzA4MTI0NTIiLCJzdWJqZWN0IjoibWVkaWEgdGVzdGVyIG1lZXRpbmciLCJjcmVhdG9yX2lkIjoidGVzdGVyMDAwMDZiYTViYWIzMzk4NThjMTNjOTMwY2NhOTU2ODQiLCJob3N0cyI6WyJ0ZXN0ZXIwMDAwNmJhNWJhYjMzOTg1OGMxM2M5MzBjY2E5NTY4NCJdLCJtZWV0aW5nX3R5cGUiOjAsInN0YXJ0X3RpbWUiOiIyMDIwLTEyLTI5IDE3OjQxOjA0IiwiZW5kX3RpbWUiOiIyMDIwLTEyLTI5IDE4OjAxOjA0In19XX0"
说明 字符串的拼接不是固定排序,请以实际参数值按照字典序排序。2. 拼接成一个字符串:
sort_str="149641611609239040864bVPU6F8Htxl5XkAbp3jGV2xWpeyJldmVudCI6Im1lZXRpbmcuY3JlYXRlZCI
3. 对该字符串进行 sha1 计算得到签名:
signature = sha1(sort_str) = "b11e507817336a91d7df0c8536ee2aca18bbbae8"
4. 对比从 Header 中得到的签名和上述计算的签名是否一致,若一致则签名通过,说明数据来源于腾讯会议且未被篡改,是安全的。
签名代码示例
Go语言Java语言C++语言PHP(PHP5.4+)Python语言
import ( "bytes" "crypto/sha1" "fmt" "sort")
// 生成签名func CalSignature(token, timestamp, nonce, data string) string { sortArr := []string{token, timestamp, nonce, data} sort.Strings(sortArr) var buffer bytes.Buffer for _, value := range sortArr { buffer.WriteString(value) }
sha := sha1.New() sha.Write(buffer.Bytes()) signature := fmt.Sprintf("%x", sha.Sum(nil)) return signature}
import java.security.MessageDigest;import java.util.Arrays;
public class Sha1Util {
// 生成签名 public static String calSignature(String token, String timestamp, String nonce, String data) { String[] arr = new String[]{token, timestamp, nonce, data}; Arrays.sort(arr); StringBuffer sb = new StringBuffer(); for (int i = 0; i < arr.length; i++) { sb.append(arr[i]); } return getSha1(sb.toString()); }
// sha1签名算法 public static String getSha1(String str) { if (str == null || str.length() == 0) { return null; } char hexDigits[] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
try { MessageDigest mdTemp = MessageDigest.getInstance("SHA1"); mdTemp.update(str.getBytes("UTF-8"));
byte[] md = mdTemp.digest(); int j = md.length; char buf[] = new char[j * 2]; int k = 0; for (int i = 0; i >> 4 & 0xf]; buf[k++] = hexDigits[byte0 & 0xf]; } return new String(buf); } catch (Exception e) { return null; } }}
#include #include #include #include
std::string CalSignature(const std::string &token, const std::string ×tamp, const std::string &nonce, const std::string &data){ std::string sortArr[] = {token, timestamp, nonce, data}; sort(sortArr, sortArr+4); std::string buffer; for (int i = 0; i < 4; i++) buffer += sortArr[i]; printf("%s\n", buffer.c_str()); unsigned char obuf[21] = {0}; SHA1((unsigned char *)buffer.c_str(), buffer.length(), obuf); char hexbuf[41] = {0}; for(int i = 0; i < 20; i++) sprintf(&hexbuf[2*i], "%02x", obuf[i]);
return std::string(hexbuf);}
function calSignature($data, $timestamp, $nonce, $token){ $list = [$data, $timestamp, $nonce, $token]; sort($list,SORT_STRING); $signature = sha1(implode('', $list)); return $signature;}
import hashlib
def cal_signature(token, timestamp, nonce, data): vars = [token,timestamp,nonce,data] vars.sort() delimiter='' s = delimiter.join(vars) sign = hashlib.sha1(str.encode(s)).hexdigest() return sign
对腾讯办公协同的解决方案有疑惑?想了解解决方案收费? 联系解决方案专家
腾讯云限时活动1折起,即将结束: 马上收藏
同尘科技为腾讯云授权服务中心,购买腾讯云享受折上折,更有现金返利:同意关联,立享优惠
阿里云解决方案也看看?: 点击对比阿里云的解决方案
