开放api接口签名验证
<table>
<thead>
<tr>
<th>header参数</th>
<th>解释</th>
</tr>
</thead>
<tbody>
<tr>
<td>ts</td>
<td>13位时间戳 return new Date().getTime()</td>
</tr>
<tr>
<td>sign</td>
<td>签名</td>
</tr>
<tr>
<td>nonce</td>
<td>随机字符串</td>
</tr>
<tr>
<td>key</td>
<td>随机生成的秘钥经过RSA加密过</td>
</tr>
<tr>
<td>app_key</td>
<td>H5应用秘钥6f13358fd043487a9efc2996f1bfdb22</td>
</tr>
</tbody>
</table>
<p>sign 签名格式:key(随机生成的秘钥) +data(参数字典升序)+ ts(当前时间戳timestamp) + nonce(随机数)</p>
<p>如请求地址:<a href="http://xxx.xxxx.com/xxx/xxxx/reqLoginIn?itCode=1&password=1">http://xxx.xxxx.com/xxx/xxxx/reqLoginIn?itCode=1&password=1</a>
header参数为:
app_key:6f13358fd043487a9efc2996f1bfdb22
key:DIv+XYnO9gT941uVNHrVYL2p/o1CwX4m9xXfA5+Z/IrGgz9cf9I2bd+mGl+r0ymQ39d7ez2SEC5Qqg7/1EMRR/9ikl2ZCTHhwTwJStsql6UjGU7qvxW7Sj6XMjGcKY/YYSoCoI726tm+kxB8PfEQddQOyNgXQbajzGVT8HgGZX8=
nonce:sMf4DA4mcc
sign:DE110481691AAAF6F155B4F6C1C3A773
ts:1638178051058</p>
<p>sing 生成方式
请求的数据参数 参数加参数值 itCode1 password1 字典升序</p>
<p>let signsrc=key+data+timestamp+nonce;
return md5(signsrc).toUpperCase();</p>