· 9 years ago · Oct 20, 2016, 08:40 PM
1import org.apache.commons.codec.binary.Base64;
2
3import javax.crypto.Mac;
4import javax.crypto.SecretKey;
5import javax.crypto.spec.SecretKeySpec;
6import java.io.UnsupportedEncodingException;
7import java.util.UUID;
8
9public class AuthUtil {
10
11 private static final String DEFAULT_CHARSET = "UTF-8";
12 private static final String ALGORITHM = "HmacSHA1";
13
14 /**
15 * 生æˆæŽ¥å£è®¤è¯å—符串
16 */
17 public static String getAuthStr(String accessKey, String secretKey) {
18 if (accessKey == null || accessKey == "" || secretKey == null || secretKey == "") {
19 throw new IllegalArgumentException("empty accessKey or secretKey");
20 }
21
22 // 1. 生æˆç¾åä¿¡æ¯ï¼š{"rid":"random-string", "deadline":deadline-second}
23 String rid = UUID.randomUUID().toString();
24 long deadline = System.currentTimeMillis()/1000 + 3600;
25 String info = String.format("{\"rid\":\"%s\", \"deadline\":%s}", rid, deadline);
26
27 // 2. 对ç¾åä¿¡æ¯åšURL安全的Base64ç¼–ç
28 String encodedJsonBase64;
29 try {
30 encodedJsonBase64 = new String(Base64.encodeBase64(info.getBytes(DEFAULT_CHARSET), false, true));
31 } catch (UnsupportedEncodingException e) {
32 throw new RuntimeException(String.format("system not support encoding %s", DEFAULT_CHARSET));
33 }
34
35 // 3. 使用secret key 对ç¾åä¿¡æ¯åŠ 密
36 byte[] sign;
37 try {
38 SecretKey sk = new SecretKeySpec(secretKey.getBytes(DEFAULT_CHARSET), ALGORITHM);
39 Mac mac = Mac.getInstance(sk.getAlgorithm());
40 mac.init(sk);
41 sign = mac.doFinal(encodedJsonBase64.getBytes(DEFAULT_CHARSET));
42 } catch (Exception e) {
43 throw new RuntimeException("sha1 sign error");
44 }
45
46 // 4. åŠ å¯†åŽçš„ç¾åä¿¡æ¯åšURL安全的Base64ç¼–ç
47 String encoded_sign = new String(Base64.encodeBase64(sign, false, true));
48
49 // 5. 生æˆæœ€ç»ˆè®¤è¯å—符串
50 String accessToken = String.format("%s:%s:%s", accessKey, encoded_sign, encodedJsonBase64);
51
52 return accessToken;
53 }
54}