go-zero 签名使用

用户8556127542563
204 阅读2分钟

由于官方文档讲解不清楚,以及其他博客教程讲解不详细,所以编写此文章,快速解决大家问题。

//签名源码地址
github.com/zeromicro/go-zero\@v1.8.1/rest/internal/security

使用步骤: 一、配置签名

/zero-pro/api/etc/api-api.yaml
Signature:
  Strict: true
  Expiry: 1h
  PrivateKeys:
    - Fingerprint: "q4t7w!z%C*F-JaNdRgUjXn2r5u8x/A?D"
      KeyFile: ./secret/private.pem

二、生成签名

    timestamp := time.Now().Unix()

    //key
    key := l.svcCtx.Config.Signature.PrivateKeys[0].Fingerprint

    //secret
    content := strings.Join([]string{
       "version=v1",
       "type=0",
       fmt.Sprintf("key=%s", base64.StdEncoding.EncodeToString([]byte(key))),
       "time=" + strconv.FormatInt(timestamp, 10),
    }, "; ")

    publicKey, err := os.ReadFile("./secret/public.pem")
    if err != nil {
       log.Fatal("读取公钥文件失败:", err)
    }

    encrypter, err := codec.NewRsaEncrypter(publicKey)
    output, err := encrypter.Encrypt([]byte(content))
    secret := base64.StdEncoding.EncodeToString(output)

    //signature
    sha := sha256.New()
    sha.Write([]byte(`{
    "key": "key",
    "secret": "secret",
    "signature": "signature"
}`))
    bodySign := fmt.Sprintf("%x", sha.Sum(nil))

    u, err := url.Parse("http://127.0.0.1:1689/v1/sign/demo")
    if err != nil {
       return nil, err
    }
    path := u.Path
    query := u.RawQuery

    contentOfSign := strings.Join([]string{
       strconv.FormatInt(timestamp, 10),
       "POST",
       path,
       query,
       bodySign,
    }, "\n")
    signature := codec.HmacBase64([]byte(key), contentOfSign)

    logx.Infof("%s=========:%v", httpx.ContentSecurity, strings.Join([]string{
       fmt.Sprintf("key=%s", key),
       "secret=" + base64.StdEncoding.EncodeToString(output),
       "signature=" + signature,
    }, "; "))

三、请求示例

image.png

备注:公钥、私钥如下:

公钥
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD7bq4FLG0ctccbEFEsUBuRxkjE
eJ5U+0CAEjJk20V9/u2Fu76i1oKoShCs7GXtAFbDb5A/ImIXkPY62nAaxTGK4KVH
miYbRgh5Fy6336KepLCtCmV/r0PKZeCyJH9uYLs7EuE1z9Hgm5UUjmpHDhJtkAwR
my47YlhspwszKdRP+wIDAQAB
-----END PUBLIC KEY-----

私钥
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQD7bq4FLG0ctccbEFEsUBuRxkjEeJ5U+0CAEjJk20V9/u2Fu76i
1oKoShCs7GXtAFbDb5A/ImIXkPY62nAaxTGK4KVHmiYbRgh5Fy6336KepLCtCmV/
r0PKZeCyJH9uYLs7EuE1z9Hgm5UUjmpHDhJtkAwRmy47YlhspwszKdRP+wIDAQAB
AoGBANs1qf7UtuSbD1ZnKX5K8V5s07CHwPMygw+lzc3k5ndtNUStZQ2vnAaBXHyH
Nm4lJ4AI2mhQ39jQB/1TyP1uAzvpLhT60fRybEq9zgJ/81Gm9bnaEpFJ9bP2bBrY
J0jbaTMfbzL/PJFl3J3RGMR40C76h5yRYSnOpMoMiKWnJqrhAkEA/zCOkR+34Pk0
Yo3sIP4ranY6AAvwacgNaui4ll5xeYwv3iLOQvPlpxIxFHKXEY0klNNyjjXqgYjP
cOenqtt6UwJBAPw7EYuteVHvHvQVuTbKAaYHcOrp4nFeZF3ndFfl0w2dwGhfzcXO
ROyd5dNQCuCWRo8JBpjG6PFyzezayF4KLrkCQCGditoxHG7FRRJKcbVy5dMzWbaR
3AyDLslLeK1OKZKCVffkC9mj+TeF3PM9mQrV1eDI7ckv7wE7PWA5E8wc90MCQEOV
MCZU3OTvRUPxbicYCUkLRV4sPNhTimD+21WR5vMHCb7trJ0Ln7wmsqXkFIYIve8l
Y/cblN7c/AAyvu0znUECQA318nPldsxR6+H8HTS3uEbkL4UJdjQJHsvTwKxAw5qc
moKExvRlN0zmGGuArKcqS38KG7PXZMrUv3FXPdp6BDQ=
-----END RSA PRIVATE KEY-----

image.png

avatar
文章
阅读
粉丝