//构造创建文件夹的签名
//oauth_consumer_key
//oauth_nonce
//oauth_timestamp
//oauth_token
//path
//root
QString kpSDK::getCreateFolderSignature(QString ¶Str, const QString &consKeyStr, const QString &consKeySecretStr,\
const QString &oauTknStr, const QString &oauTknSercetStr,\
bool &isAppPath, QString &folderName)
{
QString createFolderBaseUrl;
createFolderBaseUrl.clear(); //将请求的URI路径进行URL编码
createFolderBaseUrl.append("GET&");
createFolderBaseUrl.append(QUrl::toPercentEncoding(KP_CREATE_FOLDER_URL));
createFolderBaseUrl.append("&");
//对参数进行升序排列 然后合并
addTknNonceTimes(paraStr,consKeyStr);
paraStr.append("&");
paraStr.append(OATOKEN); //oauth_token
paraStr.append(oauTknStr);
paraStr.append("&");
paraStr.append(FOLDER_NAME);
paraStr.append(QString(QUrl::toPercentEncoding(folderName)));
paraStr.append("&");
paraStr.append(FOLDER_ROOT);
if(isAppPath)
{
paraStr.append("app_folder");
}
else
{
paraStr.append("kuaipan");
}
createFolderBaseUrl.append(QUrl::toPercentEncoding(paraStr));// 对参数进行编码 然后合并成源串
QString secret=consKeySecretStr+"&";//构建密钥
secret=secret.append(oauTknSercetStr);
return hmacSha1(secret.toLatin1(),createFolderBaseUrl.toLatin1()); //返回签名
}
inline QByteArray SessionStore::signSession(const QByteArray &message) const
{
if (priv->macSecret.isEmpty())
return message;
return message + ':' + hmacSha1(priv->macSecret, message);
}
void
MessageAuthenticator::authenticateMessage(QByteArray msg)
{
//take raw message and hash with key
QByteArray mac = hmacSha1(key, msg);
msg.append(mac);
emit messageAuthenticated(msg);
}
/**
* Generates HMAC-SHA1 signature
* @param signatureBase signature base
* @return HMAC-SHA1 signature
*/
QByteArray OAuth::generateSignatureHMACSHA1(const QByteArray& signatureBase)
{
//OAuth spec. 9.2 https://oauth.net/core/1.0/#anchor16
QByteArray key = m_oauthConsumerSecret + '&' + m_oauthTokenSecret;
QByteArray result = hmacSha1(signatureBase, key);
QByteArray resultBE64 = result.toBase64();
QByteArray resultPE = resultBE64.toPercentEncoding();
return resultPE;
}
QString HMACSha1Signature::getSignature(QString baseString, QString apiSecret, QString tokenSecret)
{
QByteArray key = apiSecret.toUtf8().toPercentEncoding();
key.append('&');
if(!tokenSecret.isEmpty()) {
QByteArray tokenSecretEncode = tokenSecret.toUtf8().toPercentEncoding();
key.append(tokenSecretEncode);
}
QByteArray baseStringByte = baseString.toUtf8();
return hmacSha1(key, baseStringByte);
}
//构造reqToken 获取签名
// oauth_consumer_key
// oauth_nonce
// oauth_timestamp
QString kpSDK::getReqTknSignature(QString ¶Str, const QString &consKeyStr, const QString &consKeySecretStr)
{
QString ReqTokenBaseUrl;
ReqTokenBaseUrl.clear(); //将请求的URI路径进行URL编码
ReqTokenBaseUrl.append("GET&");
ReqTokenBaseUrl.append(QUrl::toPercentEncoding(KP_REQUEST_TOKEN_SRC_URL));
ReqTokenBaseUrl.append("&");
//对参数进行升序排列 然后合并
addTknNonceTimes(paraStr,consKeyStr);
ReqTokenBaseUrl.append(QUrl::toPercentEncoding(paraStr));// 对参数进行编码 然后合并成源串
return hmacSha1((consKeySecretStr+"&").toLatin1(),ReqTokenBaseUrl.toLatin1()); //返回签名
}
inline QByteArray SessionStore::unsignSession(const QByteArray &message) const
{
if (priv->macSecret.isEmpty())
return message;
const int indexOfColon(message.lastIndexOf(':'));
const QByteArray unhashedMessage(message.left(indexOfColon));
const QByteArray hash(message.mid(indexOfColon + 1));
if (hmacSha1(priv->macSecret, unhashedMessage) != hash)
return QByteArray();
return unhashedMessage;
}
//构造上传文件 签名
QString kpSDK::getUploadFileSignature(QString ¶Str, const QString &consKeyStr, const QString &consKeySecretStr, \
const QString &oauTknStr, const QString &oauTknSercetStr,\
const bool &isOverWrite, const bool &isAppPath, const QString &toPath, const QString &fullUrl)
{
QString uploadFileBaseUrl;
uploadFileBaseUrl.clear(); //将请求的URI路径进行URL编码
uploadFileBaseUrl.append("POST&");
uploadFileBaseUrl.append(QUrl::toPercentEncoding(fullUrl));
uploadFileBaseUrl.append("&");
//对参数进行升序排列 然后合并
addTknNonceTimes(paraStr,consKeyStr);
paraStr.append("&");
paraStr.append(OATOKEN); //oauth_token
paraStr.append(oauTknStr);
paraStr.append("&");
paraStr.append(UPLOAD_OVER_WRITE); //overwrite
if(isOverWrite)
paraStr.append("True");
else paraStr.append("False");
paraStr.append("&");
paraStr.append(FOLDER_NAME); //path
paraStr.append(QUrl::toPercentEncoding(toPath));
paraStr.append("&");
paraStr.append(FOLDER_ROOT); //root
if(isAppPath)
{
paraStr.append("app_folder");
}
else
{
paraStr.append("kuaipan");
}
uploadFileBaseUrl.append(QUrl::toPercentEncoding(paraStr));// 对参数进行编码 然后合并成源串
QString secret=consKeySecretStr+"&";//构建密钥
secret=secret.append(oauTknSercetStr);
return hmacSha1(secret.toLatin1(),uploadFileBaseUrl.toLatin1()); //返回签名
}
//构造获取上传节点 签名
QString kpSDK::getUploadLocateSignature(QString ¶Str, const QString &consKeyStr, const QString &consKeySecretStr, \
const QString &oauTknStr, const QString &oauTknSercetStr)
{
QString upLocaBaseUrl;
upLocaBaseUrl.clear(); //将请求的URI路径进行URL编码
upLocaBaseUrl.append("GET&");
upLocaBaseUrl.append(QUrl::toPercentEncoding(KP_UPLOAD_LOCATE_URL));
upLocaBaseUrl.append("&");
//对参数进行升序排列 然后合并
addTknNonceTimes(paraStr,consKeyStr);
paraStr.append("&");
paraStr.append(OATOKEN); //oauth_token
paraStr.append(oauTknStr);
upLocaBaseUrl.append(QUrl::toPercentEncoding(paraStr));// 对参数进行编码 然后合并成源串
QString secret=consKeySecretStr+"&";//构建密钥
secret=secret.append(oauTknSercetStr);
return hmacSha1(secret.toLatin1(),upLocaBaseUrl.toLatin1()); //返回签名
}
//构造获取用户信息 的签名
//oauth_consumer_key
//oauth_nonce
//oauth_timestamp
//oauth_token
QString kpSDK::getUsrInfoSignature(QString ¶Str, const QString &consKeyStr, const QString &consKeySecretStr,\
const QString &oauTknStr, const QString &oauTknSercetStr)
{
QString getUsrInfoBaseUrl;
getUsrInfoBaseUrl.clear(); //将请求的URI路径进行URL编码
getUsrInfoBaseUrl.append("GET&");
getUsrInfoBaseUrl.append(QUrl::toPercentEncoding(KP_GET_USR_INFO_URL));
getUsrInfoBaseUrl.append("&");
//对参数进行升序排列 然后合并
addTknNonceTimes(paraStr,consKeyStr);
paraStr.append("&");
paraStr.append(OATOKEN); //oauth_token
paraStr.append(oauTknStr);
getUsrInfoBaseUrl.append(QUrl::toPercentEncoding(paraStr));// 对参数进行编码 然后合并成源串
QString secret=consKeySecretStr+"&";//构建密钥
secret=secret.append(oauTknSercetStr);
return hmacSha1(secret.toLatin1(),getUsrInfoBaseUrl.toLatin1()); //返回签名
}
//构造请求accessToken 签名
//oauth_consumer_key
//oauth_nonce
//oauth_timestamp
//oauth_token
QString kpSDK::getAcesTknSignature(QString ¶Str, const QString &consKeyStr, const QString &consKeySecretStr, \
const QString &tmpTknStr, const QString &tmpTknSercetStr)
{
QString acesTknBaseUrl;
acesTknBaseUrl.clear(); //将请求的URI路径进行URL编码
acesTknBaseUrl.append("GET&");
acesTknBaseUrl.append(QUrl::toPercentEncoding(KP_ACCESS_TOKEN_SRC_URL));
acesTknBaseUrl.append("&");
//对参数进行升序排列 然后合并
addTknNonceTimes(paraStr,consKeyStr);
paraStr.append("&");
paraStr.append(OATOKEN);
paraStr.append(tmpTknStr);
acesTknBaseUrl.append(QUrl::toPercentEncoding(paraStr));// 对参数进行编码 然后合并成源串
QString secret=consKeySecretStr+"&";
secret=secret.append(tmpTknSercetStr);
return hmacSha1(secret.toLatin1(),acesTknBaseUrl.toLatin1()); //返回签名
}
//构造 分享文件 签名
//oauth_consumer_key
//oauth_nonce
//oauth_timestamp
//oauth_token
QString kpSDK::getShareFileSignature(QString ¶Str, const QString &consKeyStr, const QString &consKeySecretStr, \
const QString &oauTknStr, const QString &oauTknSercetStr, \
const QString &newShareFileUrl)
{
QString shareFileBaseUrl;
shareFileBaseUrl.clear(); //将请求的URI路径进行URL编码
shareFileBaseUrl.append("GET&");
shareFileBaseUrl.append(QUrl::toPercentEncoding(newShareFileUrl));
shareFileBaseUrl.append("&");
//对参数进行升序排列 然后合并
addTknNonceTimes(paraStr,consKeyStr);
paraStr.append("&");
paraStr.append(OATOKEN); //oauth_token
paraStr.append(oauTknStr);
shareFileBaseUrl.append(QUrl::toPercentEncoding(paraStr));// 对参数进行编码 然后合并成源串
QString secret=consKeySecretStr+"&";//构建密钥
secret=secret.append(oauTknSercetStr);
return hmacSha1(secret.toLatin1(),shareFileBaseUrl.toLatin1()); //返回签名
}
//构造删除文件 的签名
//oauth_consumer_key
//oauth_nonce
//oauth_timestamp
//oauth_token
//path
//root
//to_recycle
QString kpSDK::getDelFileSignature(QString ¶Str, const QString &consKeyStr, const QString &consKeySecretStr, \
const QString &oauTknStr, const QString &oauTknSercetStr, \
bool &isAppPath, QString &fileName, bool &toRecyle)
{
QString delFileBaseUrl;
delFileBaseUrl.clear(); //将请求的URI路径进行URL编码
delFileBaseUrl.append("GET&");
delFileBaseUrl.append(QUrl::toPercentEncoding(KP_DEL_FILE_URL));
delFileBaseUrl.append("&");
//对参数进行升序排列 然后合并
addTknNonceTimes(paraStr,consKeyStr);
paraStr.append("&");
paraStr.append(OATOKEN); //oauth_token
paraStr.append(oauTknStr);
paraStr.append("&");
paraStr.append(FOLDER_NAME);
paraStr.append(QString(QUrl::toPercentEncoding(fileName)));
paraStr.append("&");
paraStr.append(FOLDER_ROOT);
if(isAppPath)
{
paraStr.append("app_folder&");
}
else
{
paraStr.append("kuaipan&");
}
paraStr.append(TO_RECYLE);
if(toRecyle)
{
paraStr.append("True");
}
else paraStr.append("False");
delFileBaseUrl.append(QUrl::toPercentEncoding(paraStr));// 对参数进行编码 然后合并成源串
QString secret=consKeySecretStr+"&";//构建密钥
secret=secret.append(oauTknSercetStr);
return hmacSha1(secret.toLatin1(),delFileBaseUrl.toLatin1()); //返回签名
}
void FbxAPI::requestSession()
{
QJsonObject json;
json.insert("app_id", mApplicationId);
json.insert("app_version",mApiInfo.version);
json.insert("password",hmacSha1(mApplicationToken.toUtf8(),
mChallenge.toUtf8()));
QJsonDocument doc(json);
QNetworkReply * reply = post(myCreateRequest("login/session"), doc.toJson());
connect(reply,SIGNAL(finished()),this,SLOT(requestSessionFinished()));
connect(reply,SIGNAL(error(QNetworkReply::NetworkError)),this,SLOT(errorReceived(QNetworkReply::NetworkError)));
qDebug()<<"app Id " <<mApplicationId;
qDebug()<<"challenge "<<mChallenge;
qDebug()<<reply->url();
qDebug()<<doc.toJson();
}
QString Utl::getAuthorizationCode(const QString &acc_key, const QString &method, const QMap<QString, QString> &headers, const QString &resource)
{
QString content_md5 = headers.value("Content-Md5","");
QString content_type = headers.value("Content-Type","");
QString date = headers.value("Date","");
QString canonicalized_resource = resource;
QString canonicalized_oss_headers = "";
QMap<QString,QString> tmp_headers = _formatHeader(headers);
if (tmp_headers.size()>0){
QMapIterator<QString,QString> it(tmp_headers);
while(it.hasNext()){
it.next();
if (it.key().startsWith(self_define_header_prefix)){
canonicalized_oss_headers+=it.key()+":"+it.value()+"\n";
}
}
}
QString string_to_sign=method + "\n" + content_md5 + "\n" + content_type + "\n" + date + "\n" + canonicalized_oss_headers + canonicalized_resource;
// qDebug()<<canonicalized_oss_headers;
return hmacSha1(acc_key.toLocal8Bit(),string_to_sign.toLocal8Bit());
}
//构造 下载文件的签名
//oauth_consumer_key
//oauth_nonce
//oauth_timestamp
//oauth_token
//path
//root
QString kpSDK::getDownFileSignature(QString ¶Str, const QString &consKeyStr, const QString &consKeySecretStr, \
const QString &oauTknStr, const QString &oauTknSercetStr, \
bool &isAppPath, const QString &fromPath)
{
QString dwnFileBaseUrl;
dwnFileBaseUrl.clear(); //将请求的URI路径进行URL编码
dwnFileBaseUrl.append("GET&");
dwnFileBaseUrl.append(QUrl::toPercentEncoding(KP_DOWNLOAD_FILE_URL));
dwnFileBaseUrl.append("&");
paraStr.append(DATA_FROM_PATH);
paraStr.append(QUrl::toPercentEncoding(fromPath));
paraStr.append("&");
//对参数进行升序排列 然后合并
addTknNonceTimes(paraStr,consKeyStr);
paraStr.append("&");
paraStr.append(OATOKEN); //oauth_token
paraStr.append(oauTknStr);
paraStr.append("&");
paraStr.append(FOLDER_NAME);
paraStr.append(QUrl::toPercentEncoding(fromPath));
paraStr.append("&");
paraStr.append(FOLDER_ROOT);
if(isAppPath)
{
paraStr.append("app_folder");
}
else
{
paraStr.append("kuaipan");
}
dwnFileBaseUrl.append(QUrl::toPercentEncoding(paraStr));// 对参数进行编码 然后合并成源串
QString secret=consKeySecretStr+"&";//构建密钥
secret=secret.append(oauTknSercetStr);
return hmacSha1(secret.toLatin1(),dwnFileBaseUrl.toLatin1()); //返回签名
}
QString saltPassword(const QString &salt, const QString &password)
{
return hmacSha1(password.toUtf8(), salt.toUtf8()).toBase64();
}
void Exchange_BTCChina::sendToApi(int reqType, QByteArray method, bool auth, bool sendNow, QByteArray commands)
{
if(auth)
{
if(julyHttpAuth==0)
{
julyHttpAuth=new JulyHttp("api.btcchina.com","",this,true,true,"application/json-rpc");
connect(julyHttpAuth,SIGNAL(anyDataReceived()),baseValues_->mainWindow_,SLOT(anyDataReceived()));
connect(julyHttpAuth,SIGNAL(setDataPending(bool)),baseValues_->mainWindow_,SLOT(setDataPending(bool)));
connect(julyHttpAuth,SIGNAL(apiDown(bool)),baseValues_->mainWindow_,SLOT(setApiDown(bool)));
connect(julyHttpAuth,SIGNAL(errorSignal(QString)),baseValues_->mainWindow_,SLOT(showErrorMessage(QString)));
connect(julyHttpAuth,SIGNAL(sslErrorSignal(const QList<QSslError> &)),this,SLOT(sslErrors(const QList<QSslError> &)));
connect(julyHttpAuth,SIGNAL(dataReceived(QByteArray,int)),this,SLOT(dataReceivedAuth(QByteArray,int)));
}
QByteArray signatureParams;
signatureParams=commands;
signatureParams.replace("\"","");
signatureParams.replace("true","1");
signatureParams.replace("false","");
QByteArray postData;
QByteArray appendedHeader;
static int tonceCounter=0;
static quint32 lastTonce=QDateTime::currentDateTime().toTime_t();
quint32 newTonce=QDateTime::currentDateTime().toTime_t();
if(lastTonce!=newTonce)
{
tonceCounter=0;
lastTonce=newTonce;
}
else
{
tonceCounter+=10;
if(tonceCounter>99)tonceCounter=0;
}
QByteArray tonceCounterData=QByteArray::number(tonceCounter);
if(tonceCounter>9)tonceCounterData.append("0000");
else tonceCounterData.append("00000");
QByteArray tonce=QByteArray::number(newTonce)+tonceCounterData;
QByteArray signatureString="tonce="+tonce+"&accesskey="+getApiKey()+"&requestmethod=post&id=1&method="+method+"¶ms="+signatureParams;
signatureString=getApiKey()+":"+hmacSha1(getApiSign(),signatureString).toHex();
if(debugLevel&&reqType>299)logThread->writeLog(postData);
postData="{\"method\":\""+method+"\",\"params\":["+commands+"],\"id\":1}";
appendedHeader="Authorization: Basic "+signatureString.toBase64()+"\r\n";
appendedHeader+="Json-Rpc-Tonce: "+tonce+"\r\n";
if(sendNow)
julyHttpAuth->sendData(reqType, "POST /api_trade_v1.php",postData,appendedHeader);
else
julyHttpAuth->prepareData(reqType, "POST /api_trade_v1.php",postData,appendedHeader);
}
QByteArray QtHmacSha1::hmacSha1(QByteArray buffer, int offset, int length)
{
return hmacSha1(buffer.mid(offset,length));
}
