秒验——手机号码置换接口 原创
功能说明
- 提交客户端获取到的token、opToken等数据,验证后返回手机号码
- 服务端务必不要缓存DNS,否则可能影响服务高可用性
调用地址
请求头
- Content-Type :application/json
- appkey:xxxxxxxxxx
入参说明
字段 | 类型 | 说明 | 必传 |
appkey | String | app标识 | Y |
token | String | 客户端的token | Y |
opToken | String | 客户端返回的运营商token | Y |
operator | String | 客户端返回的运营商,CMCC:中国移动通信, CUCC:中国联通通讯, CTCC:中国电信 | Y |
sign | String | 签名(MD5(所有参数使用key的正序,通过a=b&b=c+appSecret组成)) | Y |
timestamp | long | 当前时间戳(毫秒) | Y |
md5 | String | APK的md5签名,例:e4caa1a08ba0570b5c1290b1a0bc9252 | N |
加密示例
- 参数
"appkey" -> "2f2d7j9wf8a40"
"opToken" -> "f630dwff2f8f209c60a6449cf971ad50b3e83f4620a1536252457229836325"
"operator" -> "CUCC"
"token" -> "0:AAAAhAAAAIAIFOEDCVObiS1Pdyogg4JQw5Su4ce9rl/QVDaqKlcGDCzBssmrB3dYL3HcnNG9Gj7IzhiB/cRJF221cELTGHRiFGAjpGpjipkw/EbnoFuxjp3TPAhvprf/vqWm9dmUQCJ7P/+twKy5o5Y9XBBpD+W/jVPX/WbIQofYg3YGwAAAPDTY7g1X3rL326Dnlsifj/UDjoZ0Ftdh8qWG+ofn0P41bbO6q88id06vkU2x2eUEOb1RggqYt+BLHyG3PoLIC0AMGoUcTVyCcGYq15j+ZS23qiA2SLRYgwvvhD3N+HKTSWEPmYQDUKls5fckyQGW6x6yGB71NDUqwntBdQxwmT6W5NG379KyvPwRkZSN4cyJ29HugMMTx/0F9nF6YVgEogEHOms515lQ7f3TJqTidsVdIehQcDb2FdXnCJUjnOJTK4RWRHp9IvTxwXgmsT7WzkwWuSe/12sEx8Zdk2U66//nqgJ5c1FDbuHsqGlKA8fYyo="
"timestamp" -> 1655190952281
"appSecret" -> "9abee316611wd9ff607feb9f2c496338"
- 排序结果
appkey=2f2d7j9wf8a40&opToken=f630dwff2f8f209c60a6449cf971ad50b3e83f4620a1536252457229836325&operator=CUCC×tamp=1655190952281&token=0:AAAAhAAAAIAIFOEDCVObiS1Pdyogg4JQw5Su4ce9rl/QVDaqKlcGDCzBssmrB3dYL3HcnNG9Gj7IzhiB/cRJF221cELTGHRiFGAjpGpjipkw/EbnoFuxjp3TPAhvprf/vqWm9dmUQCJ7P/+twKy5o5Y9XBBpD+W/jVPX/WbIQofYg3YGwAAAPDTY7g1X3rL326Dnlsifj/UDjoZ0Ftdh8qWG+ofn0P41bbO6q88id06vkU2x2eUEOb1RggqYt+BLHyG3PoLIC0AMGoUcTVyCcGYq15j+ZS23qiA2SLRYgwvvhD3N+HKTSWEPmYQDUKls5fckyQGW6x6yGB71NDUqwntBdQxwmT6W5NG379KyvPwRkZSN4cyJ29HugMMTx/0F9nF6YVgEogEHOms515lQ7f3TJqTidsVdIehQcDb2FdXnCJUjnOJTK4RWRHp9IvTxwXgmsT7WzkwWuSe/12sEx8Zdk2U66//nqgJ5c1FDbuHsqGlKA8fYyo=
- 拼接appSecret
appkey=2f2d7j9wf8a40&opToken=f630dwff2f8f209c60a6449cf971ad50b3e83f4620a1536252457229836325&operator=CUCC×tamp=1655190952281&token=0:AAAAhAAAAIAIFOEDCVObiS1Pdyogg4JQw5Su4ce9rl/QVDaqKlcGDCzBssmrB3dYL3HcnNG9Gj7IzhiB/cRJF221cELTGHRiFGAjpGpjipkw/EbnoFuxjp3TPAhvprf/vqWm9dmUQCJ7P/+twKy5o5Y9XBBpD+W/jVPX/WbIQofYg3YGwAAAPDTY7g1X3rL326Dnlsifj/UDjoZ0Ftdh8qWG+ofn0P41bbO6q88id06vkU2x2eUEOb1RggqYt+BLHyG3PoLIC0AMGoUcTVyCcGYq15j+ZS23qiA2SLRYgwvvhD3N+HKTSWEPmYQDUKls5fckyQGW6x6yGB71NDUqwntBdQxwmT6W5NG379KyvPwRkZSN4cyJ29HugMMTx/0F9nF6YVgEogEHOms515lQ7f3TJqTidsVdIehQcDb2FdXnCJUjnOJTK4RWRHp9IvTxwXgmsT7WzkwWuSe/12sEx8Zdk2U66//nqgJ5c1FDbuHsqGlKA8fYyo=9abee316611wd9ff607feb9f2c496338
- 计算MD5结果
sign 3f1991b27b1c86a32e661eabdd3d1f5a
请求示例
curl --location --request POST 'http://identify.verify.mob.com/auth/auth/sdkClientFreeLogin' \
--header 'Content-Type: application/json' \
--data-raw '{"token":"0:AAAAhAAAAIAIJn3PvTUUJ94umGqPmZCFtprF5Pg7uCxb+Opp+JtZrHIX3yxVOGEHJQLHuRLU1hlTbYyxCMfW53fuck6OL1X+01qdf+NpTVj1ApmQzapKWFB3DEPNNdyad8HwxZY/ZGWcch0Njy+Pb0TgqMwAytBWKu5vlvN9LRoWw/6F3K4BGgAAAPDHlbG1uFKewi7J1g3d6tAor/kIHG0A8csscrESYVfmVYzB6RBfQWfwDpZIYLrXOuSFdWP3bqKbEyIiqvSeY3ktxSus2lUdD6MzwYo1aXJ6oALEW/A07Qx5/3S6ClSmtGrHuzDnC6JCsmHEQWR7S2wNLSojS95Zd91AC2gpqV5tmKEaVGDc827JVEHXFX6Zr5d0pNmBHLS0b67BrNfG4v0qSgcf/OL3a1xOQVieqUDbrAPiNF7Q2wifCbj0FQyIt5+LPpOkqKDbYff21WinJMTOuOMoJcqOhrI1gUEmnHE/ZU8ZZXN52Kffd+Pk7aR7MMU=","opToken":"a53c2dc92083cb1375218a0f1dd35e0050bb26e40ba0a1536204920384995379", "appkey": "2f2d7a68f8a40", "operator": "CUCC", "sign": "576ec00ac6ad80a2d0a92872d748e82b", "timestamp": 1655094782181}'
响应示例
请求成功
{
"error": null,
"res": "ZfukzNuB5oKbxBKxK9MoYFzr1IDZ0Z/i+xLYyq/JCAmi24DPYHdGeUqxE6OjQuP3VY1c76CyfoU=",
"seqid": "456484936150429696",
"status": 200
请求失败
{
"status": 4119342,
"res": null,
"error": "签名错误",
"seqid": "null"
- 响应参数
key | description |
error | 返回码描述 |
res | 加密后的JSON串,含有返回的手机号,需进行DES解密 |
seqid | 流水号,请求出错时可能为空 |
status | 返回码 |
数据解密
返回体中的res数据需要使用appSecet解密
解密方式
DES/CBC/PKCS5Padding
偏移量 00000000
使用base64转码
字段说明
{
"isValid":1,
"phone": "13888888888",
"valid":"true"
字段 | 类型 | 必传 | 说明 |
isValid | integer | Y | 验证状态,1:成功, 2:失败 |
phone | string | Y | 返回手机号 |
valid | boolean | Y | 验证状态 true 成功 false:失败 |
示例代码
Java
import java.security.Key;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.IvParameterSpec;
public class DES {
public static final String ALGORITHM = "DES";
public static final String PADDING = "DES/CBC/PKCS5Padding";
private static final byte[] DEFAULT_INITIALIZATION_VECTOR = ("00000000".getBytes());
private String padding = PADDING;
private AlgorithmParameterSpec paramSpec;
public DES(String padding, byte[] initializationVectorBytes) {
this.padding = padding;
this.paramSpec = new IvParameterSpec(initializationVectorBytes);
}
public byte[] decodeBytes(byte[] data, byte[] key) throws Exception {
Key secretKey = getKey(key);
Cipher cipher = Cipher.getInstance(padding);
cipher.init(Cipher.DECRYPT_MODE, secretKey, paramSpec);
return cipher.doFinal(data);
}
private static Key getKey(byte[] key) throws Exception {
DESKeySpec dks = new DESKeySpec(key);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
SecretKey secretKey = keyFactory.generateSecret(dks);
return secretKey;
}
public static byte[] decode(byte[] data, byte[] key) throws Exception {
return decode(data, key, DEFAULT_INITIALIZATION_VECTOR);
}
public static byte[] decode(byte[] data, byte[] key, byte[] ivBytes) throws Exception {
DES des = new DES(PADDING, ivBytes);
return des.decodeBytes(data, key);
}
}
import java.util.Base64;
public abstract class Base64Utils {
public Base64Utils() {
}
public static byte[] decode(byte[] src) {
return src.length == 0
返回码
错误码 | 说明 |
5119104 | 解密失败 |
5119105 | 服务错误 |
4119301 | 数据校验失败 |
4119302 | 数据不存在 |
5119302 | 数据不存在 |
4119303 | 数据已经存在 |
5119303 | 数据已经存在 |
4119310 | token未找到 |
5119310 | token未找到 |
4119311 | token非法 |
4119330 | App没有初始化 |
4119331 | AppSecret错误 |
5119341 | 余额不足 |
5119501 | 未知的运营商类型 |
5119511 | AppKey每分钟验证次数超过限制 |
5119513 | 未审核的包名每天验证数量超过限制 |
4119521 | 包名没有配置 |
5119531 | AppKey在黑名单中 |
5119546 | [免密登录][APP每分钟]超限 |
5119507 | 免密登录失败 |
5119509 | 免密获取TOKEN失败 |
4119342 | 签名错误 |
4119343 | timestamp错误 |
5119601 | 未设置价格 |
常见错误
参考一键登录置换接口报错排查文档