钉钉自定义机器人加签认证(HmacSHA256)C#实现
0.UTF-8字符集
1.把timestamp+"\n"+密钥当做签名字符串,
2.使用HmacSHA256算法计算签名
3.然后进行Base64 encode
4.最后再把签名参数再进行urlEncode,得到最终的签名。
|
参数 |
说明 |
|
timestamp |
当前时间戳,单位是毫秒,与请求调用时间误差不能超过1小时 |
|
secret |
密钥,机器人安全设置页面,加签一栏下面显示的SEC开头的字符串 |
签名计算代码示例(Java)
Long timestamp = System.currentTimeMillis();
String stringToSign = timestamp + "\n" + secret;
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(secret.getBytes("UTF-8"), "HmacSHA256"));
byte[] signData = mac.doFinal(stringToSign.getBytes("UTF-8"));
return URLEncoder.encode(new String(Base64.encodeBase64(signData)),"UTF-8");
C#版示例
private static byte[] getHmac(string message, string secret)
{
byte[] keyByte = Encoding.UTF8.GetBytes(secret);
byte[] messageBytes = Encoding.UTF8.GetBytes(message);
using (var hmacsha256 = new HMACSHA256(keyByte))
{
byte[] hashmessage = hmacsha256.ComputeHash(messageBytes);
return hashmessage;
}
}
public static Int64 ToUTC(this DateTime time)
{
var zts = TimeZoneInfo.Local.BaseUtcOffset;
var yc = new DateTime(1970, 1, 1).Add(zts);
return (long)(DateTime.Now - yc).TotalMilliseconds;
}
main.cs
var secret = "123";
var timeStamp = DateTime.Now.ToUTC();
var stringToSign = $"{timeStamp}\n{secret}";
var b64 = getHmac(stringToSign, secret);
var b64Str = Convert.ToBase64String(b64);
var sign = HttpUtility.UrlEncode(b64Str);
url = $"{url}×tamp={timeStamp}&sign={sign}";
ok!
