融云SDK:获取用户Token的方法

  融云SDK查看ServerAPI里面有个获取Token的方法,本以为只要传三个参数就可以。后来发现,在请求头有几个必须要传的参数,否则服务器返回401(未授权)。拿获取Token接口为例子

  

  如图所示,请求头中包含 : App-Key(应用appkey), Nonce(随机数,不限长度),Timestamp(时间戳from1970),Signature(签名)。签名生成的方法 就是 sha1(appsecret+Nonce+Timestamp) 只有这几个请求头的值都正确了,接口才能正确返回Token。(至于什么是sha1加密,又称安全哈希算法,大家自行谷歌。。。)代码如下:

#import <CommonCrypto/CommonCrypto.h>

@implementation MSTool
single_implementation(MSTool)

//获取随机数
-(NSString *)getRandomNonce
{
    NSInteger randomValue = [self getRandomNumber:100000 to:999999];
    return  [NSString stringWithFormat:@"%ld",randomValue];
}
//获取时间戳 从1970年
-(NSString *)getTimestamp
{
    NSDate *date = [NSDate date];
    NSTimeInterval times =  [date timeIntervalSince1970];
    return [NSString stringWithFormat:@"%.0f",times];
}

//获取从 from 到  to 的随机数
-(NSInteger)getRandomNumber:(NSInteger)from to:(NSInteger)to
{
    return (NSInteger)(from + (arc4random() % (to - from + 1)));
}

//sha1 加密
-(NSString *)sha1WithKey:(NSString *)key
{
        const char *cstr = [key cStringUsingEncoding:NSUTF8StringEncoding];
        NSData *data = [NSData dataWithBytes:cstr length:key.length];
        
        uint8_t digest[CC_SHA1_DIGEST_LENGTH];
        
        CC_SHA1(data.bytes, data.length, digest);
        
        NSMutableString *output = [NSMutableString stringWithCapacity:CC_SHA1_DIGEST_LENGTH * 2];
        
        for(int i=0; i<CC_SHA1_DIGEST_LENGTH; i++) {
            [output appendFormat:@"%02x", digest[i]];
        }
        
        return output;
}

//根据appSecret nonce timestamp 获取signature
-(NSString *)getSignatureWithAppSecret:(NSString *)appSecret nonce:(NSString *)nonce timestamp:(NSString *)timestamp
{
    NSString *sha1String = [NSString stringWithFormat:@"%@%@%@",appKey,nonce,timestamp];
    return [self sha1WithKey:sha1String];
}
@end

那么这些参数都有了,服务请求我用的AFN,和其他请求的区别就是设置一下请求头而已,代码如下:

     //获取Token的接口
   url = @"https://api.cn.ronghub.com/user/getToken.json"; AFHTTPSessionManager *manager = [AFHTTPSessionManager manager]; manager.requestSerializer = [AFHTTPRequestSerializer serializer]; NSDictionary *dict = @{@"userId":@"1",@"name":@"panzi",@"portraiUri":@"http://qlogo3.store.qq.com/qzone/645857874/645857874/100?1440900705"}; NSString *appkey = kMSChatAppKey; NSString *nonce = [[MSTool sharedMSTool] getRandomNonce]; NSString *timestamp = [[MSTool sharedMSTool] getTimestamp]; NSString *signature = [[MSTool sharedMSTool]getSignatureWithAppSecret:kMSChatAppSecret nonce:nonce timestamp:timestamp]; NSLog(@"%@",appkey); NSLog(@"%@",nonce); NSLog(@"%@",timestamp); NSLog(@"%@",signature);  //设置请求头 [manager.requestSerializer setValue:appkey forHTTPHeaderField:@"App-Key"]; [manager.requestSerializer setValue:nonce forHTTPHeaderField:@"Nonce"]; [manager.requestSerializer setValue:timestamp forHTTPHeaderField:@"Timestamp"]; [manager.requestSerializer setValue:signature forHTTPHeaderField:@"Signature"];
  //调用POST方法 [manager POST:url parameters:dict progress:nil success:
^(NSURLSessionDataTask * _Nonnull task, id _Nullable responseObject) { NSLog(@"%@",responseObject); } failure:^(NSURLSessionDataTask * _Nullable task, NSError * _Nonnull error) { NSLog(@"%@",error); }];

看看,其实也不是很难啦,根据这个DEMO在稍微封装一下,就可以支持这种需要Header参数验证的接口了。融云还有好多东西,继续看~~

 

附:swift 获取token方法

posted @ 2016-02-25 10:28  丶Pz  阅读(14538)  评论(0编辑  收藏  举报