提交卡密接口例子
提交卡密接口例子
PHP语言
<?php
$jsonStr = '{"goods_sku":"SK000080","app_key":"983614718","timestamp":1693983624,"face_type":0,"discount":991,"face_val":100,"callback_url":"http:\/\/zshp.hanlinyuan.top\/statics\/automifeng.php","attach":"hly","card_no":"112300001251650","card_pwd":"1105289997249963742","third_order_id":"LT09061051281750691675138958","sign":"8965351f2f896e12b67552a1ab0bd974"}';
$app_key = '';
$secret = '';
$arr = json_decode($jsonStr, true);
$arr['app_key'] = $app_key;
$arr['card_pwd'] = aes_encrypt($secret, $arr['card_pwd']);
$arr['timestamp'] = time();
$arr['sign'] = genSign($secret, $arr);
$response = curl('https://shop.task.mf178.cn/userapi/card/submit_card', $arr);
print_r(json_decode($response, true));
function curl($url, $data)
{
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => $data,
));
$response = curl_exec($curl);
$httpCode = curl_getinfo($curl,CURLINFO_HTTP_CODE);
if($httpCode == 404){
$response = '404 Page Not Found';
}
curl_close($curl);
return $response;
}
function genSign($appsecret, $params)
{
ksort($params);
//连接所有参数名与参数值
$buff = '';
foreach ($params as $k => $v) {
if ($k != "sign") {
$buff .= $k . $v;
}
}
//连接加密串
$buff .= $appsecret;
return md5($buff);
}
//敏感信息加密方法
function aes_encrypt($secret, $data)
{
$key = substr(md5($secret), 0, 16);
return base64_encode(openssl_encrypt($data, "AES-128-CBC", $key, TRUE, "0102030405060708"));
}
//敏感信息解密算法
function aes_decrypt($secret, $data)
{
$key = substr(md5($secret), 0, 16);
return openssl_decrypt(base64_decode($data), "AES-128-CBC", $key, TRUE, "0102030405060708");
}
Java语言
import java.util.*;
import java.net.*;
import java.io.*;
import java.nio.charset.StandardCharsets;
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.*;
class Hello {
public static void main(String[] args) {
String jsonStr = "{\"goods_sku\":\"SK000080\",\"app_key\":\"983614718\",\"timestamp\":1693983624,\"face_type\":0,\"discount\":991,\"face_val\":100,\"callback_url\":\"http:\\/\\/zshp.hanlinyuan.top\\/statics\\/automifeng.php\",\"attach\":\"hly\",\"card_no\":\"112300001251650\",\"card_pwd\":\"1105289997249963742\",\"third_order_id\":\"LT09061051281750691675138958\",\"sign\":\"8965351f2f896e12b67552a1ab0bd974\"}";
String app_key = "";
String secret = "";
Map<String, Object> arr = new HashMap<>();
String[] pairs = jsonStr.split(",");
for (String pair : pairs) {
String[] keyValue = pair.split(":");
String key = keyValue[0].replaceAll("[{}\"]", "");
String value = keyValue[1].replaceAll("[{}\"]", "");
arr.put(key, value);
}
arr.put("app_key", app_key);
arr.put("card_pwd", aes_encrypt(secret, arr.get("card_pwd").toString()));
arr.put("timestamp", System.currentTimeMillis() / 1000L);
arr.put("sign", genSign(secret, arr));
String response = curl("https://shop.task.mf178.cn/userapi/card/submit_card", arr);
System.out.println(response);
}
static String curl(String url, Map<String, Object> data) {
try {
URL obj = new URL(url);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
StringJoiner sj = new StringJoiner("&");
for (Map.Entry<String, Object> entry : data.entrySet()) {
sj.add(URLEncoder.encode(entry.getKey(), "UTF-8") + "=" + URLEncoder.encode(entry.getValue().toString(), "UTF-8"));
}
byte[] postData = sj.toString().getBytes(StandardCharsets.UTF_8);
con.setDoOutput(true);
try (DataOutputStream wr = new DataOutputStream(con.getOutputStream())) {
wr.write(postData);
}
StringBuilder response = new StringBuilder();
try (BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()))) {
String inputLine;
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
}
return response.toString();
} catch (Exception e) {
e.printStackTrace();
return "";
}
}
static String genSign(String appsecret, Map<String, Object> parameters) {
Map<String, Object> sortedParams = new TreeMap<>(parameters);
//连接所有参数名与参数值
StringBuilder buff = new StringBuilder();
for (Map.Entry<String, Object> entry : sortedParams.entrySet()) {
if (!entry.getKey().equals("sign")) {
buff.append(entry.getKey()).append(entry.getValue());
}
}
//连接加密串
buff.append(appsecret);
return getMD5(buff.toString());
}
static String aes_encrypt(String secret, String data) {
String key = getMD5(secret).substring(0, 16);
byte[] iv = "0102030405060708".getBytes(StandardCharsets.UTF_8);
byte[] dataBytes = data.getBytes(StandardCharsets.UTF_8);
try {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES"), new IvParameterSpec(iv));
byte[] result = cipher.doFinal(dataBytes);
return Base64.getEncoder().encodeToString(result);
} catch (Exception e) {
e.printStackTrace();
return "";
}
}
static String getMD5(String input) {
try {
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] hashBytes = md.digest(input.getBytes(StandardCharsets.UTF_8));
StringBuilder sb = new StringBuilder();
for (byte b : hashBytes) {
sb.append(String.format("%02x", b));
}
return sb.toString();
} catch (Exception e) {
e.printStackTrace();
return "";
}
}
}
python 语言
import hashlib
'''
前面两个卸载命令是为了防止一些安装环境问题(具体原因请查看:https://blog.csdn.net/chouzhou9701/article/details/106432497/)
pip uninstall crypto
pip uninstall pycryptodome
pip install pycryptodome
'''
from Crypto.Cipher import AES
import base64
import json
import requests
import time
def curl(url, data):
response = requests.post(url, data=data)
return response.text
def genSign(appsecret, params):
params.pop('sign', None)
sorted_params = sorted(params.items())
buff = ''.join([f'{k}{v}' for k, v in sorted_params])
buff += appsecret
return hashlib.md5(buff.encode('utf-8')).hexdigest()
def aes_encrypt(secret, data):
key = hashlib.md5(secret.encode('utf-8')).hexdigest()[:16]
iv = b'0102030405060708'
data = data.encode('utf-8')
pad = 16 - len(data) % 16
data += bytes([pad] * pad)
cipher = AES.new(key.encode('utf-8'), AES.MODE_CBC, iv)
encrypted = cipher.encrypt(data)
return base64.b64encode(encrypted).decode('utf-8')
def aes_decrypt(secret, data):
key = hashlib.md5(secret.encode('utf-8')).hexdigest()[:16]
iv = b'0102030405060708'
data = base64.b64decode(data)
cipher = AES.new(key.encode('utf-8'), AES.MODE_CBC, iv)
decrypted = cipher.decrypt(data)
pad = decrypted[-1]
if pad < 1 or pad > 16:
pad = 0
return decrypted[:-pad].decode('utf-8')
jsonStr = '{"goods_sku":"SK000080","app_key":"983614718","timestamp":1693983624,"face_type":0,"discount":991,"face_val":100,"callback_url":"http:\/\/zshp.hanlinyuan.top\/statics\/automifeng.php","attach":"hly","card_no":"112300001251650","card_pwd":"1105289997249963742","third_order_id":"LT09061051281750691675138958","sign":"8965351f2f896e12b67552a1ab0bd974"}'
app_key = ''
secret = ''
arr = json.loads(jsonStr)
arr['app_key'] = app_key
arr['card_pwd'] = aes_encrypt(secret, arr['card_pwd'])
arr['timestamp'] = int(time.time())
arr['sign'] = genSign(secret, arr)
response = curl('https://shop.task.mf178.cn/userapi/card/submit_card', arr)
print(json.loads(response))
修改于 2025-04-23 06:47:07