Soap api调用加密算法
在lib中定义加密算法Encription类(接口密文有效时间内生效)。
api定义:
实例化接口:
api的调用:
require 'md5'
require 'base64'
class Encription
class << self
def microtime()
epoch_mirco = Time.now.to_f;
epoch_full = Time.now.to_i;
epoch_fraction = epoch_mirco - epoch_full;
return epoch_fraction.to_s + ' ' + epoch_full.to_s;
end
def uc_authcode(string,operation='DECODE',key='',expiry=0)
ckey_length=4;
key='lzqlzqlzqlzqlzq' if !key||key=='';
key=MD5.hexdigest(key);
keya=MD5.hexdigest(key[0,16]);
keyb=MD5.hexdigest(key[16,16]);
keyc='';
if ckey_length>0
if operation == 'DECODE'
keyc=string[0,ckey_length];
else
keyc=MD5.hexdigest(microtime())[-ckey_length,ckey_length];
end
end
cryptkey=keya+MD5.hexdigest(keya+keyc);
key_length=cryptkey.length;
if operation == 'DECODE'
string=Base64.decode64(string[ckey_length,string.length-ckey_length]);
else
t= expiry==0?'0'*10:(Time.now.to_i+expiry).to_s;
string=t+MD5.hexdigest(string+keyb)[0,16]+string;
end
string_length=string.length;
result='';
box=(0..255).to_a;
rndkey=[];
0.upto(255) do |i|
rndkey[i]=cryptkey[i%key_length];
end
j=0;
0.upto(255) do|i|
j=(j+box[i]+rndkey[i])%256;
tmp=box[i];
box[i]=box[j];
box[j]=tmp;
end
a=0;
j=0;
0.upto(string_length-1) do|i|
a=(a+1)%256;
j=(j+box[a])%256;
tmp=box[a];
box[a]=box[j];
box[j]=tmp;
result<<(string[i]^box[(box[a]+box[j])%256])
end
if operation == 'DECODE'
if((result[0, 10].to_i == 0 || result[0, 10].to_i - Time.now.to_i > 0) && result[10, 16] == MD5.hexdigest(result[26,result.length-26]+keyb)[0, 16])
return result[26,result.length-26];
else
return '';
end
else
#return keyc+Base64.encode64(result).sub('=', '').chomp();
return keyc+Base64.encode64(result);
end
end
end #class << self
end #class Simulation
api定义:
class TransforInfApi < ActionWebService::API::Base
api_method :transfor_inf,
:expects=>[{:user_name=>:string},{:password=>:string},{:nickname=>:string},{:regip=>:string}],
:returns=>[:int]
end
实例化接口:
class TransforInfController < ApplicationController
wsdl_service_name 'TransforInf'
web_service_scaffold :invoke
web_service_api TransforInfApi
web_service_dispatching_mode :direct
def transfor_inf(username,password,nickname,regip)
user_transfor = Encription.uc_authcode(username,'DECODE','',340)
password_transfor = Encription.uc_authcode(password,'DECODE','',340)
nick_name_transfor = Encription.uc_authcode(nickname,'DECODE','',340)
regip_transfor = Encription.uc_authcode(regip,'DECODE','',340)
return -7 if (user_transfor=='' || password_transfor=='' || nick_name_transfor=='' || regip_transfor=='')
user = User.find_by_login(user_transfor)
if !user
@user = User.new
@user.login = user_transfor
@user.password = password_transfor
@user.nickname = nick_name_transfor
@user.regip = regip_transfor
@user.save
return @user.id
elsif user
return -3
else
end
end
end
api的调用:
for user in @users
username = ActionWebService::Client::Soap.new(TransforInfApi,"http://127.0.0.1:5000/transfor_inf/api")
user_name=user.login
@user=User.find_by_login(user_name)
[email protected]
[email protected]
regip="192.168.0.1"
username.transfor_inf(user_name,password,nickname,regip)
end