NestJS配置阿里云短信，使用V1或V3签名验证

作者: Poppy11 | 来源:发表于2021-09-18 17:25 被阅读0次

NestJS配置阿里云短信，使用V1或V3签名验证
安卓签名机制浅析
阿里大于发送短信验证码demo
阿里云验证码发送
Adroid 签名机制V1,V2,V3
PHP开发实用-阿里短信服务（Short Message Ser
生产力工具之云片短信平台－模板管理
在Laravel中使用阿里大鱼
阿里云短信服务（可以尝试容联云）
用Laravel Sms实现 laravel短信验证码的发送

V1验证算法

这里有一个坑就是，生成的签名，将PhoneNumberSet和SignName都URL解码了。

import { HttpException, Injectable } from '@nestjs/common'
import { commonJiraJSONConfig } from './commonFun';
import { proxyAxios } from './proxyAxios';
var urlencode = require('urlencode')
const crypto = require('crypto')


@Injectable()
export class commonSMSService {
  private sort_params(params) {
    let strParam = "";
    let keys = Object.keys(params);
    keys.sort();
    for (let k in keys) {
      //k = k.replace(/_/g, '.');
      strParam += ("&" + keys[k] + "=" + params[keys[k]]);
    }
    return strParam
  }

  private formatSignString(reqMethod, endpoint, path, strParam) {
    let strSign = reqMethod + endpoint + path + "?" + strParam.slice(1);
    return strSign;
  }

  private sha1(secretKey, strsign) {
    let signMethodMap = { 'HmacSHA1': "sha1" };
    let hmac = crypto.createHmac(signMethodMap['HmacSHA1'], secretKey || "");
    return hmac.update(Buffer.from(strsign, 'utf8')).digest('base64')
  }

  private get_req_url(params, endpoint) {
    params['Signature'] = escape(params['Signature']);
    params['PhoneNumberSet.0'] = urlencode(params['PhoneNumberSet.0']);
    params['SignName'] = urlencode(params['SignName']);
    const url_strParam = this.sort_params(params)
    return "https://" + endpoint + "/?" + url_strParam.slice(1);
  }

  protected async tencentAutograph(phone: string, code: string, type: string) {
    const jiraMessagesJSON = await commonJiraJSONConfig('Messages.json')
    const jiraMessages = jiraMessagesJSON[type]
    const SECRET_ID = "SECRET_ID "
    const SECRET_KEY = "SECRET_KEY "
    const endpoint = "sms.tencentcloudapi.com"
    const Region = 'ap-guangzhou'
    const Version = '2021-01-11'
    const Action = 'SendSms'
    const Timestamp = Math.round(new Date().getTime() / 1000)
    const Nonce = code
    const obj = {
      'Action': Action,
      'Language': 'zh-CN',
      'Nonce': Nonce,
      'PhoneNumberSet.0': `+86${phone}`,
      'Region': Region,
      'SecretId': SECRET_ID,
      'SignName': jiraMessages?.signature?.content,
      'SmsSdkAppId': '1400557301',
      'TemplateId': jiraMessages?.body?.id,
      'TemplateParamSet.0': code,
      'Timestamp': Timestamp,
      'Version': Version
    }
    // 1. 对参数排序,并拼接请求字符串
    const strParam = this.sort_params(obj)

    // 2. 拼接签名原文字符串
    const reqMethod = "GET";
    const path = "/";
    const strSign = this.formatSignString(reqMethod, endpoint, path, strParam)

    // 3. 生成签名串
    obj['Signature'] = this.sha1(SECRET_KEY, strSign)

    const req_url = this.get_req_url(obj, endpoint)
    return req_url
  }

  public async axiosSMSUrl(phone: string, code: string, type: string) {
    try {
      const getUrl = await this.tencentAutograph(phone, code, type)
      const sendSMSRes: any = await proxyAxios(getUrl,false,'GET')
      if (sendSMSRes.Response?.SendStatusSet[0]?.Code != 'Ok') {
        throw new HttpException("验证码发送失败", 500)
      }
    } catch {
      throw new HttpException("验证码发送失败", 500)
    }
  }
}

V3验证算法

import { Injectable } from '@nestjs/common'
import { commonJiraJSONConfig } from './commonFun';
import { proxyAxios } from './proxyAxios';
const crypto = require('crypto')



@Injectable()
export class commonSMSService {

  sha256(message, secret = '', encoding?) {
    const hmac = crypto.createHmac('sha256', secret)
    return hmac.update(message).digest(encoding)
  }

  getHash(message, encoding = 'hex') {
    const hash = crypto.createHash('sha256')
    return hash.update(message).digest(encoding)
  }

  getDate(timestamp) {
    const date = new Date(timestamp * 1000)
    const year = date.getUTCFullYear()
    const month = ('0' + (date.getUTCMonth() + 1)).slice(-2)
    const day = ('0' + date.getUTCDate()).slice(-2)
    return `${year}-${month}-${day}`
  }

  async getBody(phone: string, code: string, type: string) {
    let jiraMessagesJSON
    if (type !== 'verify') {
      jiraMessagesJSON = await commonJiraJSONConfig('Messages.json')
    } else {
      jiraMessagesJSON = await commonJiraJSONConfig('Messages.json', 573686)
    }
    const jiraMessages = jiraMessagesJSON[type]
    return {
      "PhoneNumberSet": [
        `+86${phone}`
      ],
      "SmsSdkAppId": "1400557301",
      'SignName': jiraMessages?.signature?.content,
      'TemplateId': jiraMessages?.body?.id,
      "TemplateParamSet": [
        `${code}`
      ]
    }
  }

  async axiosSMSUrl(phone: string, code: string, type: string) {
    // 密钥参数
    const SECRET_ID = "AKIDObXDckbCWYJo1xby5uSijTw84j7D2bss"
    const SECRET_KEY = "kDPKxKRHq89tLWR6UbT5RVIo31i8H9k5"

    const endpoint = "sms.tencentcloudapi.com"
    const service = "sms"
    const region = "ap-guangzhou"
    const action = "SendSms"
    const version = "2021-01-11"
    const timestamp = Math.round(Date.now() / 1000)
    console.log(timestamp)
    //时间处理, 获取世界时间日期
    const date = this.getDate(timestamp)
    // ************* 步骤 1：拼接规范请求串 *************
    const signedHeaders = "content-type;host"

    const payload = await this.getBody(phone, code, type)
    const hashedRequestPayload = this.getHash(JSON.stringify(payload));
    const httpRequestMethod = "POST"
    const canonicalUri = "/"
    const canonicalQueryString = ""
    const canonicalHeaders = "content-type:application/json\n" + "host:" + endpoint + "\n"

    const canonicalRequest = httpRequestMethod + "\n"
      + canonicalUri + "\n"
      + canonicalQueryString + "\n"
      + canonicalHeaders + "\n"
      + signedHeaders + "\n"
      + hashedRequestPayload
    console.log(canonicalRequest)

    // ************* 步骤 2：拼接待签名字符串 *************
    const algorithm = "TC3-HMAC-SHA256"
    const hashedCanonicalRequest = this.getHash(canonicalRequest);
    const credentialScope = date + "/" + service + "/" + "tc3_request"
    const stringToSign = algorithm + "\n" +
      timestamp + "\n" +
      credentialScope + "\n" +
      hashedCanonicalRequest
    console.log(stringToSign)

    // ************* 步骤 3：计算签名 *************
    const kDate = this.sha256(date, 'TC3' + SECRET_KEY)
    const kService = this.sha256(service, kDate)
    const kSigning = this.sha256('tc3_request', kService)
    const signature = this.sha256(stringToSign, kSigning, 'hex')
    console.log(signature)

    // ************* 步骤 4：拼接 Authorization *************
    const authorization = algorithm + " " +
      "Credential=" + SECRET_ID + "/" + credentialScope + ", " +
      "SignedHeaders=" + signedHeaders + ", " +
      "Signature=" + signature
    console.log(authorization)

    try {
      const sendSMSRes: any = await proxyAxios(`https://${endpoint}`, false, 'POST', payload,
        {
          "Authorization": authorization,
          "Content-Type": "application/json",
          "Host": endpoint,
          "X-TC-Action": action,
          "X-TC-Timestamp": timestamp.toString(),
          "X-TC-Version": version,
          "X-TC-Region": region
        }
      )
      if (sendSMSRes.Response?.SendStatusSet?.[0]?.Code == 'Ok') {
        return 'ok'
      } else {
        return "sendFail"
      }
    } catch {
      return "sendFail"
    }

  }

}

NestJS配置阿里云短信，使用V1或V3签名验证
V1验证算法这里有一个坑就是，生成的签名，将PhoneNumberSet和SignName都URL解码了。 V3...
安卓签名机制浅析
提纲初步了解：是什么，为什么需要，有什么好处，怎么加密和验证，怎么使用，要点补充签名方案：v1,v2,v3签名...
阿里大于发送短信验证码demo
使用阿里云的短信服务进行短信发送 1.在阿里的短信服务申请短信签名以及短信模板短信签名：image.png 短信...
阿里云验证码发送
实现阿里云的短信验证码服务实现的功能 1.开通阿里云短信服务添加签名和模板下面写代码来实现短信验证码的发送 c...
Adroid 签名机制V1,V2,V3
来源：Android 签名机制 v1、v2、v3 APK 签名方案 v1 签名工具 jarsigner：jdk 自...
PHP开发实用-阿里短信服务（Short Message Ser
步骤 1 使用阿里云短信服务正常发短信需要短信签名短信模板 1申请短信签名根据用户属性来创建符合自身属性的...
生产力工具之云片短信平台－模板管理
四步搞定短信验证码如何搞定短信验证码签名和模板如何使用云片API发送短信验证码Java实现短信验证码和国际短信群发...
在Laravel中使用阿里大鱼
安装扩展 laravel配置开始使用短信签名和短信模板的申请请参照阿里大鱼官网文章参考原文地址
阿里云短信服务（可以尝试容联云）
一、开通阿里云短信服务 1.1、开通阿里云短信服务 1.2、添加签名管理与模板管理注：审批通过后方可使用 1.3...
用Laravel Sms实现 laravel短信验证码的发送
阿里云短信服务使用Laravel Sms这个扩展包实现短信验证码的发送，这里以阿里云的短信服务为例：首先，要创建短...