Archives
/
SmsForwarder
mirror of https://github.com/pppscn/SmsForwarder
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
v2.x
v1.x
v3.3.1
v3.3.0
v3.3.0-alpha
v3.2.0
v3.1.1
v3.1.0
v3.0.9
v3.0.8
v3.0.7
v3.0.6
v3.0.5
v3.0.4
v3.0.3
v3.0.2
v3.0.1
v2.4.4
v2.4.3
v2.4.2
v2.4.1
v2.4.0
v2.3.0
v2.2.1
v2.2.0
1.0.0
1.1.0
1.2.0
1.3.0
1.4.0
1.5.0
1.6.0
1.7.0
1.7.4
v2.0.0
v2.1.0
v3.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8a79c56fa2'
${ noResults }
SmsForwarder/doc/POST_WEB.md

3.0 KiB
Raw Blame History Unescape Escape

配置转发到WEB后测试或者转发时会向配置的token即url发送POST请求

⚠ 有一个已经实现好的站点消息通知

请求体如下

post form 参数:

key 类型 说明
from string 来源手机号
content string 短信内容
timestamp string 当前时间戳单位是毫秒建议验证与请求调用时间误差不能超过1小时防止重放欺骗
sign string 当设置secret时生成的sign签名用于发送端校验规则见下方sign校验规则

sign校验规则

把timestamp+"\n"+密钥当做签名字符串使用HmacSHA256算法计算签名然后进行Base64 encode最后再把签名参数再进行urlEncode得到最终的签名需要使用UTF-8字符集 | 参数 | 说明 | | ---- | ---- | | timestamp | 当前时间戳单位是毫秒建议验证与请求调用时间误差不能超过1小时防止重放欺骗 | | secret | 密钥web通知设置页面secret |

示例:

//java

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;

import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;

public class Test {
    public static void main(String[] args) throws Exception {
        Long timestamp = System.currentTimeMillis();
        String secret = "this is secret";

        String stringToSign = timestamp + "\n" + secret;
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(new SecretKeySpec(secret.getBytes(StandardCharsets.UTF_8), "HmacSHA256"));
        byte[] signData = mac.doFinal(stringToSign.getBytes(StandardCharsets.UTF_8));
        String sign = URLEncoder.encode(new String(Base64.encodeBase64(signData)), "UTF-8");
        System.out.println(sign);
    }

}


#python 3.8
import time
import hmac
import hashlib
import base64
import urllib.parse

timestamp = str(round(time.time() * 1000))
secret = 'this is secret'
secret_enc = secret.encode('utf-8')
string_to_sign = '{}\n{}'.format(timestamp, secret)
string_to_sign_enc = string_to_sign.encode('utf-8')
hmac_code = hmac.new(secret_enc, string_to_sign_enc, digestmod=hashlib.sha256).digest()
sign = urllib.parse.quote_plus(base64.b64encode(hmac_code))
print(timestamp)
print(sign)


#python 2.7
import time
import hmac
import hashlib
import base64
import urllib

timestamp = long(round(time.time() * 1000))
secret = 'this is secret'
secret_enc = bytes(secret).encode('utf-8')
string_to_sign = '{}\n{}'.format(timestamp, secret)
string_to_sign_enc = bytes(string_to_sign).encode('utf-8')
hmac_code = hmac.new(secret_enc, string_to_sign_enc, digestmod=hashlib.sha256).digest()
sign = urllib.quote_plus(base64.b64encode(hmac_code))
print(timestamp)
print(sign)