HTTP对接
我们提供了Apifox在线调试: https://apidocs.kauth.cn
您可以导入到您本地的apifox中进行调试
设置全局变量
merchant_public_key
商户公钥:登录管理系统-> 系统设置 -> 密钥配置 -> RSA公钥 PKCS#8格式
merchant_program_key
程序密钥:登录管理系统 -> 程序列表 -> 程序密钥
programId
程序ID: 登录管理系统 -> 程序列表 -> 程序ID
加密脚本
const CryptoJS = require('crypto-js');
const rsa = require('jsrsasign');
function aesEncrypt(data, key) {
return CryptoJS.AES.encrypt(
CryptoJS.enc.Utf8.parse(data),
CryptoJS.enc.Utf8.parse(key),
{
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.ZeroPadding
}
).ciphertext.toString(CryptoJS.enc.Base64);
}
function aesDecrypt(data, key) {
const decrypted = CryptoJS.AES.decrypt(
{
ciphertext: CryptoJS.enc.Base64.parse(data)
},
CryptoJS.enc.Utf8.parse(key),
{
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.ZeroPadding
}
);
return decrypted.toString(CryptoJS.enc.Utf8);
}
function generateUUID() {
const timestamp = Date.now().toString(16).padStart(12, '0');
const randomPart = Math.random().toString(16).substring(2, 10) +
Math.random().toString(16).substring(2, 6);
return `${timestamp.substring(0, 8)}-${timestamp.substring(8, 12)}-4${randomPart.substring(0, 3)}-${(Math.random() * 4 | 0 + 8).toString(16)}${randomPart.substring(3, 6)}-${randomPart.substring(6)}${Math.random().toString(16).substring(2, 10)}`;
}
let requestUrl = pm.request.url.toString()
let domain = "kauth.cn"
requestUrl = requestUrl.substring(requestUrl.indexOf(domain) + domain.length)
let requestBodyJson = ""
if (pm.request.body != undefined && pm.request.body != null) {
requestBodyJson = JSON.stringify(JSON.parse(pm.request.body.toString()));
}
let ka_nonce = generateUUID();
let ka_time = new Date().getTime()
let signTemplate =
"url:" + requestUrl + "\n" +
"body:" + requestBodyJson + "\n" +
"nonce:" + ka_nonce + "\n" +
"time:" + ka_time;
const md5hash = CryptoJS.MD5(signTemplate);
let merchantProgramKey = pm.globals.get("merchant_program_key")
if (requestBodyJson != "") {
requestBodyJson = aesEncrypt(requestBodyJson, merchantProgramKey)
pm.request.body.update(requestBodyJson);
}
const pemBody = pm.globals.get("merchant_public_key").trim();
const merchantPublicKey =
`-----BEGIN PUBLIC KEY-----\n${pemBody}\n-----END PUBLIC KEY-----`;
const pubKey = rsa.KEYUTIL.getKey(merchantPublicKey);
const encryptedHex = rsa.KJUR.crypto.Cipher.encrypt(md5hash.toString(), pubKey, "RSA");
const encryptedB64 = rsa.hextob64(encryptedHex);
// 输出加密后的 Hex 格式密文
pm.request.headers.add({ key: "Program-Id", value: pm.globals.get("programId")})
pm.request.headers.add({ key: "ka-nonce", value: ka_nonce})
pm.request.headers.add({ key: "ka-time", value: ka_time})
pm.request.headers.add({ key: "ka-sign-type", value: "RSA"})
pm.request.headers.add({ key: "ka-sign", value: encryptedB64})
解密脚本
const CryptoJS = require('crypto-js');
const rsa = require('jsrsasign');
function aesEncrypt(data, key) {
return CryptoJS.AES.encrypt(
CryptoJS.enc.Utf8.parse(data),
CryptoJS.enc.Utf8.parse(key),
{
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.ZeroPadding
}
).ciphertext.toString(CryptoJS.enc.Base64);
}
function aesDecrypt(data, key) {
const decrypted = CryptoJS.AES.decrypt(
{
ciphertext: CryptoJS.enc.Base64.parse(data)
},
CryptoJS.enc.Utf8.parse(key),
{
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.ZeroPadding
}
);
return decrypted.toString(CryptoJS.enc.Utf8);
}
if (pm.response.status != "OK") {
return
}
let jsonBody = pm.response.json()
let merchantProgramKey = pm.globals.get("merchant_program_key")
if (jsonBody.data && jsonBody.data != "") {
console.log(jsonBody.data)
let decryptData = aesDecrypt(jsonBody.data,merchantProgramKey)
jsonBody.data = JSON.parse(decryptData)
pm.response.setBody(jsonBody)
}