我一直在努力尝试检索正确的签名,以便用于从 Aliexpress API 获取访问令牌。 签名附加到 URL 的末尾,然后,如果签名正确,它会返回访问令牌、刷新令牌、用户凭据等。不幸的是,我无法按照“平台标准”。 我现在很困惑。
我在这段代码中所做的是调用我的
app_key在文档的示例中,签名字符串看起来像..
D13F2A03BE94D9AAE9F933FFA7B13E0A5AD84A3DAEBC62A458A3C382EC2E91EC
虽然我的看起来像..
FA09CDF0AA01015E5CF20B05234D25BA00203952EA00D86EEDA7A199D3483725
const generateSign = () => {
const code = localStorage.getItem("authCode");
const params = {
app_key: appKey,
timestamp: timestamp,
sign_method: sign_method,
code: code,
};
console.log(params);
const sortedParams = Object.keys(params)
.sort()
.reduce((acc, key) => {
acc[key] = params[key];
return acc;
}, {});
console.log(sortedParams);
let concatenatedString = "";
for (const key in sortedParams) {
concatenatedString += `${key}${sortedParams[key]}`;
}
const apiName = "/auth/token/security/create";
concatenatedString = apiName + concatenatedString;
console.log(concatenatedString);
const encodedString = encodeURIComponent(concatenatedString);
console.log(encodedString);
const hash = CryptoJS.HmacSHA256(encodedString, appSecret);
console.log(hash);
const signature = hash.toString(CryptoJS.enc.Hex).toUpperCase();
console.log(signature);
return signature;
};
遵循以下指南:
修正为:
const generateSign = (params: { [key: string]: any }, endpoint: string) => {
// sort params in alphabetical order
const sortedParams = Object.keys(params)
.sort(
(a: string, b: string) => a > b ? 1 : -1
)
// create concatenated string with sorted params
let concatenatedString = "";
for (const key of sortedParams) {
concatenatedString += `${key}${params[key]}`;
}
// concatenate the endpoint at the start
concatenatedString = endpoint + concatenatedString;
const appSecret = process.env.ALIEXPRESS_APP_SECRET ?? "";
// encode the concatenated string
const hash = CryptoJS.HmacSHA256(concatenatedString, appSecret);
const signature = hash.toString(CryptoJS.enc.Hex).toUpperCase();
return signature;
};