我正尝试使用他们的多通道登录名自动将我的用户登录到aidly.com中,如下所述:http://dev.assistly.com/docs/portal/multipass
我试图使用as3crypto将其代码示例(https://github.com/assistly/multipass-examples)转换为Actionscript,显然没有成功。
这是我所拥有的:
package
{
import com.adobe.crypto.SHA1;
import com.adobe.serialization.json.JSON;
import com.hurlant.crypto.*
import com.hurlant.util.Base64;
import flash.utils.ByteArray;
public class AssistlySingleSignOn
{
protected static var API_SITE_KEY:String = "YOUR SITE KEY"
protected static var MULTIPASS_KEY:String = "YOUR MULTIPASS API KEY"
public function AssistlySingleSignOn()
{
}
public static function generateMultipass(uid:String, username:String, email:String):String
{
var o:Object = {};
o.uid = uid;
o.expires = "2012-12-29T10:25:28-08:00";
o.customer_email = email;
o.customer_name = username;
var salted:String = API_SITE_KEY + MULTIPASS_KEY;
var hash:String = SHA1.hash(salted);
var saltedHash:String = hash.substr(0, 16);
var iv:String = "OpenSSL for Ruby";
var ivByteArray:ByteArray = new ByteArray();
ivByteArray.writeUTFBytes(iv);
var key:ByteArray = new ByteArray();
key.writeUTFBytes(saltedHash);
key.position = 0;
var json:String = JSON.encode(o);
var jsonByteArray:ByteArray = new ByteArray();
jsonByteArray.writeUTFBytes(json);
var padding:IPad = new PKCS5(16);
ivByteArray.position = 0;
key.position = 0;
var cyphered:CBCMode = Crypto.getCipher("aes-128-cbc", key, padding) as CBCMode;
jsonByteArray.position = 0;
cyphered.IV = ivByteArray;
cyphered.encrypt(jsonByteArray);
jsonByteArray.position = 0;
var base64:String = Base64.encode(jsonByteArray.readUTFBytes(jsonByteArray.length));
/*Convert to a URL safe string by performing the following
Remove any newlines
Remove trailing equal (=) characters
Change any plus (+) characters to dashes (-)
Change any slashes (/) characters to underscores (_)*/
base64 = base64.replace(/\n/g, "");
base64 = base64.replace(/=/g, "");
base64 = base64.replace(/+/g, "-");
base64 = base64.replace(/\//g, "_");
return base64;
}
}
}
我假设我在IV内容或填充方面做错了,因为我不太了解;-)
最佳答案
您可能要使用其他加密类,或修改as3crypto类。我知道SHA1函数与PHP sha1函数存在不一致之处。看到这个:
sha1 hash from as3crypto differs from the one made with PHP
这可能会使您的值无效。我的建议是在计算时跟踪所有数据,并在PHP或github中的其他示例中对相同的数据运行它们。查看数据的差异。我敢打赌这将是与AS3Crypto有关的问题。