检索加密哈希响应上的 id
Posted
技术标签:
【中文标题】检索加密哈希响应上的 id【英文标题】:retrieve the id on the encrypted hash response 【发布时间】:2020-03-28 22:01:27 【问题描述】:检索加密哈希响应的 id。可以在Java android函数上解密吗?
当toast是结果字符串时出现,我无法获取id,当我取用户名字符串时,出现的是字符串结果。帮助,我很困惑
Json 响应
"status": 200,
"reason": "OK",
"success": true,
"message": null,
"result": "eyJ0eXAiOiJKV1QiLCJhbGciOiJITUFDLVNIQTI1NiJ9.eyJpZCI6IjQ5OSIsImVtYWlsIjoiYmlzbWlsbGFoYmlzYUBleGFtcGxlLmNvbSIsIm1zaXNkbiI6IjA3OTc5Nzg0NjQ5NCIsInVzZXJuYW1lIjoiYmlzbWlsbGFoYmlzYSIsInZlcmlmaWVkTWVtYmVyIjpudWxsLCJwcm9maWxlIjp7ImlkIjoiMzE2IiwiaWRfZ2VvZGlyZWN0b3J5IjpudWxsLCJmdWxsbmFtZSI6ImJpc21pbGxhaGJpc2EiLCJudW1iZXIiOiIyNzQyNDciLCJpbWFnZSI6Imh0dHBzOlwvXC9kZW1vLmtyZWRpdGltcGlhbi5jb21cL3N0b3JhZ2VcL2ltYWdlc1wvZGVmYXVsdFwvYXZhdGFyLmpwZyIsInJlY29yZCI6eyJzdGF0dXMiOiJQVUJMSVNIIiwiY3JlYXRlIjp7InVzZXIiOm51bGwsInRpbWVzdGFtcCI6eyJkYXRlIjoiMjAxOS0xMi0wMyAxNTowODozMi4wMDAwMDAiLCJ0aW1lem9uZV90eXBlIjozLCJ0aW1lem9uZSI6IkFzaWFcL0pha2FydGEifX0sInVwZGF0ZSI6eyJ1c2VyIjpudWxsLCJ0aW1lc3RhbXAiOm51bGx9fSwibWV0YWRhdGEiOnsidXNlcm5hbWUiOiJiaXNtaWxsYWhiaXNhIiwiZW1haWwiOiJiaXNtaWxsYWhiaXNhQGV4YW1wbGUuY29tIiwicGhvbmUiOiIwNzk3OTc4NDY0OTQifSwic3RhdGlzdGljIjpudWxsfX0.zIEhdU5MyNjReG_9_661FWf0_R5eZuJweyl0JNFd7X0"
LoginUser.java
public void LoginUser()
//membuat progress dialog
pDialog = new ProgressDialog(this);
pDialog.setCancelable(false);
pDialog.setMessage("Tunggu proses login ...");
pDialog.show();
//mengambil data dari edittext
final String username = txtusername.getText().toString().trim();
final String password = txtpassword.getText().toString().trim();
OkHttpClient client = new OkHttpClient.Builder()
.connectTimeout(50, TimeUnit.SECONDS)
.readTimeout(50, TimeUnit.SECONDS).build();
Retrofit retrofit = new Retrofit.Builder()
.baseUrl(BuildConfig.BASE_URL).client(client)
.addConverterFactory(GsonConverterFactory.create(new Gson())).build();
RequestInterface api = retrofit.create(RequestInterface.class);
Call<ResponseLoginSucces> call = api.login_member(username, password);
call.enqueue(new Callback<ResponseLoginSucces>()
@Override
public void onResponse(Call<ResponseLoginSucces> call, Response<ResponseLoginSucces> response)
if(response.isSuccessful())
pDialog.dismiss();
if(response.body().getResult() != null)
// Jika login berhasil
String id = response.body().getResult();
String email = response.body().getResult();
String username = response.body().getResult();
String msisdn = response.body().getResult();
sharedPrefManager.saveSPString(SharedPrefManager.SP_ID, id);
sharedPrefManager.saveSPString(SharedPrefManager.SP_EMAIL, email);
sharedPrefManager.saveSPString(SharedPrefManager.SP_USERNAME, username);
sharedPrefManager.saveSPString(SharedPrefManager.SP_MSISDN, msisdn);
Toast.makeText(getApplicationContext(), "Berhasil Login" +id, Toast.LENGTH_SHORT).show();
Intent intent = new Intent(LoginUser.this, MenuUtama.class);
sharedPrefManager.saveSPBoolean(SharedPrefManager.SP_SUDAH_LOGIN, true);
startActivity(intent);
finish();
else
Toast.makeText(LoginUser.this, "The username or password is incorrect", Toast.LENGTH_SHORT).show();
else
Toast.makeText(LoginUser.this, "Error! Please try again!", Toast.LENGTH_SHORT).show();
@Override
public void onFailure(Call<ResponseLoginSucces> call, Throwable t)
t.printStackTrace();
pDialog.dismiss();
Toast.makeText(LoginUser.this, "Koneksi internet terputus.", Toast.LENGTH_SHORT).show();
);
SharedPrefManager.java
public class SharedPrefManager
public static final String SP_Kreditimpian = "kreditimpian_v2_demo";
public static final String SP_ID = "id";
public static final String SP_EMAIL = "email";
public static final String SP_USERNAME = "username";
public static final String SP_MSISDN ="msisdn";
public static final String SP_SUDAH_LOGIN = "spSudahLogin";
SharedPreferences sp;
SharedPreferences.Editor spEditor;
public SharedPrefManager(Context context)
sp = context.getSharedPreferences(SP_Kreditimpian, Context.MODE_PRIVATE);
spEditor = sp.edit();
public void saveSPString(String keySP, String value)
spEditor.putString(keySP, value);
spEditor.commit();
public void saveSPInt(String keySP, int value)
spEditor.putInt(keySP, value);
spEditor.commit();
public void saveSPBoolean(String keySP, boolean value)
spEditor.putBoolean(keySP, value);
spEditor.commit();
public String getSPID()
return sp.getString(SP_ID, "");
public String getSPEmail()
return sp.getString(SP_EMAIL, "");
public String getSpUsername()
return sp.getString(SP_USERNAME, "");
public String getSpMsisdn()
return sp.getString(SP_MSISDN, "");
public Boolean getSPSudahLogin()
return sp.getBoolean(SP_SUDAH_LOGIN, false);
FragmentMenu.java
sharedPrefManager = new SharedPrefManager(getActivity());
Toast.makeText(getActivity(), "Identitas mu "+ sharedPrefManager.getSPID(), Toast.LENGTH_SHORT).show();
【问题讨论】:
我不熟悉Android开发,但是如果你知道加密的算法和密钥,那么你也可以解密。 您最初是如何生成该哈希码的? 我不明白哈希是如何开始的。我从供应商那里得到了一个 API,登录验证的结果得到了像加密一样的结果。当我询问时,代码是从 String ID、USERNAME、EMAIL、PHONE 生成的。他们没有解释使用哈希的方法。你能解释一下上面的问题吗? 我不太确定我是否理解您的要求,但 JSON 中的result 是 Base64 编码的(无论如何,大部分都是)。
好的,显然它是一个 JSON Web Token,它由三个 Base64 编码的部分组成,用句点 (.) 分隔它们。你想要的数据在中间部分,我想。我以前从未处理过这些,但它看起来是非常简单的字符串拆分和 Base64 解码。 this post 上的答案可能对您有所帮助。如果您仔细研究,这里肯定还有其他帖子。
【参考方案1】:
正如@Mike M. 上面所说,响应JSON 字符串中的result 似乎是用Base64 编码的,它可以被视为由点(.) 分隔的3 部分。因此,如果您解码第二部分,您将获得以下有效 JSON 字符串,那么字段 id 的值 499 就是您要检索的内容。
"id":"499",
"email":"bismillahbisa@example.com",
"msisdn":"079797846494",
"username":"bismillahbisa",
"verifiedMember":null,
"profile":
"id":"316",
"id_geodirectory":null,
"fullname":"bismillahbisa",
"number":"274247",
"image":"https:\/\/demo.kreditimpian.com\/storage\/images\/default\/avatar.jpg",
"record":
"status":"PUBLISH",
"create":
"user":null,
"timestamp":
"date":"2019-12-03 15:08:32.000000",
"timezone_type":3,
"timezone":"Asia\/Jakarta"
,
"update":
"user":null,
"timestamp":null
,
"metadata":
"username":"bismillahbisa",
"email":"bismillahbisa@example.com",
"phone":"079797846494"
,
"statistic":null
如果你能先得到result作为响应,那么你可以使用下面的代码sn-p来解码result的第二部分和java.util.Base64(Java 8)。对于 Java 7,您可以使用 Apache Commons Codec 进行解码(Maven 依赖关系如下所示)。最后,使用 3 个最流行的 JSON 库(Jackson、Gson 和 org.json)检索 id 的值。
Apache Commons 编解码器(适用于 Java 7)
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.9</version>
</dependency>
代码 sn-p
// Java 8
//String jsonStr = new String(Base64.getDecoder().decode(resultStr.split("\\.")[1].getBytes()), "UTF-8");
// Java 7
String jsonStr = new String(Base64.decodeBase64(result.split("\\.")[1]), "UTF-8");
// Jackson
String id = new ObjectMapper().readTree(jsonStr).get("id").asText();
// Gson
id = new Gson().fromJson(jsonStr, JsonObject.class).get("id").getAsString();
// org.json
id = new JSONObject(jsonStr).getString("id");
【讨论】:
"resultStr.split" 你从哪里得到的? @indriyanto Nugroho ‵resultStr 等于response.body().getResult(),如果它的输出是响应 JSON 字符串中的 result 的值。
可以放在响应函数后面吗???如下@LHCHIN
@indriyanto Nugroho 当然可以!你能在上面的 URL 中发布你的 IDE 关于错误的内容吗?
prnt.sc/q6c4w3这个错误,不知道是什么错误,需要为Base64添加依赖吗?如果是这样,哪个依赖项? @LHCHIN【参考方案2】:
public void LoginUser()
//membuat progress dialog
pDialog = new ProgressDialog(this);
pDialog.setCancelable(false);
pDialog.setMessage("Tunggu proses login ...");
pDialog.show();
//mengambil data dari edittext
final String username = txtusername.getText().toString().trim();
final String password = txtpassword.getText().toString().trim();
OkHttpClient client = new OkHttpClient.Builder()
.connectTimeout(50, TimeUnit.SECONDS)
.readTimeout(50, TimeUnit.SECONDS).build();
Retrofit retrofit = new Retrofit.Builder()
.baseUrl(BuildConfig.BASE_URL).client(client)
.addConverterFactory(GsonConverterFactory.create(new Gson())).build();
RequestInterface api = retrofit.create(RequestInterface.class);
Call<ResponseLoginSucces> call = api.login_member(username, password);
call.enqueue(new Callback<ResponseLoginSucces>()
@Override
public void onResponse(Call<ResponseLoginSucces> call, Response<ResponseLoginSucces> response)
if(response.isSuccessful())
pDialog.dismiss();
if(response.body().getResult() != null)
String jsonStr = new String(Base64.getDecoder().decode(resultStr.split("\\.")[1].getBytes()), "UTF-8");
// Gson
id = new Gson().fromJson(jsonStr, JsonObject.class).get("id").getAsString();
// Jika login berhasil
String id = response.body().getResult();
String email = response.body().getResult();
String username = response.body().getResult();
String msisdn = response.body().getResult();
sharedPrefManager.saveSPString(SharedPrefManager.SP_ID, id);
sharedPrefManager.saveSPString(SharedPrefManager.SP_EMAIL, email);
sharedPrefManager.saveSPString(SharedPrefManager.SP_USERNAME, username);
sharedPrefManager.saveSPString(SharedPrefManager.SP_MSISDN, msisdn);
Toast.makeText(getApplicationContext(), "Berhasil Login" +id, Toast.LENGTH_SHORT).show();
Intent intent = new Intent(LoginUser.this, MenuUtama.class);
sharedPrefManager.saveSPBoolean(SharedPrefManager.SP_SUDAH_LOGIN, true);
startActivity(intent);
finish();
else
Toast.makeText(LoginUser.this, "The username or password is incorrect", Toast.LENGTH_SHORT).show();
else
Toast.makeText(LoginUser.this, "Error! Please try again!", Toast.LENGTH_SHORT).show();
@Override
public void onFailure(Call<ResponseLoginSucces> call, Throwable t)
t.printStackTrace();
pDialog.dismiss();
Toast.makeText(LoginUser.this, "Koneksi internet terputus.", Toast.LENGTH_SHORT).show();
);
【讨论】:
以上是关于检索加密哈希响应上的 id的主要内容,如果未能解决你的问题,请参考以下文章