第三方系统与i人事免登处理

最后更新于:2019-11-12 22:13:06

术语说明

  • 免登:i人事系统的部分特定用户,调用i人事免登接口,可以自动跳转进入i人事系统,并保持i人事登录状态。
  • 限定:在i人事系统中开通免登权限的特定企业用户。
  • 前提:企业已开通免登权限,并且该企业的员工同意进行免登。
  • 是否免费:只有付费用户才可以使用。

免登流程

1,第三方系统在i人事中注册企业并申请免登(已有企业,直接申请免登),并获得许可信息(licence),私钥(privateKey)以及客户唯一身份标志。

2,已开通免登权限的企业,登录i人事系统,对特定用户进行免登授权。

3,第三方系统访问i人事免登链接https://www.ihr360.com/gateway/login/free?loginfree_licence=***&signature=***。

URL中参数说明

  • loginfree_licence: 申请免登后获得的许可信息(licence)
  • signature:加密的签名信息。该数据由company_id(客户唯一身份标志),mobile_no(免登手机号)和timestamp(当前时戳)三部分,再通过privateKey(私钥)进行加密后得到(加密结果中的加号需要进行替换:+替换为%2B)。例如:company_id为abcd,mobile_no为18888888888,timestamp为1553241731997,则合成的数据为company_id=abcd&mobile_no=18888888888&timestamp=1553241731997;privateKey为MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALjkFSWFniNvQR49j+MH2G5cW42GZpTW3VxKWcqYX9EziqlvfqDAt4rce3LRlS5s4LjqeTM5Q6MpI5VVCzG1HmVqcLLiUyX+JcVAScehrqgio55+QMs/TlKddPbmXUn2PAfAQ8IcPJQBWan16g9u2dViy++hmwT6Vjk0Vs3wPEcZAgMBAAECgYEAnkAqkWkih7XMCLQsmee3Kg7HFgV5e9/ErB+/ZxawvIDfKFMUEUeiUaqRxx74DzqFxgB7KIrVB6xIlqKp6CvcDQDEWLQxdJzoRktop6l/jCmPCb2UMB1fgf+AtNQQpih3Owe8zAQTSbtTH6x3vPmJBkTMOJFnEWco5tmApizRcGECQQDnP1zL1sTE6FPGEazvtSgXPrybDzbzOGgAS7igTqK5x/YmCuQcftkiCwS7bZeOvx7gOZRIA4OjGT72hvUFimctAkEAzK51fkPlGLlDDmQocyBB2oK5Nl011p2uqzSF/DVvZd4pEJ2+7xrU62Nel6KpESfd2bzI1iOCQvlCoU3owWdTHQJAWpglN6plHitSnpdQI/zZvvmSFEFKqtCfVfZUV2FXOOdQ1KiRo2RClqawbOlLZd4UL43/PJM74ArE8vn+RfRp5QJAOEqitZ8mmq4Y6xRQq5jrg5UAKxtneybSqvM/BiYMBRAcax13LXtLo5Eoqrtpk/ZK5V8uPPZ3FMRItuQeZ1JrYQJBAKGzNZ5FdU3ASlKvZPfWho8GhKCWlI4jiV5r9TTTjuXQWTHJ3dzyLhNlhT3AooeUDHlL/jBu1WxSTOwWw9JpVB8=,将合成结果与privateKey进行加密(需调用加密工具类的加密方法encryptByPrivateKey),得到加密结果:qupy6kM6ElpUSq+ds+iajM6lQeQ85Q+bjM9bPhAEQxlheyAMhjC6NY83ApvpYbUPdgD/XVleZ0gVCq4rEk7v+vNbQZ/rf0V9dsTSZM046XdS+ZOxNRVI/P3Y4VqR7xhdUXxbmtpF47FTulEX6jTTAwCElSk+Cv7S4SRwN4sgTcs=;对加密结果中的加号进行替换,所得结果为qupy6kM6ElpUSq%2Bds%2BiajM6lQeQ85Q%2BbjM9bPhAEQxlheyAMhjC6NY83ApvpYbUPdgD/XVleZ0gVCq4rEk7v%2BvNbQZ/rf0V9dsTSZM046XdS%2BZOxNRVI/P3Y4VqR7xhdUXxbmtpF47FTulEX6jTTAwCElSk%2BCv7S4SRwN4sgTcs=;最终,结果为signature=qupy6kM6ElpUSq%2Bds%2BiajM6lQeQ85Q%2BbjM9bPhAEQxlheyAMhjC6NY83ApvpYbUPdgD/XVleZ0gVCq4rEk7v%2BvNbQZ/rf0V9dsTSZM046XdS%2BZOxNRVI/P3Y4VqR7xhdUXxbmtpF47FTulEX6jTTAwCElSk%2BCv7S4SRwN4sgTcs=

4,加密工具类

public final class EncryptUtil {

public static String encryptByPrivateKey(String content, String privateKey) throws NoSuchAlgorithmException, Exception {
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64Util.decode(privateKey));
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
Key key = keyFactory.generatePrivate(keySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] resultBytes = cipher.doFinal(content.getBytes("UTF-8"));
return Base64Util.encode(resultBytes);
}

static final class Base64Util {

static private final int BASE_LENGTH = 128;
static private final int LOOKUP_LENGTH = 64;
static private final int TWENTY_FOUR_BIT_GROUP = 24;
static private final int EIGHT_BIT = 8;
static private final int SIXTEEN_BIT = 16;
static private final int FOUR_BYTE = 4;
static private final int SIGN = -128;
static private final char PAD = '=';
static private final boolean fDebug = false;
static final private byte[] base64Alphabet = new byte[BASE_LENGTH];
static final private char[] lookUpBase64Alphabet = new char[LOOKUP_LENGTH];

static {
for (int i = 0; i < BASE_LENGTH; ++i) {
base64Alphabet[i] = -1;
}
for (int i = 'Z'; i >= 'A'; i--) {
base64Alphabet[i] = (byte) (i - 'A');
}
for (int i = 'z'; i >= 'a'; i--) {
base64Alphabet[i] = (byte) (i - 'a' + 26);
}

for (int i = '9'; i >= '0'; i--) {
base64Alphabet[i] = (byte) (i - '0' + 52);
}

base64Alphabet['+'] = 62;
base64Alphabet['/'] = 63;

for (int i = 0; i <= 25; i++) {
lookUpBase64Alphabet[i] = (char) ('A' + i);
}

for (int i = 26, j = 0; i <= 51; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('a' + j);
}

for (int i = 52, j = 0; i <= 61; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('0' + j);
}
lookUpBase64Alphabet[62] = (char) '+';
lookUpBase64Alphabet[63] = (char) '/';

}

private static boolean isWhiteSpace(char octect) {
return (octect == 0x20 || octect == 0xd || octect == 0xa || octect == 0x9);
}

private static boolean isPad(char octect) {
return (octect == PAD);
}

private static boolean isData(char octect) {
return (octect < BASE_LENGTH && base64Alphabet[octect] != -1);
}

/**
* Encodes hex octects into Base64
*
* @param binaryData Array containing binaryData
* @return Encoded Base64 array
*/
public static String encode(byte[] binaryData) {

if (binaryData == null) {
return null;
}

int lengthDataBits = binaryData.length * EIGHT_BIT;
if (lengthDataBits == 0) {
return "";
}

int fewerThan24bits = lengthDataBits % TWENTY_FOUR_BIT_GROUP;
int numberTriplets = lengthDataBits / TWENTY_FOUR_BIT_GROUP;
int numberQuartet = fewerThan24bits != 0 ? numberTriplets + 1 : numberTriplets;
char encodedData[] = null;

encodedData = new char[numberQuartet * 4];

byte k = 0, l = 0, b1 = 0, b2 = 0, b3 = 0;

int encodedIndex = 0;
int dataIndex = 0;
if (fDebug) {
System.out.println("number of triplets = " + numberTriplets);
}

for (int i = 0; i < numberTriplets; i++) {
b1 = binaryData[dataIndex++];
b2 = binaryData[dataIndex++];
b3 = binaryData[dataIndex++];

if (fDebug) {
System.out.println("b1= " + b1 + ", b2= " + b2 + ", b3= " + b3);
}

l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);

byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
byte val3 = ((b3 & SIGN) == 0) ? (byte) (b3 >> 6) : (byte) ((b3) >> 6 ^ 0xfc);

if (fDebug) {
System.out.println("val2 = " + val2);
System.out.println("k4 = " + (k << 4));
System.out.println("vak = " + (val2 | (k << 4)));
}

encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[(l << 2) | val3];
encodedData[encodedIndex++] = lookUpBase64Alphabet[b3 & 0x3f];
}

// form integral number of 6-bit groups
if (fewerThan24bits == EIGHT_BIT) {
b1 = binaryData[dataIndex];
k = (byte) (b1 & 0x03);
if (fDebug) {
System.out.println("b1=" + b1);
System.out.println("b1<<2 = " + (b1 >> 2));
}
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[k << 4];
encodedData[encodedIndex++] = PAD;
encodedData[encodedIndex++] = PAD;
} else if (fewerThan24bits == SIXTEEN_BIT) {
b1 = binaryData[dataIndex];
b2 = binaryData[dataIndex + 1];
l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);

byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);

encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[l << 2];
encodedData[encodedIndex++] = PAD;
}

return new String(encodedData);
}

/**
* Decodes Base64 data into octects
*
* @param encoded string containing Base64 data
* @return Array containind decoded data.
*/
public static byte[] decode(String encoded) {

if (encoded == null) {
return null;
}

char[] base64Data = encoded.toCharArray();
// remove white spaces
int len = removeWhiteSpace(base64Data);

if (len % FOUR_BYTE != 0) {
return null;//should be divisible by four
}

int numberQuadruple = (len / FOUR_BYTE);

if (numberQuadruple == 0) {
return new byte[0];
}

byte decodedData[] = null;
byte b1 = 0, b2 = 0, b3 = 0, b4 = 0;
char d1 = 0, d2 = 0, d3 = 0, d4 = 0;

int i = 0;
int encodedIndex = 0;
int dataIndex = 0;
decodedData = new byte[(numberQuadruple) * 3];

for (; i < numberQuadruple - 1; i++) {

if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))
|| !isData((d3 = base64Data[dataIndex++]))
|| !isData((d4 = base64Data[dataIndex++]))) {
return null;
}//if found "no data" just return null

b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];

decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
}

if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))) {
return null;//if found "no data" just return null
}

b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];

d3 = base64Data[dataIndex++];
d4 = base64Data[dataIndex++];
if (!isData((d3)) || !isData((d4))) {//Check if they are PAD characters
if (isPad(d3) && isPad(d4)) {
if ((b2 & 0xf) != 0)//last 4 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 1];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex] = (byte) (b1 << 2 | b2 >> 4);
return tmp;
} else if (!isPad(d3) && isPad(d4)) {
b3 = base64Alphabet[d3];
if ((b3 & 0x3) != 0)//last 2 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 2];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
tmp[encodedIndex] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
return tmp;
} else {
return null;
}
} else { //No PAD e.g 3cQl
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];
decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);

}

return decodedData;
}

/**
* remove WhiteSpace from MIME containing encoded Base64 data.
*
* @param data the byte array of base64 data (with WS)
* @return the new length
*/
private static int removeWhiteSpace(char[] data) {
if (data == null) {
return 0;
}

// count characters that's not whitespace
int newSize = 0;
int len = data.length;
for (int i = 0; i < len; i++) {
if (!isWhiteSpace(data[i])) {
data[newSize++] = data[i];
}
}
return newSize;
}
}
}

免登申请

  • 填写相关申请单