diff --git a/internal/domains/api/services/processors/jrzq/jrzqv3hm_processor.go b/internal/domains/api/services/processors/jrzq/jrzqv3hm_processor.go index a50d519..b095f52 100644 --- a/internal/domains/api/services/processors/jrzq/jrzqv3hm_processor.go +++ b/internal/domains/api/services/processors/jrzq/jrzqv3hm_processor.go @@ -2,8 +2,6 @@ package jrzq import ( "context" - "crypto/md5" - "encoding/hex" "encoding/json" "errors" @@ -23,18 +21,16 @@ func ProcessJRZQV3HMRequest(ctx context.Context, params []byte, deps *processors return nil, errors.Join(processors.ErrInvalidParam, err) } - idCardHash := md5.Sum([]byte(paramsDto.IDCard)) - mobileHash := md5.Sum([]byte(paramsDto.MobileNo)) - body := map[string]string{ - "idCard": hex.EncodeToString(idCardHash[:]), - "mobile": hex.EncodeToString(mobileHash[:]), + "idCard": paramsDto.IDCard, + "mobile": paramsDto.MobileNo, } nuoerDoCheckAPIKey := "blackListV121_3_1" ApiPath := "/v1/doCheck" - resp, err := deps.NuoerService.CallAPI(ctx, nuoerDoCheckAPIKey, ApiPath, body) + // 该产品仅支持 MD5 入参(encryptionType=2) + resp, err := deps.NuoerService.CallAPI(ctx, nuoerDoCheckAPIKey, ApiPath, body, 2) if err != nil { if errors.Is(err, nuoer.ErrDatasource) { return nil, errors.Join(processors.ErrDatasource, err) diff --git a/internal/infrastructure/external/nuoer/crypto.go b/internal/infrastructure/external/nuoer/crypto.go index 7fb1398..9c285a8 100644 --- a/internal/infrastructure/external/nuoer/crypto.go +++ b/internal/infrastructure/external/nuoer/crypto.go @@ -36,3 +36,24 @@ func genMD5(s string) string { sum := md5.Sum([]byte(s)) return hex.EncodeToString(sum[:]) } + +// MD5Encrypt 对业务入参做 MD5 加密(小写十六进制),用于 encryptionType=2。 +func MD5Encrypt(plaintext string) string { + return genMD5(plaintext) +} + +// encryptBodyMD5 将 body 中各非空字段值转为 MD5 密文。 +func encryptBodyMD5(body map[string]string) map[string]string { + if len(body) == 0 { + return body + } + encrypted := make(map[string]string, len(body)) + for k, v := range body { + if strings.TrimSpace(v) == "" { + encrypted[k] = v + continue + } + encrypted[k] = MD5Encrypt(v) + } + return encrypted +} diff --git a/internal/infrastructure/external/nuoer/crypto_test.go b/internal/infrastructure/external/nuoer/crypto_test.go index bd101c8..ebe97e6 100644 --- a/internal/infrastructure/external/nuoer/crypto_test.go +++ b/internal/infrastructure/external/nuoer/crypto_test.go @@ -2,6 +2,28 @@ package nuoer import "testing" +func TestMD5Encrypt(t *testing.T) { + got := MD5Encrypt("13290879000") + want := genMD5("13290879000") + if got != want { + t.Fatalf("MD5Encrypt mismatch: got %s want %s", got, want) + } +} + +func TestEncryptBodyMD5(t *testing.T) { + body := map[string]string{ + "idCard": "330129199511153412", + "mobile": "13290879000", + } + got := encryptBodyMD5(body) + if got["idCard"] != MD5Encrypt("330129199511153412") { + t.Fatalf("idCard not encrypted: got %s", got["idCard"]) + } + if got["mobile"] != MD5Encrypt("13290879000") { + t.Fatalf("mobile not encrypted: got %s", got["mobile"]) + } +} + func TestSign(t *testing.T) { body := map[string]string{ "name": "张三", diff --git a/internal/infrastructure/external/nuoer/nuoer_service.go b/internal/infrastructure/external/nuoer/nuoer_service.go index ffcd1d6..fd7c03d 100644 --- a/internal/infrastructure/external/nuoer/nuoer_service.go +++ b/internal/infrastructure/external/nuoer/nuoer_service.go @@ -90,7 +90,7 @@ func (s *NuoerService) logError(transactionID, apiKey, seqNo string, err error, s.logger.LogError(seqNo, transactionID, apiKey, err, payload) } -func (s *NuoerService) CallAPI(ctx context.Context, apiKey, apiPath string, body map[string]string) (*nuoerResponse, error) { +func (s *NuoerService) CallAPI(ctx context.Context, apiKey, apiPath string, body map[string]string, encryptionType ...int) (*nuoerResponse, error) { requestURL := strings.TrimSuffix(s.config.URL, "/") if apiPath != "" { if !strings.HasPrefix(apiPath, "/") { @@ -106,14 +106,27 @@ func (s *NuoerService) CallAPI(ctx context.Context, apiKey, apiPath string, body transactionID = id } - // 对调用方传入的 body 全量参与加签(排除空值,按 key 升序,见 Sign) - sign := Sign(body, s.config.AppSecret) + var encType int + if len(encryptionType) > 0 { + encType = encryptionType[0] + } + + requestBody := body + if encType == 2 { + requestBody = encryptBodyMD5(body) + } + + // 对请求 body 全量参与加签(排除空值,按 key 升序,见 Sign) + sign := Sign(requestBody, s.config.AppSecret) requestPayload := map[string]interface{}{ "appId": s.config.AppID, "sign": sign, "apiKey": apiKey, - "body": body, + "body": requestBody, + } + if encType > 0 { + requestPayload["encryptionType"] = encType } if s.logger != nil {