loginTokenVerify Risk API
最近更新:2022-06-16

loginTokenVerify Risk API

功能说明

  • 提交loginToken,验证后返回手机号码,同时识别手机号的业务风险分值

调用地址

Android 和 iOS 使用

H5 一键登录和认证的 JSSDK 使用

请求示例

curl --insecure -X POST -v https://api.verification.jpush.cn/v2/web/loginTokenVerify -H "Content-Type: application/json" -u "7d431e42dfa6a6d693ac2d04:5e987ac6d2e04d95a9d8f0d1" -d '{"loginToken":"STsid0000001542695429579Ob28vB7b0cYTI9w0GGZrv8ujUu05qZvw","exID":"1234566","ip":"127.0.0.1"}'
             curl --insecure -X POST -v https://api.verification.jpush.cn/v2/web/loginTokenVerify -H "Content-Type: application/json" -u "7d431e42dfa6a6d693ac2d04:5e987ac6d2e04d95a9d8f0d1" -d '{"loginToken":"STsid0000001542695429579Ob28vB7b0cYTI9w0GGZrv8ujUu05qZvw","exID":"1234566","ip":"127.0.0.1"}'

        
此代码块在浮窗中显示
  • 请求参数
KEY TYPE REQUIRE DESCRIPTION
loginToken String True 认证SDK获取到的loginToken
ip String False sdk端ip
exID String False 开发者自定义的id,非必填

响应示例

请求成功

{"id":117270465679982592,"code":8000,"content":"get phone success","exID":"1234566","phone":"HpBLIQ/6SkFl0pAq0LMdw1aZ8RHoofgWmaY//LE+0ahkSdHC5oTCnjrR8Tj8y5naKVI03torFU+EzAQnwtVqAoQyYckT0S3Q02TKuAal3VRGiR5Lmp4g2A5Mh4/W5A4o6QFviHuBVJZE/WV0AzU5w4NGhpyQntOeF0UyovYATy4=", "score":0}
             {"id":117270465679982592,"code":8000,"content":"get phone success","exID":"1234566","phone":"HpBLIQ/6SkFl0pAq0LMdw1aZ8RHoofgWmaY//LE+0ahkSdHC5oTCnjrR8Tj8y5naKVI03torFU+EzAQnwtVqAoQyYckT0S3Q02TKuAal3VRGiR5Lmp4g2A5Mh4/W5A4o6QFviHuBVJZE/WV0AzU5w4NGhpyQntOeF0UyovYATy4=", "score":0}

        
此代码块在浮窗中显示

请求失败

{"code":8001,"content":"get phone fail"}
             {"code":8001,"content":"get phone fail"}

        
此代码块在浮窗中显示
  • 响应参数
KEY TYPE DESCRIPTION
id Long 流水号,请求出错时可能为空
exID String 开发者自定义的id,若请求时为空返回为空
code Integer 返回码
content String 返回码说明
score Integer 风险评分
phone String 加密后的手机号码,需用配置在极光的公钥对应的私钥解密

返回score说明

  • score字段表示当前号码的风险,分数越高,风险越大。范围为:[0, 900]
  • score 字段值的业务含义根据极光安全认证团队经验如下(仅供参考,可根据实际场景调配):
风险等级 含义描述
0 低风险 正常放行
300 中风险 可标记观察用户后续行为再进一步决策
600 中高风险 可采取进一步安全验证,或直接进行业务限制
900 高风险 可直接进行业务限制

RSA私钥解密示例

Java

import javax.crypto.Cipher; import java.security.KeyFactory; import java.security.PrivateKey; import java.security.spec.PKCS8EncodedKeySpec; import java.util.Base64; public class RSADecrypt { public static void main(String[] args) throws Exception { String encrypted = args[0]; String prikey = args[1]; String result = decrypt(encrypted, prikey); System.out.println(result); } public static String decrypt(String cryptograph, String prikey) throws Exception { PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(prikey)); PrivateKey privateKey = KeyFactory.getInstance("RSA").generatePrivate(keySpec); Cipher cipher=Cipher.getInstance("RSA"); cipher.init(Cipher.DECRYPT_MODE, privateKey); byte [] b = Base64.getDecoder().decode(cryptograph); return new String(cipher.doFinal(b)); } }
             import javax.crypto.Cipher;
   import java.security.KeyFactory;
   import java.security.PrivateKey;
   import java.security.spec.PKCS8EncodedKeySpec;
   import java.util.Base64;

   public class RSADecrypt {
       public static void main(String[] args) throws Exception {
           String encrypted = args[0];
           String prikey = args[1];

           String result = decrypt(encrypted, prikey);
           System.out.println(result);
       }

       public static String decrypt(String cryptograph, String prikey) throws Exception {
           PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(prikey));
           PrivateKey privateKey = KeyFactory.getInstance("RSA").generatePrivate(keySpec);

           Cipher cipher=Cipher.getInstance("RSA");
           cipher.init(Cipher.DECRYPT_MODE, privateKey);

           byte [] b = Base64.getDecoder().decode(cryptograph);
           return new String(cipher.doFinal(b));
       }
   }

        
此代码块在浮窗中显示

Python

#!/usr/bin/env python3 # 需要先安装 pycryptodome,直接使用 pip 安装即可,仅在 python3 环境下测试通过 from Crypto.PublicKey import RSA from Crypto.Cipher import PKCS1_v1_5 import base64 PREFIX = '-----BEGIN RSA PRIVATE KEY-----' SUFFIX = '-----END RSA PRIVATE KEY-----' encrypted = None prikey = None key = "{}\n{}\n{}".format(PREFIX, prikey, SUFFIX) cipher = PKCS1_v1_5.new(RSA.import_key(key)) result = cipher.decrypt(base64.b64decode(encrypted.encode()), None).decode() print(result)
             #!/usr/bin/env python3

   # 需要先安装 pycryptodome,直接使用 pip 安装即可,仅在 python3 环境下测试通过

   from Crypto.PublicKey import RSA
   from Crypto.Cipher import PKCS1_v1_5
   import base64

   PREFIX = '-----BEGIN RSA PRIVATE KEY-----'
   SUFFIX = '-----END RSA PRIVATE KEY-----'

   encrypted = None
   prikey = None

   key = "{}\n{}\n{}".format(PREFIX, prikey, SUFFIX)
   cipher = PKCS1_v1_5.new(RSA.import_key(key))
   result = cipher.decrypt(base64.b64decode(encrypted.encode()), None).decode()

   print(result)

        
此代码块在浮窗中显示

PHP

// https://www.php.net/manual/en/function.openssl-private-decrypt.php $prefix = '-----BEGIN PRIVATE KEY-----'; $suffix = '-----END PRIVATE KEY-----'; $result = ''; $encrypted = null; $prikey = null; $key = $prefix . "\n" . $prikey . "\n" . $suffix; $r = openssl_private_decrypt(base64_decode($encrypted), $result, openssl_pkey_get_private($key)); echo $result . "\n";
             // https://www.php.net/manual/en/function.openssl-private-decrypt.php

   $prefix = '-----BEGIN PRIVATE KEY-----';
   $suffix = '-----END PRIVATE KEY-----';
   $result = '';

   $encrypted = null;
   $prikey = null;

   $key = $prefix . "\n" . $prikey . "\n" . $suffix;
   $r = openssl_private_decrypt(base64_decode($encrypted), $result, openssl_pkey_get_private($key));

   echo $result . "\n";

        
此代码块在浮窗中显示
文档内容是否对您有帮助?

Copyright 2011-2022, jiguang.cn, All Rights Reserved. 粤ICP备12056275号-13 深圳市和讯华谷信息技术有限公司

在文档中心打开