apifox调用jar程序

背景：测试接口要用到签名，所以想通过apifox直接设置签名相关字段

解决方案：开始是准备些javascript脚本，但是一直存在依赖的方法找不到问题，后面知道可以调用java程序，简直方便多了

一、写java程序，并打出可执行的jar包

我是现有的springboot程序上修改的，

1、先写生成签名的方法工具方法

import cn.hutool.core.util.StrUtil;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.*;public class RSAUtil {private static final ObjectMapper objectMapper = new ObjectMapper();private static final String SIGNATURE_ALGORITHM = "SHA256withRSA";/*** 使用私钥对数据进行签名*/public static String sign(String data, PrivateKey privateKey) throws Exception {Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);signature.initSign(privateKey);signature.update(data.getBytes(StandardCharsets.UTF_8));byte[] signBytes = signature.sign();return Base64.getEncoder().encodeToString(signBytes);}/*** 从Base64编码字符串加载私钥*/public static PrivateKey loadPrivateKey(String base64PrivateKey) throws Exception {byte[] keyBytes = Base64.getDecoder().decode(base64PrivateKey);PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance("RSA");return keyFactory.generatePrivate(spec);}/*** 从文件加载私钥*/public static PrivateKey loadPrivateKeyFromFile(String filePath) throws Exception {System.getProperty("user.dir");byte[] keyBytes = Files.readAllBytes(new File(filePath).toPath());PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance("RSA");return keyFactory.generatePrivate(spec);}public static String buildDataToSign(String requestBody, long timestamp, String nonce, String sessionId) throws JsonProcessingException {StringBuilder content = new StringBuilder();if(StrUtil.isNotBlank(requestBody)){content.append("body=").append(requestBody.replaceAll("\\s+", "").trim()).append("&");}content.append("timestamp=").append(timestamp).append("&");content.append("nonce=").append(nonce).append("&");if(StrUtil.isNotBlank(sessionId)){content.append("sessionId=").append(sessionId).append("&");}return content.toString().substring(0, content.length() - 1);}public static String buildDataToSignForSort(String requestBody, long timestamp, String nonce, String sessionId) throws JsonProcessingException {// 将请求体转换为MapMap<String, Object> params = new LinkedHashMap();if(StrUtil.isNotBlank(requestBody)){params = objectMapper.readValue(requestBody.replaceAll("\\s+", "").trim(), LinkedHashMap.class);}params.put("timestamp", timestamp);params.put("nonce", nonce);if(StrUtil.isNotBlank(sessionId)){params.put("sessionId", sessionId);}SortedMap<String, Object> sortedParams = new TreeMap<>(params);StringBuilder content = new StringBuilder();for (String key : sortedParams.keySet()) {if ("sign".equals(key)) continue; // 排除签名本身if (sortedParams.get(key) != null) { // 忽略值为null的字段content.append(key).append("=").append(sortedParams.get(key)).append("&");}}String str= content.toString().substring(0, content.length() - 1); // 移除最后一个 &return str;}
}

2、写main方法，根据参数生成签名

@SpringBootApplication
public class TestApplication {public static void main(String[] args) {String rsaPrivateKey = "yourprivatekey";String requestBody = args[0];Long timestamp = StrUtil.isBlank( args[1]) ? null : Long.parseLong( args[1]);String nonce = args[2];String sessionId = null;if(args.length>3){sessionId = args[3];}try {// 构造待验签的数据String dataToVerify = RSAUtil.buildDataToSign(requestBody, timestamp, nonce, sessionId);PrivateKey privateKey = RSAUtil.loadPrivateKey(rsaPrivateKey);String genPrivateSignStr = RSAUtil.sign(dataToVerify, privateKey);System.out.println(genPrivateSignStr);} catch (Exception e) {throw new RuntimeException(e);}}
}

3、生成jar包：RSA.jar

可以通过命令行验证jar包是否正常，java -jar RSA .jar 参数等等

二、配置apifox

1、引入jar包

找到设置-》外部程序，打开目录，然后把RSA.jar拷贝到这个目录下

2、配置环境变量

配置后会往这个里面设置值

3、编写前置操作的脚本

选择前置操作-》增加前置操作-》自定义脚本

// 获取当前时间戳（毫秒）
const timestamp = Date.now();// 生成随机数（nonce）
const nonce = btoa(Math.random().toString().slice(2)).slice(0, 16);// 检查是否需要 sessionId（例如通过环境变量或请求参数获取）
let sessionId = pm.variables.get('sessionId') || '';// 获取请求体内容
// const requestBody = JSON.stringify(pm.request.body.raw);
// const requestBodyRaw = pm.request.body.raw;
let requestBodyRaw = pm.request.body.raw;
// 检查 requestBodyRaw 是否为 null 或者仅包含空白字符
if (!requestBodyRaw || requestBodyRaw.trim() === '') {requestBodyRaw = ''; // 设置为空字符串
} 
const requestBody = typeof requestBodyRaw === 'string' ? requestBodyRaw.trim() : JSON.stringify(requestBodyRaw);// var requestBodyRaw2 = requestBodyRaw;
// // 确保 requestBody 是原始的 JSON 字符串，并且清理多余空白字符
// if (typeof requestBodyRaw === 'string') {
//     // 去除多余的空白字符（包括换行符和制表符）
//     requestBodyRaw2 = requestBodyRaw2.trim().replace(/\s+/g, ' ');//     // 如果 JSON 字符串中包含转义的双引号，尝试修复它们
//     requestBodyRaw2 = requestBodyRaw2.replace(/\\\"/g, '"');
// }const urlPathArray = pm.request.url.path;
// 定义你想要匹配的最后一级路径
const targetLastPath = 'login';
if (urlPathArray.length === 0) {console.log("URL 路径为空");
} else {// 获取最后一级路径const lastPath = urlPathArray[urlPathArray.length - 1];if (lastPath === targetLastPath) {sessionId  = ''; // 设置为空字符串} 
}const signatureBase64 = pm.execute("RSA.jar", [requestBody, timestamp, nonce, sessionId]);// 将签名设置到环境变量中，以便在后续请求中使用
pm.environment.set("X-Signature", signatureBase64);
pm.environment.set("X-Timestamp", timestamp);
pm.environment.set("X-Nonce", nonce);// 打印签名结果，用于调试
console.log("Signature: ", signatureBase64);