package com.welab.automation.framework.utils.api;
import com.welab.automation.framework.GlobalVar;
import com.welab.automation.framework.utils.entity.api.SignatureUtil;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.TrustStrategy;
import org.apache.http.util.EntityUtils;
import org.json.JSONObject;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.net.ssl.*;
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.security.*;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.Date;
import java.util.HashMap;
import java.util.UUID;
public class CallFicoUtils {
HashMap<String,String> map = new HashMap<>();
public static void main(String[] args) {
CallFicoUtils callFicoUtils = new CallFicoUtils();
//callFicoUtils.callFico();
// String token = callFicoUtils.getToken("qatest102", "Aa123456");
// System.out.println("token: " + token);
// callFicoUtils.callFico("1351963705725952000");
callFicoUtils.getJwt("1351963705725952000");
}
public String getToken(String user, String password){
getPublicKey();
getOffSet();
return getAccessToken(user, password);
}
public String getJwt(String customerId){
String jwtToken="";
try {
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
// 信任所有证书
public boolean isTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
return true;
}
}).build();
// 创建主机名验证器,用于绕过主机名验证
HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE;
// 创建 SSL 连接套接字工厂,将自定义的 SSL 上下文和主机名验证器应用于 HTTPS 连接
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
// 创建自定义的 CloseableHttpClient 实例,将 SSL 连接套接字工厂应用于 HTTP 客户端
CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
String sitUrl = "https://api-sit3.dev-wlab.net/account-mob/v1/oauth/jwt-token?customerId="+customerId;
String staUrl = "https://api-sta2.sta-wlab.net/onboarding-pro/jwt/"+customerId;
HttpGet request = new HttpGet(sitUrl);
CloseableHttpResponse response = httpClient.execute(request);
HttpEntity entity = response.getEntity();
String responseBody = EntityUtils.toString(entity);
int statusCode = response.getStatusLine().getStatusCode();
System.out.println("Response Status Code: " + statusCode);
System.out.println("responseBody: " + responseBody);
JSONObject jsonObject = new JSONObject(responseBody);
jwtToken = jsonObject.getJSONObject("data").getString("jwtToken");
jwtToken="Bearer "+jwtToken;
System.out.println("jwtToken: " + jwtToken);
GlobalVar.GLOBAL_VARIABLES.put("jwtToken",jwtToken);
} catch (Exception e) {
e.printStackTrace();
}
return jwtToken;
}
public void callFico(){
//CLIENT_ID,CLIENT_SECRET Stage和SIT不一样
GlobalVar.GLOBAL_VARIABLES.put("CLIENT_ID","AHNxFv0FE61r8zfv8kemGwL06LNxS6aM");
GlobalVar.GLOBAL_VARIABLES.put("CLIENT_SECRET","fA52Bm6NkSGGPFPp");
GlobalVar.GLOBAL_VARIABLES.put("host","https://mapi.sta-wlab.com");
SignatureUtil signatureUtil = new SignatureUtil("qatest106","Aa123456");
signatureUtil.getPublicKeyReq();
int offset = signatureUtil.getOffset();
signatureUtil.createSignReq(offset);
}
public HttpGet setHeaderForPublicKey(HttpGet request){
request.setHeader("Authorization","Bearer jQU2z9GpqqlwzuOzP7Y2sQN5rTofqM1j6q7Z2sFTuFGGDbz8npihbc");
request.setHeader("Threat-Metrix-Session-Id","mock");
request.setHeader("idx-version","3.2");
request.setHeader("accept-language","en-US");
request.setHeader("Accept-Encoding","gzip,deflate,br");
request.setHeader("Client-Id","AHNxFv0FE61r8zfv8kemGwL06LNxS6aM");
request.setHeader("Client-Secret","fA52Bm6NkSGGPFPp");
request.setHeader("Accept","*/*");
request.setHeader("Content-Type","application/json;charset=utf-8");
return request;
}
public static String md5(String input) {
try {
// String md5Hex = DigestUtils.md5Hex(input);
// return md5Hex;
// 获取 MD5 摘要算法实例
MessageDigest md = MessageDigest.getInstance("MD5");
// 将输入转换为字节数组
byte[] messageDigest = md.digest(input.getBytes());
// 将字节数组转换为十六进制字符串
StringBuilder hexString = new StringBuilder();
for (byte b : messageDigest) {
String hex = Integer.toHexString(0xff & b);
if (hex.length() == 1) {
hexString.append('0');
}
hexString.append(hex);
}
return hexString.toString();
} catch (Exception e) {
// 处理异常
e.printStackTrace();
return null;
}
}
public static String createCipherEx(String publicKey, int offset,String TEST_ACCOUNT,String TEST_PASSWORD) {
try {
String publicKeyPEM = publicKey
.replace("-----BEGIN PUBLIC KEY-----", "")
.replaceAll(System.lineSeparator(), "")
.replace("-----END PUBLIC KEY-----", "");
GlobalVar.GLOBAL_VARIABLES.put("publicKeyPEM", publicKeyPEM);
byte[] pbks = Base64.getMimeDecoder().decode(publicKeyPEM);
int timestamp = Math.round(System.currentTimeMillis() / 1000);
//V2 add two param certSign , appVersion
//certhash
//ios: 3bd802e58930823bf2b206925c4c69c6
//Android: 9ecb077a717b2fb8c85bdab1f2a3d8c0
//appversion 1.8.70.310
String ios_certHash = "3bd802e58930823bf2b206925c4c69c6";
String android_certHash = "9ecb077a717b2fb8c85bdab1f2a3d8c0";
String certSign =md5(ios_certHash+timestamp);
String appVersion = "1.8.70.310";
X509EncodedKeySpec encodedKeySpec = new X509EncodedKeySpec(pbks);
PublicKey newPbk = KeyFactory.getInstance("RSA").generatePublic(encodedKeySpec);
OAEPParameterSpec oaepParameterSpec = new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), PSource.PSpecified.DEFAULT);
Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPPadding");
cipher.init(Cipher.ENCRYPT_MODE, newPbk, oaepParameterSpec);
com.alibaba.fastjson.JSONObject jsonObject = new com.alibaba.fastjson.JSONObject();
jsonObject.put("certSign", certSign);
jsonObject.put("appVersion", appVersion);
jsonObject.put("username", TEST_ACCOUNT);
jsonObject.put("authType", "PASSWORD");
jsonObject.put("authValue", TEST_PASSWORD);
jsonObject.put("timestamp", offset + timestamp);
System.out.println("timestamp is" + String.valueOf(timestamp));
jsonObject.put("salt", UUID.randomUUID().toString());
System.out.println("jsonObject is " + jsonObject.toJSONString());
byte[] bytes = cipher.doFinal(jsonObject.toString().getBytes());
System.out.println("Result: " + Base64.getEncoder().encodeToString(bytes));
return Base64.getEncoder().encodeToString(bytes);
} catch (Exception ex) {
System.out.println("system error from createCipherEx");
}
return "";
}
public String getPublicKey(){
String publicKey="";
CloseableHttpClient httpClient = HttpClients.createDefault();
try {
HttpGet request = new HttpGet("https://mapi.sta-wlab.com/v1/internal/public-key");
request = setHeaderForPublicKey(request);
CloseableHttpResponse response = httpClient.execute(request);
try {
HttpEntity entity = response.getEntity();
String responseBody = EntityUtils.toString(entity);
int statusCode = response.getStatusLine().getStatusCode();
System.out.println("Response Status Code: " + statusCode);
System.out.println("responseBody: " + responseBody);
JSONObject jsonObject = new JSONObject(responseBody);
publicKey = jsonObject.getJSONObject("data").getString("publicKey");
String version = jsonObject.getJSONObject("data").getString("version");
System.out.println("publicKey: " + publicKey);
map.put("version",version);
map.put("publicKey",publicKey);
} finally {
response.close();
}
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
httpClient.close();
} catch (Exception e) {
e.printStackTrace();
}
}
return publicKey;
}
public String getOffSet(){
System.out.println("Start Get OffSet!!!!!!!!");
String timeString = String.valueOf(new Date().getTime() / 1000);
String url="https://mapi.sta-wlab.com/v1/clock-skew?time="+timeString;
System.out.println(url);
String offSet="";
CloseableHttpClient httpClient = HttpClients.createDefault();
try {
//"https://mapi.sta-wlab.com/v1/clock-skew?time=1741942656"
HttpGet request = new HttpGet(url);
request = setHeaderForPublicKey(request);
CloseableHttpResponse response = httpClient.execute(request);
try {
HttpEntity entity = response.getEntity();
String responseBody = EntityUtils.toString(entity);
int statusCode = response.getStatusLine().getStatusCode();
System.out.println("Response Status Code: " + statusCode);
System.out.println("responseBody: " + responseBody);
JSONObject jsonObject = new JSONObject(responseBody);
offSet += jsonObject.getJSONObject("data").getInt("offset");
System.out.println("offSet: " + offSet);
map.put("offSet",offSet);
} finally {
response.close();
}
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
httpClient.close();
} catch (Exception e) {
e.printStackTrace();
}
}
return offSet;
}
public HttpPost setHeaderForAccessToken(HttpPost request){
request.setHeader("Authorization","Bearer jQU2z9GpqqlwzuOzP7Y2sQN5rTofqM1j6q7Z2sFTuFGGDbz8npihbc");
request.setHeader("Threat-Metrix-Session-Id","mock");
request.setHeader("idx-version","3.2");
request.setHeader("accept-language","en-US");
request.setHeader("Accept-Encoding","gzip,deflate,br");
request.setHeader("Client-Id","AHNxFv0FE61r8zfv8kemGwL06LNxS6aM");
request.setHeader("Client-Secret","fA52Bm6NkSGGPFPp");
request.setHeader("Accept","*/*");
request.setHeader("x-app-version","1.8.70.310");
request.setHeader("x-platform","ios");//android
request.setHeader("Content-Type","application/json;charset=utf-8");
return request;
}
public String getAccessToken(String user, String password){
int offset = Integer.parseInt(map.get("offSet"));
String credentials =createCipherEx(map.get("publicKey"), offset,user,password);
String v = "credentials="+credentials+"&authValue=PASSWORD&version="+map.get("version");
System.out.println("credentials: "+credentials);
String json = "{\n" +
" \"credentials\": \""+credentials+"\"," +
" \"authValue\": \"PASSWORD\"," +
" \"version\": \""+map.get("version")+"\"" +
"}";
System.out.println("json: " + json);
String accessToken="";
CloseableHttpClient httpClient = HttpClients.createDefault();
try {
HttpPost request = new HttpPost("https://mapi.sta-wlab.com/v2/oauth/token?authType=PASSWORD");
request.setEntity(new StringEntity(json));
request = setHeaderForAccessToken(request);
CloseableHttpResponse response = httpClient.execute(request);
try {
HttpEntity entity = response.getEntity();
String responseBody = EntityUtils.toString(entity);
int statusCode = response.getStatusLine().getStatusCode();
System.out.println("Response Status Code: " + statusCode);
System.out.println("responseBody: " + responseBody);
JSONObject jsonObject = new JSONObject(responseBody);
accessToken = jsonObject.getJSONObject("data").getString("accessToken");
System.out.println("accessToken: " + accessToken);
map.put("accessToken",accessToken);
} finally {
response.close();
}
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
httpClient.close();
} catch (Exception e) {
e.printStackTrace();
}
}
return accessToken;
}
public String callFico(String customerId){
String json="{\n" +
" \"ciamCustomerId\": \""+customerId+"\"," +
" \"isCreateAccount\": true," +
" \"ltAmlLastVDate\": \"2022-11-23T21:11:41.841Z\"," +
" \"ltAmlNextVDate\": \"2022-11-23T21:11:41.841Z\"," +
" \"reviewResult\": \"Approve\"," +
" \"riskLevelResult\": \"Low\"," +
" \"watchlistHitResult\": \"Y\"" +
"}";
System.out.println("json: " + json);
CloseableHttpClient httpClient = HttpClients.createDefault();
try {
HttpPost request = new HttpPost("https://api-sta2.sta-wlab.net/onboarding-pro/v1/onboarding-requests/fico-manual-reviews/callback");
request.setEntity(new StringEntity(json));
CloseableHttpResponse response = httpClient.execute(request);
try {
HttpEntity entity = response.getEntity();
String responseBody = EntityUtils.toString(entity);
int statusCode = response.getStatusLine().getStatusCode();
System.out.println("Response Status Code: " + statusCode);
System.out.println("responseBody: " + responseBody);
} finally {
response.close();
}
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
httpClient.close();
} catch (Exception e) {
e.printStackTrace();
}
}
return "";
}
public static void getToken(){
try {
String custiomerId="1350151013742682112";
String cmds = String.format("curl -X GET \"https://api-sta2.sta-wlab.net/onboarding-pro/jwt/"+custiomerId+"\" -H \"accept: */*\" -H \"Accept-Language: en-US\"");
// 执行CMD命令
System.out.println("Executing python script file now.");
Process pcs = Runtime.getRuntime().exec(cmds);
pcs.waitFor();
// System.out.println(pcs.waitFor());
// 定义Python脚本的返回值
String result = null;
// 获取CMD的返回流
BufferedInputStream in = new BufferedInputStream(pcs.getInputStream());// 字符流转换字节流
BufferedReader br = new BufferedReader(new InputStreamReader(in));// 这里也可以输出文本日志
String lineStr = null;
while ((lineStr = br.readLine()) != null) {
System.out.println(lineStr);
result = lineStr;//Python 代码中print的数据就是返回值
}
// 关闭输入流
br.close();
in.close();
System.out.println(result);
} catch (Exception e) {
e.printStackTrace();
}
}
}