- remove app_secret from jddj api request

platformapi/jdapi/callback.go

@@ -96,7 +96,6 @@ func (a *API) unmarshalData(strData string, msg interface{}) (callbackResponse *
 
 func (a *API) CheckCallbackValidation(values url.Values) (callbackResponse *CallbackResponse) {
 	mapData := utils.URLValues2Map(values)
-	mapData["app_secret"] = a.appSecret
 	sign := a.signParams(mapData)
 	if sign != values.Get(signKey) {
 		baseapi.SugarLogger.Infof("Signature is not ok, mine:%v, get:%v", sign, values.Get(signKey))

platformapi/jdapi/jdapi.go

@@ -51,6 +51,8 @@ const (
 const (
 	prodURL      = "https://openapi.jddj.com/djapi"
 	signKey      = "sign"
+	appSecretKey = "app_secret"
+
 	AllPage         = 0
 	DefaultPageSize = 50
 
@@ -105,18 +107,17 @@ type PageResultParser func(map[string]interface{}, int) ([]interface{}, int, err
 func (a *API) signParams(jdParams map[string]interface{}) string {
 	var keys []string
 	for k := range jdParams {
-		if k != "app_secret" && k != signKey {
+		if k != signKey {
 			keys = append(keys, k)
 		}
 	}
 
 	sort.Strings(keys)
-	secretStr := fmt.Sprint(jdParams["app_secret"])
+	allStr := a.appSecret
-	allStr := secretStr
 	for _, k := range keys {
 		allStr += k + fmt.Sprint(jdParams[k])
 	}
-	allStr = allStr + secretStr
+	allStr = allStr + a.appSecret
 
 	return fmt.Sprintf("%X", md5.Sum([]byte(allStr)))
 }
@@ -140,7 +141,6 @@ func (a *API) AccessAPI(apiStr string, jdParams map[string]interface{}) (retVal
 	params["v"] = "1.0"
 	params["format"] = "json"
 	params["app_key"] = a.appKey
-	params["app_secret"] = a.appSecret
 	params["token"] = a.token
 
 	if jdParams == nil {

platformapi/jdapi/order_test.go

@@ -93,7 +93,6 @@ func TestSimulateSendNewOrderMsg(t *testing.T) {
 	params.Set(paramJson, string(utils.MustMarshal(orderInfo)))
 
 	mapData := utils.URLValues2Map(params)
-	mapData["app_secret"] = jdapi.appSecret
 	params.Set(signKey, jdapi.signParams(mapData))
 
 	response, err := http.PostForm("http://callback.test.jxc4.com/djsw/newOrder", params)