Discuz! 3.5 的 UCenter 接口返回 Access denied for operation changed

weekdaysun · 发表于 2025-5-12 15:54:46

public String ucApiPost(String module, String action, Map<String, Object> arg) {
StringBuffer s = new StringBuffer();
String sep = "";
//foreach(arg as k => v) {
for (String k : arg.keySet()) {
//k = (k);
Object v = arg.get(k);
k = urlencode(k);
if (v.getClass().isAssignableFrom(Map.class)) {
String s2 = "";
String sep2 = "";
//foreach(v as k2 => v2) {
for (String k2 : ((Map<String, Object>) v).keySet()) {
Object v2 = ((Map<String, Object>) v).get(k2);
k2 = urlencode(k2);
s2 += sep2 + "{" + k + "}[" + k2 + "]=" + urlencode(ucStripslashes(String.valueOf(v2)));
sep2 = "&";
}
s.append(sep).append(s2);
} else {
s.append(sep).append(k).append("=").append(urlencode(ucStripslashes(String.valueOf(v))));
}
sep = "&";
}
String postdata = ucApiRequestdata(module, action, s.toString(), "");
return ucFopen2(UC_API + "/index.php", 500000, postdata, "", true, UC_IP, 20, true);
// return ucFopen2(UC_API, 500000, postdata, "", true, UC_IP, 20, true);
}
/**
* 构造发送给用户中心的请求数据
*
* @param module 请求的模块
* @param action 请求的动作
* @param arg 参数（会加密的方式传送）
* @param extra 附加参数（传送时不加密）
* @return string
*/
protected String ucApiRequestdata(String module, String action, String arg, String extra) {
String input = ucApiInput(arg, module, action);
String post = "m=" + module + "&a=" + action + "&inajax=2&release=" + UC_CLIENT_RELEASE + "&input=" + input + "&appid=" + UC_APPID + extra;
return post;
}
protected String ucApiUrl(String module, String action, String arg, String extra) {
String url = UC_API + "/index.php?" + ucApiRequestdata(module, action, arg, extra);
return url;
}
public String ucApiInput(String data, String module, String action) {
data = data + "&m="+ module + "&a=" + action + "&appid=" + UC_APPID;
//String s = data;
//String s = urlencode(uc_authcode(data+"&agent="+md5(_SERVER["HTTP_USER_AGENT"])+"&time="+time(), "ENCODE", UC_KEY));
String s = urlencode(ucAuthcode(data + "&agent=" + md5(HTTP_USER_AGENT) + "&time=" + time(), "ENCODE", UC_KEY));
//String s = urlencode(ucAuthcode(data + "&agent=" + md5("") + "&time=" + time(), "ENCODE", UC_KEY));
return s;
}

复制代码

我的版本是3.5的discuz,ucenter2.0,也报"Access denied for agent changed"这个错，client代码中，也都按照“专家”的步骤实现了。搞不懂哪里的问题了

weekdaysun · 发表于 2025-5-12 15:55:51

weekdaysun 发表于 2025-5-12 15:52
我的版本是3.5的discuz,ucenter2.0,也不报这个错，client代码中，也都按照“专家”的步骤实现了。搞不懂哪 ...

也报Access denied for agent changed的错误

weekdaysun · 发表于 2025-5-12 16:01:24

@Override
public String ucApiPost(String module, String action, Map<String, Object> arg) {
StringBuffer s = new StringBuffer();
String sep = "";
//foreach(arg as k => v) {
for (String k : arg.keySet()) {
//k = (k);
Object v = arg.get(k);
k = urlencode(k);
if (v.getClass().isAssignableFrom(Map.class)) {
String s2 = "";
String sep2 = "";
//foreach(v as k2 => v2) {
for (String k2 : ((Map<String, Object>) v).keySet()) {
Object v2 = ((Map<String, Object>) v).get(k2);
k2 = urlencode(k2);
s2 += sep2 + "{" + k + "}[" + k2 + "]=" + urlencode(ucStripslashes(String.valueOf(v2)));
sep2 = "&";
}
s.append(sep).append(s2);
} else {
s.append(sep).append(k).append("=").append(urlencode(ucStripslashes(String.valueOf(v))));
}
sep = "&";
}
String postdata = ucApiRequestdata(module, action, s.toString(), "");
return ucFopen2(UC_API + "/index.php", 500000, postdata, "", true, UC_IP, 20, true);
// return ucFopen2(UC_API, 500000, postdata, "", true, UC_IP, 20, true);
}
/**
* 构造发送给用户中心的请求数据
*
* @param module 请求的模块
* @param action 请求的动作
* @param arg 参数（会加密的方式传送）
* @param extra 附加参数（传送时不加密）
* @return string
*/
protected String ucApiRequestdata(String module, String action, String arg, String extra) {
String input = ucApiInput(arg, module, action);
String post = "m=" + module + "&a=" + action + "&inajax=2&release=" + UC_CLIENT_RELEASE + "&input=" + input + "&appid=" + UC_APPID + extra;
return post;
}
protected String ucApiUrl(String module, String action, String arg, String extra) {
String url = UC_API + "/index.php?" + ucApiRequestdata(module, action, arg, extra);
return url;
}
public String ucApiInput(String data, String module, String action) {
data = data + "&m="+ module + "&a=" + action + "&appid=" + UC_APPID;
//String s = data;
//String s = urlencode(uc_authcode(data+"&agent="+md5(_SERVER["HTTP_USER_AGENT"])+"&time="+time(), "ENCODE", UC_KEY));
String s = urlencode(ucAuthcode(data + "&agent=" + md5(HTTP_USER_AGENT) + "&time=" + time(), "ENCODE", UC_KEY));
//String s = urlencode(ucAuthcode(data + "&agent=" + md5("") + "&time=" + time(), "ENCODE", UC_KEY));
return s;
}

复制代码

脑壳疼，目前按钮“专家”的步骤实现了java语言的client，但依然返回Access denied for agent changed；版本discuz3.5，ucenter2.0(之前1.7的也返回相同的错)；在ucenter中和java应用通信是成功的。
希望大神们能够回复一下

weekdaysun · 发表于 2025-5-12 16:03:52

weekdaysun 发表于 2025-5-12 16:01
脑壳疼，目前按钮“专家”的步骤实现了java语言的client，但依然返回Access denied for agent changed；版 ...

public String ucAuthcode(String string, String operation, String key, int expiry) {
int ckey_length = 4; //note 随机密钥长度取值 0-32;
//note 加入随机密钥，可以令密文无任何规律，即便是原文和密钥完全相同，加密结果也会每次不同，增大破解难度。
//note 取值越大，密文变动规律越大，密文变化 = 16 的 ckey_length 次方
//note 当此值为 0 时，则不产生随机密钥
key = md5(key != null ? key : UC_KEY);
String keya = md5(substr(key, 0, 16));
String keyb = md5(substr(key, 16, 16));
String keyc = ckey_length > 0 ? (operation.equals("DECODE") ? substr(string, 0, ckey_length) : substr(md5(microTime()), -ckey_length)) : "";
String cryptkey = keya + md5(keya + keyc);
int key_length = cryptkey.length();
string = operation.equals("DECODE") ? base64Decode(substr(string, ckey_length)) : sprintf("%010d", expiry > 0 ? expiry + time() : 0) + substr(md5(string + keyb), 0, 16) + string;
int string_length = string.length();
StringBuffer result1 = new StringBuffer();
int[] box = new int[256];
for (int i = 0; i < 256; i++) {
box[i] = i;
}
int[] rndkey = new int[256];
for (int i = 0; i <= 255; i++) {
rndkey[i] = (int) cryptkey.charAt(i % key_length);
}
int j = 0;
for (int i = 0; i < 256; i++) {
j = (j + box[i] + rndkey[i]) % 256;
int tmp = box[i];
box[i] = box[j];
box[j] = tmp;
}
j = 0;
int a = 0;
for (int i = 0; i < string_length; i++) {
a = (a + 1) % 256;
j = (j + box[a]) % 256;
int tmp = box[a];
box[a] = box[j];
box[j] = tmp;
result1.append((char) (((int) string.charAt(i)) ^ (box[(box[a] + box[j]) % 256])));
}
if (operation.equals("DECODE")) {
String result = result1.toString();
try {
result = new String(result.getBytes(StandardCharsets.ISO_8859_1), StandardCharsets.UTF_8);
} catch (Exception e) {
result = result1.substring(0, result1.length());
}
if ((Integer.parseInt(substr(result, 0, 10)) == 0 || Long.parseLong(substr(result, 0, 10)) - time() > 0) && substr(result, 10, 16).equals(substr(md5(substr(result, 26) + keyb), 0, 16))) {
return substr(result, 26);
} else {
return "";
}
} else {
return keyc + base64Encode(result1.toString()).replaceAll("=", "");
}
}

复制代码

加密算法比对php版本的，逻辑也一致

[已解决] Discuz! 3.5 的 UCenter 接口返回 Access denied for operation changed

浏览过的版块

产品服务

开发者服务

使用教程