Mixguard SDK 开发者文档

HSSecurity 移动端 SDK 集成指南 · 版本 1.0.0

概述

Mixguard SDK(HSSecurity)核心能力:

快速开始

1. 获取 SDK

2. 最简接入

3. 可选:请求签名

iOS 集成

添加 Framework

最简示例

#import <HSSecurity/HSSecSdk.hpp>

HSSecSdk* sdk = new HSSecSdk();
HSSetting hsSetting;
hsSetting.token = @"YOUR_DASH_TOKEN";
sdk->initSDK(hsSetting);

// Optional: bind a business account; SDK uses device ID automatically if omitted
// sdk->setUserId(@"user_12345");

可选:请求签名

// Optional: only when your gateway validates signatures
long reqTime = (long)([[NSDate date] timeIntervalSince1970] * 1000);
NSString* path = @"/api/v1/order";
NSString* body = @"";  // Base64 request body; pass @"" if empty

NSString* signx = sdk->signx(reqTime, path, body);
NSString* signy = sdk->signy(reqTime, path, body);
// HTTP Headers: X-Req-Time, X-Sign-X, X-Sign-Y

Android 集成

添加 Native 库

最简示例

import com.heisha.hssecure.HSClientJni;
import com.heisha.hssecure.HSSetting;

HSSetting hsSetting = new HSSetting();
hsSetting.token = "YOUR_DASH_TOKEN";
HSClientJni.initSDK(hsSetting);

// Optional: bind a business account; SDK uses device ID automatically if omitted
// HSClientJni.setUserId("user_12345");

可选:请求签名

long reqTime = System.currentTimeMillis();
String signx = HSClientJni.signx(reqTime, "/api/v1/order", "");
String signy = HSClientJni.signy(reqTime, "/api/v1/order", "");

请求签名(可选)

Header类型说明
X-Req-Timelong
X-Sign-Xstring
X-Sign-Ystring

服务端验签与解密

decrypt-signx

POST https://api.appmixguard.com/security/decrypt-signx

字段 必填 说明
token
signx
reqTime
path
body
company
appId
platform
 
curl -X POST https://api.appmixguard.com/security/decrypt-signx \
  -H "Content-Type: application/json" \
  -d '{
    "token": "YOUR_DASH_TOKEN",
    "signx": "X-Sign-X header value",
    "reqTime": 1735267651812,
    "path": "/api/v1/order",
    "body": "",
    "company": "",
    "appId": "",
    "platform": "ios"
  }'

{
  "code": 0,
  "message": "success",
  "data": {
    "valid": true,
    "plaintext": "1735267651812/api/v1/order...0.0.1",
    "platform": "ios",
    "reqTime": 1735267651812,
    "path": "/api/v1/order",
    "body": ""
  }
}

decrypt-signy

POST https://api.appmixguard.com/security/decrypt-signy

字段 必填 说明
token
signy
platform
 
curl -X POST https://api.appmixguard.com/security/decrypt-signy \
  -H "Content-Type: application/json" \
  -d '{
    "token": "YOUR_DASH_TOKEN",
    "signy": "X-Sign-Y header value",
    "platform": "android"
  }'

{
  "code": 0,
  "message": "success",
  "data": {
    "format": "json",
    "platform": "ios",
    "raw": "{...}",
    "device": {
      "bundle_id": "com.example.app",
      "phone_model": "iPhone15,2",
      "is_jailbroken": 0,
      "network_type": "WiFi",
      "token": "YOUR_DASH_TOKEN"
    }
  }
}

错误码

code含义
0
-1
-2
-3

signy 与 report 检测深度

模式 触发时机 检测深度 用途
signy (Basic)
report (Full)

风险评分与处置

字段说明
trustScore
riskScore
severity
suggestedAction

常见问题