From c27b32df4cc551e61b7fe1a99f46341d4ac5456e Mon Sep 17 00:00:00 2001
From: Liujian <824010343@qq.com>
Date: Sun, 24 Dec 2023 22:02:55 +0800
Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9Ejs=E6=8B=A6=E6=88=AA=E5=99=A8?=
 =?UTF-8?q?=E3=80=81rsa=E5=8A=A0=E5=AF=86=E6=8F=92=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/apinto/plugin.go                   |   4 +
 drivers/discovery/nacos/client.go      |   1 -
 drivers/plugins/js-inject/config.go    |  25 +++++
 drivers/plugins/js-inject/executor.go  |  86 +++++++++++++++
 drivers/plugins/js-inject/factory.go   |  18 +++
 drivers/plugins/js-inject/tool.go      |  90 +++++++++++++++
 drivers/plugins/rsa-filter/config.go   |  22 ++++
 drivers/plugins/rsa-filter/executor.go | 147 +++++++++++++++++++++++++
 drivers/plugins/rsa-filter/factory.go  |  18 +++
 drivers/plugins/rsa-filter/tool.go     | 109 ++++++++++++++++++
 drivers/router/listener.go             |   3 +-
 go.mod                                 |   2 +
 utils/encode.go                        |   9 +-
 13 files changed, 528 insertions(+), 6 deletions(-)
 create mode 100644 drivers/plugins/js-inject/config.go
 create mode 100644 drivers/plugins/js-inject/executor.go
 create mode 100644 drivers/plugins/js-inject/factory.go
 create mode 100644 drivers/plugins/js-inject/tool.go
 create mode 100644 drivers/plugins/rsa-filter/config.go
 create mode 100644 drivers/plugins/rsa-filter/executor.go
 create mode 100644 drivers/plugins/rsa-filter/factory.go
 create mode 100644 drivers/plugins/rsa-filter/tool.go

diff --git a/app/apinto/plugin.go b/app/apinto/plugin.go
index d26cf42c..c86bc485 100644
--- a/app/apinto/plugin.go
+++ b/app/apinto/plugin.go
@@ -8,6 +8,7 @@ import (
 	extra_params "github.com/eolinker/apinto/drivers/plugins/extra-params"
 	grpc_proxy_rewrite "github.com/eolinker/apinto/drivers/plugins/grpc-proxy-rewrite"
 	"github.com/eolinker/apinto/drivers/plugins/gzip"
+	js_inject "github.com/eolinker/apinto/drivers/plugins/js-inject"
 	params_check "github.com/eolinker/apinto/drivers/plugins/params-check"
 	"github.com/eolinker/apinto/drivers/plugins/prometheus"
 	request_file_parse "github.com/eolinker/apinto/drivers/plugins/request-file-parse"
@@ -15,6 +16,7 @@ import (
 	response_file_parse "github.com/eolinker/apinto/drivers/plugins/response-file-parse"
 	response_filter "github.com/eolinker/apinto/drivers/plugins/response-filter"
 	response_rewrite_v2 "github.com/eolinker/apinto/drivers/plugins/response-rewrite_v2"
+	rsa_filter "github.com/eolinker/apinto/drivers/plugins/rsa-filter"
 
 	access_log "github.com/eolinker/apinto/drivers/plugins/access-log"
 	body_check "github.com/eolinker/apinto/drivers/plugins/body-check"
@@ -88,6 +90,8 @@ func pluginRegister(extenderRegister eosc.IExtenderDriverRegister) {
 	cors.Register(extenderRegister)
 	circuit_breaker.Register(extenderRegister)
 	app.Register(extenderRegister)
+	rsa_filter.Register(extenderRegister)
+	js_inject.Register(extenderRegister)
 
 	// 可观测性（输出内容到第三方）
 	access_log.Register(extenderRegister)
diff --git a/drivers/discovery/nacos/client.go b/drivers/discovery/nacos/client.go
index 6bf4057f..4ee088e8 100644
--- a/drivers/discovery/nacos/client.go
+++ b/drivers/discovery/nacos/client.go
@@ -95,7 +95,6 @@ func newClient(name string, address []string, params map[string]string) (*client
 func (c *client) GetNodeList(serviceName string) ([]discovery.NodeInfo, error) {
 	nodes := make([]discovery.NodeInfo, 0)
 	set := make(map[string]struct{})
-
 	instances, err := c.namingClient.SelectInstances(vo.SelectInstancesParam{
 		ServiceName: serviceName,
 		Clusters:    c.clusters,
diff --git a/drivers/plugins/js-inject/config.go b/drivers/plugins/js-inject/config.go
new file mode 100644
index 00000000..4fb457d6
--- /dev/null
+++ b/drivers/plugins/js-inject/config.go
@@ -0,0 +1,25 @@
+package js_inject
+
+import (
+	"github.com/eolinker/apinto/drivers"
+	"github.com/eolinker/eosc"
+)
+
+type Config struct {
+	Variables        []Variable `json:"variables" label:"变量列表"`
+	InjectCode       string     `json:"inject" label:"注入代码"`
+	MatchContentType []string   `json:"match_content_type" label:"匹配的Content-Type"`
+}
+
+type Variable struct {
+	Key   string `json:"key" label:"变量名"`
+	Value string `json:"value" label:"变量值"`
+}
+
+func Create(id, name string, conf *Config, workers map[eosc.RequireId]eosc.IWorker) (eosc.IWorker, error) {
+	e := &executor{
+		WorkerBase: drivers.Worker(id, name),
+	}
+	e.reset(conf)
+	return e, nil
+}
diff --git a/drivers/plugins/js-inject/executor.go b/drivers/plugins/js-inject/executor.go
new file mode 100644
index 00000000..75f21294
--- /dev/null
+++ b/drivers/plugins/js-inject/executor.go
@@ -0,0 +1,86 @@
+package js_inject
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/eolinker/apinto/utils"
+
+	"github.com/eolinker/eosc/log"
+
+	"github.com/eolinker/apinto/drivers"
+	"github.com/eolinker/eosc"
+	"github.com/eolinker/eosc/eocontext"
+	http_service "github.com/eolinker/eosc/eocontext/http-context"
+)
+
+var _ eocontext.IFilter = (*executor)(nil)
+var _ http_service.HttpFilter = (*executor)(nil)
+var _ eosc.IWorker = (*executor)(nil)
+
+type executor struct {
+	drivers.WorkerBase
+	injectCode       string
+	matchContentType []string
+}
+
+func (e *executor) DoFilter(ctx eocontext.EoContext, next eocontext.IChain) (err error) {
+	return http_service.DoHttpFilter(e, ctx, next)
+}
+
+func (e *executor) DoHttpFilter(ctx http_service.IHttpContext, next eocontext.IChain) (err error) {
+	if next != nil {
+		err = next.DoChain(ctx)
+		if err != nil {
+			return err
+		}
+	}
+	contentType := ctx.Response().ContentType()
+	for _, ct := range e.matchContentType {
+		if contentType == ct {
+			body := ctx.Response().GetBody()
+			res, err := injectJavaScript(string(body), e.injectCode)
+			if err != nil {
+				log.Error(err)
+				return nil
+			}
+			ctx.Response().SetBody([]byte(res))
+		}
+	}
+	return
+}
+
+func (e *executor) Destroy() {
+	return
+}
+
+func (e *executor) Start() error {
+	return nil
+}
+
+func (e *executor) Reset(conf interface{}, workers map[eosc.RequireId]eosc.IWorker) error {
+	return nil
+}
+
+func (e *executor) reset(conf *Config) error {
+	decodeData, err := utils.B64Decode(conf.InjectCode)
+	if err != nil {
+		return err
+	}
+	injectCode := string(decodeData)
+	for _, v := range conf.Variables {
+		injectCode = strings.Replace(injectCode, fmt.Sprintf("{{%s}}", v.Key), v.Value, -1)
+	}
+	e.injectCode = fmt.Sprintf("%s", injectCode)
+	e.matchContentType = conf.MatchContentType
+	return nil
+}
+
+func (e *executor) Stop() error {
+	e.Destroy()
+	return nil
+}
+
+func (e *executor) CheckSkill(skill string) bool {
+	return http_service.FilterSkillName == skill
+}
diff --git a/drivers/plugins/js-inject/factory.go b/drivers/plugins/js-inject/factory.go
new file mode 100644
index 00000000..2743eeed
--- /dev/null
+++ b/drivers/plugins/js-inject/factory.go
@@ -0,0 +1,18 @@
+package js_inject
+
+import (
+	"github.com/eolinker/apinto/drivers"
+	"github.com/eolinker/eosc"
+)
+
+const (
+	Name = "js_inject"
+)
+
+func Register(register eosc.IExtenderDriverRegister) {
+	register.RegisterExtenderDriver(Name, NewFactory())
+}
+
+func NewFactory() eosc.IExtenderDriverFactory {
+	return drivers.NewFactory[Config](Create)
+}
diff --git a/drivers/plugins/js-inject/tool.go b/drivers/plugins/js-inject/tool.go
new file mode 100644
index 00000000..05ca681a
--- /dev/null
+++ b/drivers/plugins/js-inject/tool.go
@@ -0,0 +1,90 @@
+package js_inject
+
+import (
+	"bytes"
+	"fmt"
+
+	"golang.org/x/net/html"
+)
+
+// injectJavaScript将JavaScript代码插入到HTML中
+func injectJavaScript(originalHTML, jsCode string) (string, error) {
+	// 解析 HTML 字符串
+	doc, err := html.Parse(bytes.NewReader([]byte(originalHTML)))
+	if err != nil {
+		return "", fmt.Errorf("parse html error: %w", err)
+	}
+	node := findHead(doc)
+	if node == nil {
+		// 在每个 HTML 标签后添加 <head> 元素
+		addHeadAfterTags(doc)
+		node = findHead(doc)
+	}
+	insertCodeInHead(node, jsCode)
+	// 将修改后的 HTML 打印出来
+	var modifiedHTML bytes.Buffer
+	if err := html.Render(&modifiedHTML, doc); err != nil {
+		return "", fmt.Errorf("render html error: %w", err)
+	}
+
+	return modifiedHTML.String(), nil
+
+}
+
+func findHead(node *html.Node) *html.Node {
+	if node.Type == html.ElementNode && node.Data == "head" {
+		return node
+	}
+
+	for child := node.FirstChild; child != nil; child = child.NextSibling {
+		if found := findHead(child); found != nil {
+			return found
+		}
+	}
+
+	return nil
+}
+
+func addHeadAfterTags(node *html.Node) {
+	if node.Type == html.ElementNode {
+		// 创建 <head> 元素
+		newHead := &html.Node{
+			Type:     html.ElementNode,
+			DataAtom: 0,
+			Data:     "head",
+		}
+		// 在当前元素后插入 <head> 元素
+		node.Parent.InsertBefore(newHead, node)
+		// 递归处理子节点
+		for child := node.FirstChild; child != nil; child = child.NextSibling {
+			addHeadAfterTags(child)
+		}
+	}
+
+	// 递归处理下一个兄弟节点
+	if node.NextSibling != nil {
+		addHeadAfterTags(node.NextSibling)
+	}
+}
+
+func insertCodeInHead(headNode *html.Node, jsCode string) {
+	// 创建一个新的 <script> 元素（示例代码）
+	newScript := &html.Node{
+		Type:     html.ElementNode,
+		Data:     "script",
+		DataAtom: 0,
+	}
+
+	// 在 <script> 中插入要添加的代码
+	newScript.AppendChild(&html.Node{
+		Type: html.TextNode,
+		Data: jsCode,
+	})
+
+	// 将新的 <script> 元素插入到 <head> 的第一个子标签位置
+	if headNode.LastChild != nil {
+		headNode.InsertBefore(newScript, headNode.FirstChild)
+	} else {
+		headNode.AppendChild(newScript)
+	}
+}
diff --git a/drivers/plugins/rsa-filter/config.go b/drivers/plugins/rsa-filter/config.go
new file mode 100644
index 00000000..13ca9464
--- /dev/null
+++ b/drivers/plugins/rsa-filter/config.go
@@ -0,0 +1,22 @@
+package rsa_filter
+
+import (
+	"github.com/eolinker/apinto/drivers"
+	"github.com/eolinker/eosc"
+)
+
+type Config struct {
+	PrivateKey         string `json:"private_key" label:"私钥" description:"对请求体进行解密，对响应体进行签名"`
+	PublicKey          string `json:"public_key" label:"公钥" description:"对请求体进行验签，对响应体进行加密"`
+	RequestSignHeader  string `json:"request_sign_header" label:"请求签名头"`
+	ResponseSignHeader string `json:"response_sign_header" label:"响应签名头"`
+	Format             string `json:"format" label:"密钥格式" enum:"origin,base64"`
+}
+
+func Create(id, name string, conf *Config, workers map[eosc.RequireId]eosc.IWorker) (eosc.IWorker, error) {
+	e := &executor{
+		WorkerBase: drivers.Worker(id, name),
+	}
+	e.reset(conf)
+	return e, nil
+}
diff --git a/drivers/plugins/rsa-filter/executor.go b/drivers/plugins/rsa-filter/executor.go
new file mode 100644
index 00000000..663f47de
--- /dev/null
+++ b/drivers/plugins/rsa-filter/executor.go
@@ -0,0 +1,147 @@
+package rsa_filter
+
+import (
+	"crypto/rsa"
+	"fmt"
+
+	"github.com/eolinker/apinto/drivers"
+	"github.com/eolinker/apinto/utils"
+	"github.com/eolinker/eosc"
+	"github.com/eolinker/eosc/eocontext"
+	http_service "github.com/eolinker/eosc/eocontext/http-context"
+)
+
+var _ eocontext.IFilter = (*executor)(nil)
+var _ http_service.HttpFilter = (*executor)(nil)
+var _ eosc.IWorker = (*executor)(nil)
+
+type executor struct {
+	drivers.WorkerBase
+	// 解密 + 签名
+	privateKey *rsa.PrivateKey
+	// 验签 + 加密
+	publicKey          *rsa.PublicKey
+	requestSignHeader  string
+	responseSignHeader string
+}
+
+func (e *executor) DoFilter(ctx eocontext.EoContext, next eocontext.IChain) (err error) {
+	return http_service.DoHttpFilter(e, ctx, next)
+}
+
+func (e *executor) DoHttpFilter(ctx http_service.IHttpContext, next eocontext.IChain) (err error) {
+	orgContentType := ctx.Request().Header().GetHeader("Origin-Content-Type")
+	if orgContentType == "" {
+		orgContentType = "application/json"
+	}
+
+	body, _ := ctx.Request().Body().RawBody()
+	signature := ctx.Request().Header().GetHeader(e.requestSignHeader)
+	if signature != "" {
+		decodeSign, err := utils.B64Decode(signature)
+		if err != nil {
+			err = fmt.Errorf("base64 decode error: %w", err)
+			ctx.Response().SetBody([]byte(err.Error()))
+			ctx.Response().SetStatus(403, "403")
+			return err
+		}
+		// 验签
+		err = verify(body, decodeSign, e.publicKey)
+		if err != nil {
+			err = fmt.Errorf("verify signature error: %w", err)
+			ctx.Response().SetBody([]byte(err.Error()))
+			ctx.Response().SetStatus(403, "403")
+			return err
+		}
+	}
+
+	// 解密
+	decrBody, err := decrypt(body, e.privateKey)
+	if err != nil {
+		err = fmt.Errorf("decrypt body error: %w", err)
+		ctx.Response().SetBody([]byte(err.Error()))
+		ctx.Response().SetStatus(403, "403")
+		return err
+	}
+
+	// 转发时传输铭文
+	ctx.Proxy().Body().SetRaw(orgContentType, decrBody)
+	ctx.Proxy().Header().SetHeader("Content-Type", orgContentType)
+	if next != nil {
+		err = next.DoChain(ctx)
+	}
+
+	responseContentType := ctx.Response().GetHeader("Content-Type")
+	body = ctx.Response().GetBody()
+	// 加密
+	encBody, err := encrypt(body, e.publicKey)
+	if err != nil {
+		err = fmt.Errorf("encrypt body error: %w", err)
+		ctx.Response().SetBody([]byte(err.Error()))
+		ctx.Response().SetStatus(403, "403")
+		return
+	}
+	if e.responseSignHeader != "" {
+		responseSign, err := sign(encBody, e.privateKey)
+		if err != nil {
+			err = fmt.Errorf("sign body error: %w", err)
+			ctx.Response().SetBody([]byte(err.Error()))
+			ctx.Response().SetStatus(403, "403")
+			return err
+		}
+		ctx.Response().SetHeader(e.responseSignHeader, utils.B64Encode(responseSign))
+	}
+
+	ctx.Response().SetBody(encBody)
+	ctx.Response().SetHeader("Content-Type", ctx.Request().ContentType())
+	ctx.Response().SetHeader("Origin-Content-Type", responseContentType)
+	return
+}
+
+func (e *executor) Destroy() {
+	return
+}
+
+func (e *executor) Start() error {
+	return nil
+}
+
+func (e *executor) Reset(conf interface{}, workers map[eosc.RequireId]eosc.IWorker) error {
+	return nil
+}
+
+func (e *executor) reset(conf *Config) error {
+	privateKey, publicKey := []byte(conf.PrivateKey), []byte(conf.PublicKey)
+	if conf.Format == "base64" {
+		var err error
+		privateKey, err = utils.B64Decode(conf.PrivateKey)
+		if err != nil {
+			return fmt.Errorf("descrypt private key error: %w", err)
+		}
+		publicKey, err = utils.B64Decode(conf.PublicKey)
+		if err != nil {
+			return fmt.Errorf("descrypt public key error: %w", err)
+		}
+	}
+	var err error
+	e.privateKey, err = parsePrivateKey(privateKey)
+	if err != nil {
+		return err
+	}
+	e.publicKey, err = parsePublicKey(publicKey)
+	if err != nil {
+		return err
+	}
+	e.requestSignHeader = conf.RequestSignHeader
+	e.responseSignHeader = conf.ResponseSignHeader
+	return nil
+}
+
+func (e *executor) Stop() error {
+	e.Destroy()
+	return nil
+}
+
+func (e *executor) CheckSkill(skill string) bool {
+	return http_service.FilterSkillName == skill
+}
diff --git a/drivers/plugins/rsa-filter/factory.go b/drivers/plugins/rsa-filter/factory.go
new file mode 100644
index 00000000..02d29877
--- /dev/null
+++ b/drivers/plugins/rsa-filter/factory.go
@@ -0,0 +1,18 @@
+package rsa_filter
+
+import (
+	"github.com/eolinker/apinto/drivers"
+	"github.com/eolinker/eosc"
+)
+
+const (
+	Name = "rsa"
+)
+
+func Register(register eosc.IExtenderDriverRegister) {
+	register.RegisterExtenderDriver(Name, NewFactory())
+}
+
+func NewFactory() eosc.IExtenderDriverFactory {
+	return drivers.NewFactory[Config](Create)
+}
diff --git a/drivers/plugins/rsa-filter/tool.go b/drivers/plugins/rsa-filter/tool.go
new file mode 100644
index 00000000..0af4ef53
--- /dev/null
+++ b/drivers/plugins/rsa-filter/tool.go
@@ -0,0 +1,109 @@
+package rsa_filter
+
+import (
+	"bytes"
+	"crypto"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/pem"
+	"errors"
+	"fmt"
+)
+
+var defaultPssOption = &rsa.PSSOptions{
+	SaltLength: 32,
+	Hash:       crypto.SHA256,
+}
+
+func encrypt(data []byte, publicKey *rsa.PublicKey) ([]byte, error) {
+	blockSize := publicKey.Size() - 66
+	var encryptedChunks [][]byte
+	for len(data) > 0 {
+		chunkSize := len(data)
+		if chunkSize > blockSize {
+			chunkSize = blockSize
+		}
+		// 取出要加密的块
+		chunk := data[:chunkSize]
+		data = data[chunkSize:]
+
+		// 使用RSA公钥加密块
+		encryptedChunk, err := rsa.EncryptOAEP(sha256.New(), rand.Reader, publicKey, chunk, nil)
+		if err != nil {
+			return nil, err
+		}
+
+		encryptedChunks = append(encryptedChunks, encryptedChunk)
+	}
+	return bytes.Join(encryptedChunks, nil), nil
+}
+
+func decrypt(data []byte, privateKey *rsa.PrivateKey) ([]byte, error) {
+
+	blockSize := (privateKey.N.BitLen() + 7) / 8
+	var decryptedChunks [][]byte
+	for len(data) > 0 {
+		chunkSize := len(data)
+		if chunkSize > blockSize {
+			chunkSize = blockSize
+		}
+		// 取出要加密的块
+		chunk := data[:chunkSize]
+		data = data[chunkSize:]
+
+		// 使用RSA公钥加密块
+		encryptedChunk, err := rsa.DecryptOAEP(sha256.New(), rand.Reader, privateKey, chunk, nil)
+		if err != nil {
+			return nil, err
+		}
+
+		decryptedChunks = append(decryptedChunks, encryptedChunk)
+	}
+	return bytes.Join(decryptedChunks, nil), nil
+}
+
+func sign(data []byte, privateKey *rsa.PrivateKey) ([]byte, error) {
+	hashed := sha256.Sum256(data)
+	return rsa.SignPSS(rand.Reader, privateKey, crypto.SHA256, hashed[:], defaultPssOption)
+}
+
+func verify(data []byte, signature []byte, publicKey *rsa.PublicKey) error {
+	hashed := sha256.Sum256(data)
+	return rsa.VerifyPSS(publicKey, crypto.SHA256, hashed[:], signature, defaultPssOption)
+}
+
+func parsePrivateKey(data []byte) (*rsa.PrivateKey, error) {
+	block, _ := pem.Decode(data)
+	if block == nil {
+		return nil, errors.New("private key error")
+	}
+	privateKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
+	if err != nil {
+		return nil, fmt.Errorf("parse private key err")
+	}
+	// 转换为 RSA 公钥
+	rsaPrivateKey, ok := privateKey.(*rsa.PrivateKey)
+	if !ok {
+		return nil, fmt.Errorf("private key is not an RSA public key")
+	}
+	return rsaPrivateKey, nil
+}
+
+func parsePublicKey(data []byte) (*rsa.PublicKey, error) {
+	block, _ := pem.Decode(data)
+	if block == nil {
+		return nil, errors.New("private key error")
+	}
+	publicKey, err := x509.ParsePKIXPublicKey(block.Bytes)
+	if err != nil {
+		return nil, fmt.Errorf("parse private key err: %w", err)
+	}
+	// 转换为 RSA 公钥
+	rsaPublicKey, ok := publicKey.(*rsa.PublicKey)
+	if !ok {
+		return nil, fmt.Errorf("public key is not an RSA public key")
+	}
+	return rsaPublicKey, nil
+}
diff --git a/drivers/router/listener.go b/drivers/router/listener.go
index 9cf60905..4e6a9815 100644
--- a/drivers/router/listener.go
+++ b/drivers/router/listener.go
@@ -5,6 +5,7 @@ import (
 	"errors"
 	"io"
 	"net"
+	"net/http"
 	"strconv"
 	"strings"
 	"sync"
@@ -50,7 +51,7 @@ type RouterServerHandler func(port int, listener net.Listener)
 func init() {
 	matchWriters[AnyTCP] = matchersToMatchWriters(cmux.Any())
 	matchWriters[TslTCP] = matchersToMatchWriters(cmux.TLS())
-	matchWriters[Http] = matchersToMatchWriters(cmux.HTTP1Fast())
+	matchWriters[Http] = matchersToMatchWriters(cmux.HTTP1Fast(http.MethodPatch))
 	matchWriters[Dubbo2] = matchersToMatchWriters(cmux.PrefixMatcher(string([]byte{0xda, 0xbb})))
 	matchWriters[GRPC] = []cmux.MatchWriter{cmux.HTTP2MatchHeaderFieldPrefixSendSettings("content-type", "application/grpc")}
 	var tf traffic.ITraffic
diff --git a/go.mod b/go.mod
index 6f474309..65c34566 100644
--- a/go.mod
+++ b/go.mod
@@ -3,6 +3,7 @@ module github.com/eolinker/apinto
 go 1.19
 
 require (
+	github.com/PuerkitoBio/goquery v1.8.1
 	github.com/Shopify/sarama v1.32.0
 	github.com/brianvoe/gofakeit/v6 v6.20.1
 	github.com/clbanning/mxj v1.8.4
@@ -36,6 +37,7 @@ require (
 	github.com/RoaringBitmap/roaring v0.7.1 // indirect
 	github.com/Workiva/go-datastructures v1.0.52 // indirect
 	github.com/aliyun/alibaba-cloud-sdk-go v1.61.1704 // indirect
+	github.com/andybalholm/cascadia v1.3.1 // indirect
 	github.com/apache/dubbo-getty v1.4.8 // indirect
 	github.com/bits-and-blooms/bitset v1.2.0 // indirect
 	github.com/buger/jsonparser v1.1.1 // indirect
diff --git a/utils/encode.go b/utils/encode.go
index 68019926..00e320ac 100644
--- a/utils/encode.go
+++ b/utils/encode.go
@@ -28,10 +28,11 @@ func B64Decode(input string) ([]byte, error) {
 }
 
 // B64Encode base64加密
-func B64Encode(input string) string {
-	result := base64.StdEncoding.EncodeToString([]byte(input))
-	result = strings.Replace(strings.Replace(strings.Replace(result, "=", "", -1), "/", "_", -1), "+", "-", -1)
-	return result
+func B64Encode(input []byte) string {
+	//result := base64.StdEncoding.EncodeToString([]byte(input))
+	//base64.RawStdEncoding.EncodeToString([]byte(input))
+	//result = strings.Replace(strings.Replace(strings.Replace(result, "=", "", -1), "/", "_", -1), "+", "-", -1)
+	return base64.StdEncoding.EncodeToString(input)
 }
 
 // QueryUrlEncode 对query进行url encode