新浪一致认证分析

	var makeRequest = function(username, password, savestate) {
		var request = {
			"entry": me.getEntry(),
			"gateway": 1,
			"from": me.from,
			"savestate": savestate,
			"useticket": me.useTicket?1:0
		};
		if (me.failRedirect) {
			me.loginExtraQuery.frd = 1;
		}
		request = objMerge(request, me.loginExtraFlag);
		request = objMerge(request, me.loginExtraQuery);
		request["su"] = sinaSSOEncoder.base64.encode(urlencode(username)); // su是username的别名
		if (me.service) request["service"] = me.service;
		if((me.loginType & rsa) && me.servertime && sinaSSOEncoder && sinaSSOEncoder.RSAKey){
			request["servertime"] = me.servertime;
			request["nonce"] = me.nonce;
			request["pwencode"] = "rsa2";
			request["rsakv"] = me.rsakv;
			var RSAKey = new sinaSSOEncoder.RSAKey();
			RSAKey.setPublic(me.rsaPubkey, '10001');
			password = RSAKey.encrypt([me.servertime, me.nonce].join("\t") + "\n" + password);
		}else if ((me.loginType & wsse) && me.servertime && sinaSSOEncoder && sinaSSOEncoder.hex_sha1) {
			request["servertime"] = me.servertime;
			request["nonce"] = me.nonce;
			request["pwencode"] = "wsse";
			password = sinaSSOEncoder.hex_sha1("" + sinaSSOEncoder.hex_sha1(sinaSSOEncoder.hex_sha1(password)) + me.servertime + me.nonce); // 空字符串为了避免各项全部是数字时造成数字相加而不是字符串链接的情况
		}
		request["sp"] = password; // sp是password的别名
		return request;
	};