diff --git a/package/pay/honor/const.go b/package/pay/honor/const.go
index e7c68d1..9c168ce 100644
--- a/package/pay/honor/const.go
+++ b/package/pay/honor/const.go
@@ -1,5 +1,6 @@
 package honor
 
 const (
-	Host = "https://iap-api.cloud.honor.com"
+	Host      = "https://iap-api-drcn.cloud.honor.com"
+	TokenHost = "https://hnoauth-login-drcn.cloud.honor.com"
 )
diff --git a/package/pay/honor/honor.go b/package/pay/honor/honor.go
index f55cf37..56e5654 100644
--- a/package/pay/honor/honor.go
+++ b/package/pay/honor/honor.go
@@ -9,19 +9,50 @@ import (
 	"encoding/base64"
 	"encoding/pem"
 	"errors"
+	"time"
+
 	"github.com/ayflying/utility_go/package/pay/common"
+	"github.com/ayflying/utility_go/pkg"
+	"github.com/gogf/gf/v2/frame/g"
 )
 
 type Pay struct {
-	PubKey string `json:"pubKey"`
-	AppId  string `json:"appId"`
+	PubKey       string `json:"pubKey"`
+	AppId        string `json:"appId"`
+	ClientSecret string `json:"client_secret"`
 }
 
 func New(pay *Pay) *Pay {
-	return &Pay{
-		AppId:  pay.AppId,
-		PubKey: pay.PubKey,
+	return pay
+}
+
+func (p *Pay) GetToken(ctx context.Context) (accessToken string, err error) {
+	type TokenResp struct {
+		AccessToken string `json:"access_token"`
+		ExpiresIn   int    `json:"expires_in"`
+		TokenType   string `json:"token_type"`
 	}
+
+	get, err := pkg.Cache("redis", "cache").GetOrSetFunc(ctx, "pay:honor:Sign:token", func(ctx context.Context) (value interface{}, err error) {
+
+		url := TokenHost + "/oauth2/v3/token"
+		get, err := g.Client().Post(ctx, url, g.Map{
+			"client_id":     p.AppId,
+			"client_secret": p.ClientSecret,
+			"grant_type":    "client_credentials",
+		})
+
+		//var res *TokenResp
+		//gjson.DecodeTo(get, &res)
+		value = get.ReadAllString()
+		return
+	}, time.Hour)
+
+	var res *TokenResp
+	err = get.Scan(&res)
+	accessToken = res.AccessToken
+
+	return
 }
 
 // VerifyRSASignature 验证RSA数字签名
@@ -29,13 +60,13 @@ func New(pay *Pay) *Pay {
 // sign: 签名的Base64编码字符串
 // pubKey: PEM格式的公钥字符串
 // 返回验证结果和可能的错误
-func (p *Pay) VerifyRSASignature(ctx context.Context, data []byte, sign string) (bool, error) {
+func (p *Pay) VerifyRSASignature(ctx context.Context, data []byte, signature string) (bool, error) {
 	//req := g.RequestFromCtx(ctx).Request
 	//post, err := common.ParseNotifyToBodyMap(req)
 	//var data = gjson.MustEncode(post)
 
 	// 解码Base64格式的签名
-	signBytes, err := base64.StdEncoding.DecodeString(sign)
+	signBytes, err := base64.StdEncoding.DecodeString(signature)
 	if err != nil {
 		return false, errors.New("签名解码失败: " + err.Error())
 	}
diff --git a/package/pay/honor/notification.go b/package/pay/honor/notification.go
index 3a312df..1c9f0f1 100644
--- a/package/pay/honor/notification.go
+++ b/package/pay/honor/notification.go
@@ -32,7 +32,16 @@ func (p *Pay) Notification(r *http.Request) {
 // ConsumeProduct 商品消耗
 func (p *Pay) ConsumeProduct(purchaseToken string) (err error) {
 	url := Host + "/iap/server/consumeProduct"
-	get, err := g.Client().ContentJson().Post(gctx.New(), url, g.Map{
+	//获取token
+	token, err := p.GetToken(gctx.New())
+	if err != nil {
+		return
+	}
+	get, err := g.Client().ContentJson().Header(g.MapStrStr{
+		"access-token":  token,
+		"x-iap-appid":   p.AppId,
+		"purchaseToken": purchaseToken,
+	}).Post(gctx.New(), url, g.Map{
 		"purchaseToken":      purchaseToken,
 		"developerChallenge": grand.S(16),
 	})