From 04916e9bd9b4c445bc4c8ce3b76d7e921b8bf8e4 Mon Sep 17 00:00:00 2001 From: shijie <648688341@qq.com> Date: Thu, 8 Apr 2021 18:26:03 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B6=88=E6=81=AF=E8=AE=A2=E9=98=85=E9=85=8D?= =?UTF-8?q?=E7=BD=AE=E9=AA=8C=E8=AF=81Token?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/UserLoginController.java | 5 +- .../hrauth/controller/WXTokenController.java | 31 ++++++++++++ .../hrauth/service/impl/UserServiceImpl.java | 15 +++--- .../daqing/financial/hrauth/util/SHA1.java | 47 +++++++++++++++++++ .../financial/hrauth/util/WXPublicUtils.java | 24 ++++++++++ .../model/response/PromptSuccess.java | 10 ++-- .../src/main/resources/jwt.properties | 3 +- 7 files changed, 116 insertions(+), 19 deletions(-) create mode 100644 dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/WXTokenController.java create mode 100644 dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/SHA1.java create mode 100644 dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXPublicUtils.java diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java index 0c0fddae..7e560d8c 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java @@ -140,10 +140,9 @@ public class UserLoginController implements UserLoginControllerApi { headerImg = URLDecoder.decode(imgUrl,encoder); //account = new String(username.getBytes("GBK"),"iso-8859-1"); log.info("account==========="+account+"headerImg============="+headerImg); - //response.sendRedirect("http://8.129.127.185/dq/index.html#/login?token="+token+"&account="+account+"&headerImg="+headerImg); - response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/login?token="+token+"&account="+account+"&headerImg="+headerImg); +// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/login?token="+token+"&account="+account+"&headerImg="+headerImg); // response.sendRedirect("https://www.huorantech.cn/index/#/login?token="+token+"&account="+account+"&headerImg="+headerImg); -// response.sendRedirect("https://www.feifanhitech.com/index/#/login?token="+token+"&account="+account+"&headerImg="+headerImg); + response.sendRedirect("https://www.feifanhitech.com/index/#/login?token="+token+"&account="+account+"&headerImg="+headerImg); } }else { userService.weChatBinding(code,response,state); diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/WXTokenController.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/WXTokenController.java new file mode 100644 index 00000000..95a71bfc --- /dev/null +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/WXTokenController.java @@ -0,0 +1,31 @@ +package com.daqing.financial.hrauth.controller; + + +import com.daqing.financial.hrauth.util.WXPublicUtils; +import io.swagger.annotations.Api; +import lombok.extern.slf4j.Slf4j; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import javax.servlet.http.HttpServletRequest; + +@RestController +@RequestMapping("/wxpublic") +@Api(tags = "验证公众平台token") +@Slf4j +public class WXTokenController { + @RequestMapping("/verify_wx_token") + public String verifyWXToken(HttpServletRequest request) { + String msgSignature = request.getParameter("signature"); + String msgTimestamp = request.getParameter("timestamp"); + String msgNonce = request.getParameter("nonce"); + String echostr = request.getParameter("echostr"); + if (WXPublicUtils.verifyUrl(msgSignature, msgTimestamp, msgNonce)) { + return echostr; + } + return null; + } + +} + + diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java index e2d7acba..f1bf97c6 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java @@ -94,10 +94,9 @@ public class UserServiceImpl extends ServiceImpl imple if(dbUser == null){//openId不存在,返回绑定手机号页面,须另写绑定手机号接口 log.info("dbUser为空,openId不存在,请先绑定手机号哦~~~"); try { -// response.sendRedirect("https://www.feifanhitech.com/index/#/bind-phone?matched="+md5UnionId); + response.sendRedirect("https://www.feifanhitech.com/index/#/bind-phone?matched="+md5UnionId); // response.sendRedirect("https://www.huorantech.cn/index/#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面 - //response.sendRedirect("http://8.129.127.185/dq/index.html#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面 - response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面 +// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面 } catch (IOException e) { e.printStackTrace(); } @@ -163,9 +162,8 @@ public class UserServiceImpl extends ServiceImpl imple try { log.info("微信重复了,我走到了这里............................."); // response.sendRedirect("https://www.huorantech.cn/index/#/workbench-manpower?token="+token+"&message=1"); - //response.sendRedirect("http://8.129.127.185/dq/index.html#/workbench-manpower?token="+token+"&message=1"); - response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token+"&message=1"); -// response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token+"&message=1"); +// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token+"&message=1"); + response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token+"&message=1"); } catch (IOException e) { e.printStackTrace(); } @@ -176,9 +174,8 @@ public class UserServiceImpl extends ServiceImpl imple try { log.info("转发成功---------------------------------------"); // response.sendRedirect("https://www.huorantech.cn/index/#/workbench-manpower?token="+token); - //response.sendRedirect("http://8.129.127.185/dq/index.html#/workbench-manpower?token="+token); - response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token); -// response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token); +// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token); + response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token); }catch (IOException e){ e.printStackTrace(); } diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/SHA1.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/SHA1.java new file mode 100644 index 00000000..d625e054 --- /dev/null +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/SHA1.java @@ -0,0 +1,47 @@ +package com.daqing.financial.hrauth.util; + + +import java.security.MessageDigest; +import java.util.Arrays; + +public class SHA1 { + + /** + * 用SHA1算法验证Token + * + * @param token 票据 + * @param timestamp 时间戳 + * @param nonce 随机字符串 + * @return 安全签名 + */ + public static String getSHA1(String token, String timestamp, String nonce) { + try { + String[] array = new String[]{token, timestamp, nonce}; + StringBuffer sb = new StringBuffer(); + // 字符串排序 + Arrays.sort(array); + for (int i = 0; i < 3; i++) { + sb.append(array[i]); + } + String str = sb.toString(); + // SHA1签名生成 + MessageDigest md = MessageDigest.getInstance("SHA-1"); + md.update(str.getBytes()); + byte[] digest = md.digest(); + + StringBuffer hexstr = new StringBuffer(); + String shaHex = ""; + for (int i = 0; i < digest.length; i++) { + shaHex = Integer.toHexString(digest[i] & 0xFF); + if (shaHex.length() < 2) { + hexstr.append(0); + } + hexstr.append(shaHex); + } + return hexstr.toString(); + } catch (Exception e) { + e.printStackTrace(); + throw new IllegalArgumentException("用SHA1算法验证Token异常"); + } + } +} diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXPublicUtils.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXPublicUtils.java new file mode 100644 index 00000000..0bbb4f91 --- /dev/null +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXPublicUtils.java @@ -0,0 +1,24 @@ +package com.daqing.financial.hrauth.util; + + + +public class WXPublicUtils { + + /** + * 验证Token + * @param msgSignature 签名串,对应URL参数的signature + * @param timeStamp 时间戳,对应URL参数的timestamp + * @param nonce 随机串,对应URL参数的nonce + * + * @return 是否为安全签名 + */ + public static boolean verifyUrl(String msgSignature, String timeStamp, String nonce){ + // 这里的 WXPublicConstants.TOKEN 填写你自己设置的Token就可以了 + String signature = SHA1.getSHA1("123456", timeStamp, nonce); + if (!signature.equals(msgSignature)) { +// throw new AesException(AesException.ValidateSignatureError); + throw new IllegalArgumentException("验证Token异常"); + } + return true; + } +} diff --git a/dq-framework-common/src/main/java/com/daqing/framework/model/response/PromptSuccess.java b/dq-framework-common/src/main/java/com/daqing/framework/model/response/PromptSuccess.java index fcc1adef..fd5986aa 100644 --- a/dq-framework-common/src/main/java/com/daqing/framework/model/response/PromptSuccess.java +++ b/dq-framework-common/src/main/java/com/daqing/framework/model/response/PromptSuccess.java @@ -33,18 +33,16 @@ public class PromptSuccess { public static final String UPLOAD_FILE_PATH = "//usr//local//nginx//html//admin//headImg//"; // linux图片存放路径 // public static final String IMAGE_URL_PATH = "https://www.huorantech.cn/headImg/"; // 数据库/预加载图片路径 - //public static final String IMAGE_URL_PATH = "http://8.129.127.185/headImg/"; // 数据库/预加载图片路径 - public static final String IMAGE_URL_PATH = "https://test.feifanhitech.com/headImg/"; // 数据库/预加载图片路径 -// public static final String IMAGE_URL_PATH = "https://www.feifanhitech.com/headImg/"; // 数据库/预加载图片路径 +// public static final String IMAGE_URL_PATH = "https://test.feifanhitech.com/headImg/"; // 数据库/预加载图片路径 + public static final String IMAGE_URL_PATH = "https://www.feifanhitech.com/headImg/"; // 数据库/预加载图片路径 public static final String[] LETTERS = {"A","B","C","D","E"}; // 员工姓名重复时自动加的字母,可再添加 public static final String STATUS_REFUSE = "拒绝"; // public static final String ENCLOSUREFILE_URL_PATH = "https://www.huorantech.cn/enclosureFile/"; // 附件文件存放路径 - //public static final String ENCLOSUREFILE_URL_PATH = "http://8.129.127.185/enclosureFile/"; // 附件文件存放路径 - public static final String ENCLOSUREFILE_URL_PATH = "https://test.feifanhitech.com/enclosureFile/"; // 附件文件存放路径 -// public static final String ENCLOSUREFILE_URL_PATH = "https://www.feifanhitech.com/enclosureFile/"; // 附件文件存放路径 +// public static final String ENCLOSUREFILE_URL_PATH = "https://test.feifanhitech.com/enclosureFile/"; // 附件文件存放路径 + public static final String ENCLOSUREFILE_URL_PATH = "https://www.feifanhitech.com/enclosureFile/"; // 附件文件存放路径 public static final String FILE_URL_PATH = "//usr//local//nginx//html//admin//enclosureFile//"; // 附件文件存放路径 diff --git a/dq-govern-gateway/src/main/resources/jwt.properties b/dq-govern-gateway/src/main/resources/jwt.properties index 82c34445..d099f1d1 100644 --- a/dq-govern-gateway/src/main/resources/jwt.properties +++ b/dq-govern-gateway/src/main/resources/jwt.properties @@ -35,7 +35,8 @@ jwt.ignoreUrlList=/apiHrmsAuth/hrms/auth/userlogin/getBackPwd,\ /api-guarantee/al-repayment-entry/excelExport,\ /api-guarantee/al-collection/list/export/excel,\ /api-guarantee/al-collection/collection/list/export/excel,\ - /api-guarantee/dg-apply-amount-info/download + /api-guarantee/dg-apply-amount-info/download,\ + /apiHrmsAuth/wxpublic/verify_wx_token