huoran
/
dqFinancial
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

消息订阅配置验证Token

Browse Source
master
shijie 4 years ago
parent 2fedfc1c5b
commit 04916e9bd9
7 changed files with 116 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java
  2. 31
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/WXTokenController.java
  3. 15
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java
  4. 47
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/SHA1.java
  5. 24
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXPublicUtils.java
  6. 10
      dq-framework-common/src/main/java/com/daqing/framework/model/response/PromptSuccess.java
  7. 3
      dq-govern-gateway/src/main/resources/jwt.properties

5
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java
Unescape View File

@ -140,10 +140,9 @@ public class UserLoginController implements UserLoginControllerApi {
headerImg = URLDecoder.decode(imgUrl,encoder);
//account = new String(username.getBytes("GBK"),"iso-8859-1");
log.info("account==========="+account+"headerImg============="+headerImg);
//response.sendRedirect("http://8.129.127.185/dq/index.html#/login?token="+token+"&account="+account+"&headerImg="+headerImg);
response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/login?token="+token+"&account="+account+"&headerImg="+headerImg);
// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/login?token="+token+"&account="+account+"&headerImg="+headerImg);
// response.sendRedirect("https://www.huorantech.cn/index/#/login?token="+token+"&account="+account+"&headerImg="+headerImg);
// response.sendRedirect("https://www.feifanhitech.com/index/#/login?token="+token+"&account="+account+"&headerImg="+headerImg);
response.sendRedirect("https://www.feifanhitech.com/index/#/login?token="+token+"&account="+account+"&headerImg="+headerImg);
}
}else {
userService.weChatBinding(code,response,state);

31
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/WXTokenController.java
Unescape View File

@ -0,0 +1,31 @@
package com.daqing.financial.hrauth.controller;
import com.daqing.financial.hrauth.util.WXPublicUtils;
import io.swagger.annotations.Api;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
@RestController
@RequestMapping("/wxpublic")
@Api(tags = "验证公众平台token")
@Slf4j
public class WXTokenController {
@RequestMapping("/verify_wx_token")
public String verifyWXToken(HttpServletRequest request) {
String msgSignature = request.getParameter("signature");
String msgTimestamp = request.getParameter("timestamp");
String msgNonce = request.getParameter("nonce");
String echostr = request.getParameter("echostr");
if (WXPublicUtils.verifyUrl(msgSignature, msgTimestamp, msgNonce)) {
return echostr;
}
return null;
}
}

15
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java
Unescape View File

@ -94,10 +94,9 @@ public class UserServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> imple
if(dbUser == null){//openId不存在,返回绑定手机号页面,须另写绑定手机号接口
log.info("dbUser为空,openId不存在,请先绑定手机号哦~~~");
try {
// response.sendRedirect("https://www.feifanhitech.com/index/#/bind-phone?matched="+md5UnionId);
response.sendRedirect("https://www.feifanhitech.com/index/#/bind-phone?matched="+md5UnionId);
// response.sendRedirect("https://www.huorantech.cn/index/#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面
//response.sendRedirect("http://8.129.127.185/dq/index.html#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面
response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面
// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面
} catch (IOException e) {
e.printStackTrace();
}
@ -163,9 +162,8 @@ public class UserServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> imple
try {
log.info("微信重复了,我走到了这里.............................");
// response.sendRedirect("https://www.huorantech.cn/index/#/workbench-manpower?token="+token+"&message=1");
//response.sendRedirect("http://8.129.127.185/dq/index.html#/workbench-manpower?token="+token+"&message=1");
response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token+"&message=1");
// response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token+"&message=1");
// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token+"&message=1");
response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token+"&message=1");
} catch (IOException e) {
e.printStackTrace();
}
@ -176,9 +174,8 @@ public class UserServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> imple
try {
log.info("转发成功---------------------------------------");
// response.sendRedirect("https://www.huorantech.cn/index/#/workbench-manpower?token="+token);
//response.sendRedirect("http://8.129.127.185/dq/index.html#/workbench-manpower?token="+token);
response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token);
// response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token);
// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token);
response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token);
}catch (IOException e){
e.printStackTrace();
}

47
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/SHA1.java
Unescape View File

@ -0,0 +1,47 @@
package com.daqing.financial.hrauth.util;
import java.security.MessageDigest;
import java.util.Arrays;
public class SHA1 {
/**
* 用SHA1算法验证Token
*
* @param token 票据
* @param timestamp 时间戳
* @param nonce 随机字符串
* @return 安全签名
*/
public static String getSHA1(String token, String timestamp, String nonce) {
try {
String[] array = new String[]{token, timestamp, nonce};
StringBuffer sb = new StringBuffer();
// 字符串排序
Arrays.sort(array);
for (int i = 0; i < 3; i++) {
sb.append(array[i]);
}
String str = sb.toString();
// SHA1签名生成
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.update(str.getBytes());
byte[] digest = md.digest();
StringBuffer hexstr = new StringBuffer();
String shaHex = "";
for (int i = 0; i < digest.length; i++) {
shaHex = Integer.toHexString(digest[i] & 0xFF);
if (shaHex.length() < 2) {
hexstr.append(0);
}
hexstr.append(shaHex);
}
return hexstr.toString();
} catch (Exception e) {
e.printStackTrace();
throw new IllegalArgumentException("用SHA1算法验证Token异常");
}
}
}

24
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXPublicUtils.java
Unescape View File

@ -0,0 +1,24 @@
package com.daqing.financial.hrauth.util;
public class WXPublicUtils {
/**
* 验证Token
* @param msgSignature 签名串对应URL参数的signature
* @param timeStamp 时间戳对应URL参数的timestamp
* @param nonce 随机串对应URL参数的nonce
*
* @return 是否为安全签名
*/
public static boolean verifyUrl(String msgSignature, String timeStamp, String nonce){
// 这里的 WXPublicConstants.TOKEN 填写你自己设置的Token就可以了
String signature = SHA1.getSHA1("123456", timeStamp, nonce);
if (!signature.equals(msgSignature)) {
// throw new AesException(AesException.ValidateSignatureError);
throw new IllegalArgumentException("验证Token异常");
}
return true;
}
}

10
dq-framework-common/src/main/java/com/daqing/framework/model/response/PromptSuccess.java
Unescape View File

@ -33,18 +33,16 @@ public class PromptSuccess {
public static final String UPLOAD_FILE_PATH = "//usr//local//nginx//html//admin//headImg//"; // linux图片存放路径
// public static final String IMAGE_URL_PATH = "https://www.huorantech.cn/headImg/"; // 数据库/预加载图片路径
//public static final String IMAGE_URL_PATH = "http://8.129.127.185/headImg/"; // 数据库/预加载图片路径
public static final String IMAGE_URL_PATH = "https://test.feifanhitech.com/headImg/"; // 数据库/预加载图片路径
// public static final String IMAGE_URL_PATH = "https://www.feifanhitech.com/headImg/"; // 数据库/预加载图片路径
// public static final String IMAGE_URL_PATH = "https://test.feifanhitech.com/headImg/"; // 数据库/预加载图片路径
public static final String IMAGE_URL_PATH = "https://www.feifanhitech.com/headImg/"; // 数据库/预加载图片路径
public static final String[] LETTERS = {"A","B","C","D","E"}; // 员工姓名重复时自动加的字母,可再添加
public static final String STATUS_REFUSE = "拒绝";
// public static final String ENCLOSUREFILE_URL_PATH = "https://www.huorantech.cn/enclosureFile/"; // 附件文件存放路径
//public static final String ENCLOSUREFILE_URL_PATH = "http://8.129.127.185/enclosureFile/"; // 附件文件存放路径
public static final String ENCLOSUREFILE_URL_PATH = "https://test.feifanhitech.com/enclosureFile/"; // 附件文件存放路径
// public static final String ENCLOSUREFILE_URL_PATH = "https://www.feifanhitech.com/enclosureFile/"; // 附件文件存放路径
// public static final String ENCLOSUREFILE_URL_PATH = "https://test.feifanhitech.com/enclosureFile/"; // 附件文件存放路径
public static final String ENCLOSUREFILE_URL_PATH = "https://www.feifanhitech.com/enclosureFile/"; // 附件文件存放路径
public static final String FILE_URL_PATH = "//usr//local//nginx//html//admin//enclosureFile//"; // 附件文件存放路径

3
dq-govern-gateway/src/main/resources/jwt.properties
Unescape View File

@ -35,7 +35,8 @@ jwt.ignoreUrlList=/apiHrmsAuth/hrms/auth/userlogin/getBackPwd,\
/api-guarantee/al-repayment-entry/excelExport,\
/api-guarantee/al-collection/list/export/excel,\
/api-guarantee/al-collection/collection/list/export/excel,\
/api-guarantee/dg-apply-amount-info/download
/api-guarantee/dg-apply-amount-info/download,\
/apiHrmsAuth/wxpublic/verify_wx_token

Write Preview
Loading…
Cancel
Save