diff --git a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/model/request/BusinessApplicationRequest.java b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/model/request/BusinessApplicationRequest.java index 37f4af09..d0e8af30 100644 --- a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/model/request/BusinessApplicationRequest.java +++ b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/model/request/BusinessApplicationRequest.java @@ -261,7 +261,7 @@ public class BusinessApplicationRequest implements Serializable { * 注册时间 */ @ApiModelProperty(value = "注册时间") - private Date registerTime; + private String registerTime; /** * 注册地址 diff --git a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgApplyAmountInfoServiceImpl.java b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgApplyAmountInfoServiceImpl.java index 23b8e98c..653b6ee8 100644 --- a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgApplyAmountInfoServiceImpl.java +++ b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgApplyAmountInfoServiceImpl.java @@ -247,6 +247,7 @@ public class DgApplyAmountInfoServiceImpl extends ServiceImpl().eq("id",id)); + dgApplyAmountList.setVer(dgApplyAmountList1.getVer()+1);//设置担保部经理的版本号+1 + int update = dgApplyAmountListMapper.update(dgApplyAmountList, new QueryWrapper() + .eq("id", id).eq("ver", dgApplyAmountList1.getVer())); + if(update<=0) + return 0; - //根据id查询业务id - DgApplyAmountList dgApplyAmountList1 = dgApplyAmountListMapper.selectById(id); //修改专员那一条记录审核状态 DgApplyAmountList applyAmountList = new DgApplyAmountList(); applyAmountList.setStatus(status); diff --git a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgCopyUserServiceImpl.java b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgCopyUserServiceImpl.java index 6428412a..a2527fab 100644 --- a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgCopyUserServiceImpl.java +++ b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgCopyUserServiceImpl.java @@ -95,18 +95,21 @@ public class DgCopyUserServiceImpl extends ServiceImpl) responseResult.getData(); } - for (CopyForMeResponse response : copyForMeResponseList) { - for (LinkedHashMap res : employeeMessage) { - if (response.getApplicantId().equals(res.get("id"))) {//如果提单人id相同情况下,就往对象里面赋值 - response.setApplicant(JSONObject.toJSONString(res.get("account")).replace("\"", "")); - } - if (response.getApproveId()!=null){ - if (response.getApproveId().equals(res.get("id"))) {//如果审批人id相同情况下,就往对象里面赋值 - response.setApprove(JSONObject.toJSONString(res.get("account")).replace("\"", "")); + if(employeeMessage != null){ + for (CopyForMeResponse response : copyForMeResponseList) { + for (LinkedHashMap res : employeeMessage) { + if (response.getApplicantId()!=null && response.getApplicantId().equals(res.get("id"))) {//如果提单人id相同情况下,就往对象里面赋值 + response.setApplicant(JSONObject.toJSONString(res.get("account")).replace("\"", "")); + } + if (response.getApproveId()!=null){ + if (response.getApproveId().equals(res.get("id"))) {//如果审批人id相同情况下,就往对象里面赋值 + response.setApprove(JSONObject.toJSONString(res.get("account")).replace("\"", "")); + } } } } } + } return copyForMeResponseList; diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java index b88971c2..eb5e9c27 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java @@ -2,12 +2,8 @@ package com.daqing.financial.hrauth.config; import com.daqing.financial.hrauth.filter.AdminAuthenticationProcessingFilter; import com.daqing.financial.hrauth.filter.MyAuthenticationFilter; -import com.daqing.financial.hrauth.handle.AdminAuthenticationEntryPoint; -import com.daqing.financial.hrauth.handle.UrlAccessDecisionManager; -import com.daqing.financial.hrauth.handle.UrlAccessDeniedHandler; -import com.daqing.financial.hrauth.handle.UrlFilterInvocationSecurityMetadataSource; +import com.daqing.financial.hrauth.handle.*; import org.springframework.context.annotation.Configuration; -import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.ObjectPostProcessor; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; @@ -60,13 +56,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { */ private final UrlAccessDeniedHandler urlAccessDeniedHandler; - public SecurityConfig(MyAuthenticationFilter myAuthenticationFilter, AdminAuthenticationEntryPoint adminAuthenticationEntryPoint, AdminAuthenticationProcessingFilter adminAuthenticationProcessingFilter, UrlFilterInvocationSecurityMetadataSource urlFilterInvocationSecurityMetadataSource, UrlAccessDeniedHandler urlAccessDeniedHandler, UrlAccessDecisionManager urlAccessDecisionManager) { + /** + * Token异常处理 + */ + private final CustomAccessDeniedHandler customAccessDeniedHandler; + + public SecurityConfig(MyAuthenticationFilter myAuthenticationFilter, AdminAuthenticationEntryPoint adminAuthenticationEntryPoint, AdminAuthenticationProcessingFilter adminAuthenticationProcessingFilter, UrlFilterInvocationSecurityMetadataSource urlFilterInvocationSecurityMetadataSource, UrlAccessDeniedHandler urlAccessDeniedHandler, UrlAccessDecisionManager urlAccessDecisionManager, CustomAccessDeniedHandler customAccessDeniedHandler) { this.myAuthenticationFilter = myAuthenticationFilter; this.adminAuthenticationEntryPoint = adminAuthenticationEntryPoint; this.adminAuthenticationProcessingFilter = adminAuthenticationProcessingFilter; this.urlFilterInvocationSecurityMetadataSource = urlFilterInvocationSecurityMetadataSource; this.urlAccessDeniedHandler = urlAccessDeniedHandler; this.urlAccessDecisionManager = urlAccessDecisionManager; + this.customAccessDeniedHandler = customAccessDeniedHandler; } @@ -87,6 +89,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { // 登录过后访问无权限的接口时自定义403响应内容 http.exceptionHandling().accessDeniedHandler(urlAccessDeniedHandler); + //Token异常 + http.exceptionHandling().accessDeniedHandler(customAccessDeniedHandler); + // url权限认证处理 registry.withObjectPostProcessor(new ObjectPostProcessor() { @Override @@ -115,7 +120,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { //registry.antMatchers("/api-guarantee/dg-apply-amount-info/getRoles").hasIpAddress("127.0.0.1"); // 允许匿名的url - 可理解为放行接口 - 多个接口使用,分割 registry.antMatchers("/**").permitAll(); - //registry.antMatchers("/api-guarantee/dg-apply-amount-info/getRoles").permitAll(); +// registry.antMatchers("/api-guarantee/dg-apply-amount-info/getRoles").permitAll(); // registry.antMatchers("/**").access("hasAuthority('admin')"); // OPTIONS(选项):查找适用于一个特定网址资源的通讯选择。 在不需执行具体的涉及数据传输的动作情况下, 允许客户端来确定与资源相关的选项以及 / 或者要求, 或是一个服务器的性能 //registry.antMatchers(HttpMethod.OPTIONS, "/**").denyAll(); @@ -141,7 +146,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers("/**"); - //web.ignoring().antMatchers("/dg-apply-amount-info/getRoles","/api-guarantee/dg-apply-amount-info/getRoles"); +// web.ignoring().antMatchers("/dg-apply-amount-info/getRoles","/api-guarantee/dg-apply-amount-info/getRoles"); } } diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java index 73f493b4..e635a2f0 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java @@ -34,6 +34,7 @@ import java.io.InputStreamReader; import java.io.UnsupportedEncodingException; import java.net.URLDecoder; import java.net.URLEncoder; +import java.util.Map; /** @@ -227,7 +228,7 @@ public class UserLoginController implements UserLoginControllerApi { String encryptedData = xccLoginReq.getEncryptedData(); String code = xccLoginReq.getCode(); String iv = xccLoginReq.getIv(); - String openid = userLoginService.wxAuthLogin(encryptedData,iv,code); + Map openid = userLoginService.wxAuthLogin(encryptedData,iv,code); return ResponseResult.SUCCESS(openid); } } diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/CustomAccessDeniedHandler.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/CustomAccessDeniedHandler.java new file mode 100644 index 00000000..8ee0bb53 --- /dev/null +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/CustomAccessDeniedHandler.java @@ -0,0 +1,66 @@ +package com.daqing.financial.hrauth.handle; + +import com.daqing.financial.hrauth.model.ApiResult; +import com.daqing.financial.hrauth.service.impl.UserDetailsServiceImpl; +import com.daqing.financial.hrauth.util.ResponseUtils; +import com.fasterxml.jackson.databind.ObjectMapper; +import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.MediaType; +import org.springframework.security.access.AccessDeniedException; +import org.springframework.security.web.access.AccessDeniedHandler; +import org.springframework.stereotype.Component; +import org.springframework.stereotype.Service; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import java.util.HashMap; +import java.util.Map; + +/** + * Security自定义异常处理类 + * @Author: jialing xu + * @Description: xvjialing@outlook.com + * @Date: 17:24 2018/8/7 + */ +@Slf4j +@Component +public class CustomAccessDeniedHandler implements AccessDeniedHandler { + + @Autowired + private ObjectMapper objectMapper; + + private final UserDetailsServiceImpl userDetailsService; + + protected CustomAccessDeniedHandler(UserDetailsServiceImpl userDetailsService) { + this.userDetailsService = userDetailsService; + } + + @Override + public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException { +/* log.error("Token异常处理来了~~~~"+accessDeniedException.getMessage()); + response.setContentType("application/json;charset=UTF-8"); + Map map = new HashMap(); + map.put("code", "403"); + map.put("msg", accessDeniedException.getMessage()); + map.put("data",""); + response.setContentType("application/json"); + response.setStatus(HttpServletResponse.SC_OK); + response.getWriter().write(objectMapper.writeValueAsString(map));*/ + +// ResponseUtils.out(response, ApiResult.fail(401, e.getMessage())); + String token = request.getHeader("token"); + if (StringUtils.isNotBlank(token)) { + // 检查token + SecurityUser securityUser = userDetailsService.getUserByToken(token); + if (securityUser == null || securityUser.getCurrentUserInfo() == null) { + //ExceptionCast.cast(HrmsCode.TOKEN_EXCEPTION); + throw new AccessDeniedException("TOKEN已过期,请重新登录~~~"); + } + } + } +} diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/UserLoginService.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/UserLoginService.java index 4bc1693a..541424af 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/UserLoginService.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/UserLoginService.java @@ -6,6 +6,8 @@ import com.daqing.framework.domain.hrms.UserEntity; import com.daqing.framework.domain.hrms.request.*; import com.daqing.framework.model.response.ResponseResult; +import java.util.Map; + /** * @auther River * @date 2020/9/22 15:00 @@ -23,5 +25,5 @@ public interface UserLoginService extends IService { int isPhoneExist(String mobile); - String wxAuthLogin(String encryptedData, String iv,String code); + Map wxAuthLogin(String encryptedData, String iv, String code); } diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java index 3fd05d67..98e6bc41 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java @@ -14,9 +14,7 @@ import com.daqing.financial.hrauth.model.HrmsAccessRecordsLog; import com.daqing.financial.hrauth.service.LoginLogService; import com.daqing.financial.hrauth.service.TokenService; import com.daqing.financial.hrauth.service.UserLoginService; -import com.daqing.financial.hrauth.util.AesCbcUtil; -import com.daqing.financial.hrauth.util.HttpRequest; -import com.daqing.financial.hrauth.util.HttpUtils; +import com.daqing.financial.hrauth.util.*; import com.daqing.framework.domain.hrms.*; import com.daqing.framework.domain.hrms.request.*; import com.daqing.framework.domain.hrms.response.HrmsCode; @@ -26,22 +24,17 @@ import com.daqing.framework.model.response.ResponseResult; import com.daqing.framework.util.JwtUtils; import com.daqing.framework.util.Md5Util; import com.daqing.framework.util.SendUtil; +import lombok.extern.java.Log; +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.lang.StringEscapeUtils; import org.apache.commons.lang3.StringUtils; -import org.apache.http.HttpEntity; -import org.apache.http.client.methods.CloseableHttpResponse; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import javax.annotation.Resource; -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; +import javax.servlet.http.HttpServletRequest; import java.util.*; /** @@ -171,7 +164,8 @@ public class UserLoginServiceImpl extends ServiceImpl } //登录成功,token生成 - long times = 86400; + long times = 86400;//24h + //long times =60;//1min if(loginRequest.getTenDayEffective() == 1){ times = 864000; } @@ -317,9 +311,9 @@ public class UserLoginServiceImpl extends ServiceImpl return userLoginDao.selectCount(mobile); } -/* @Override - public String wxAuthLogin(String encryptedData, String iv,String code) { - System.out.println("code==="+code+"encryptedData==="+encryptedData+"iv===="+iv); + @Override + public Map wxAuthLogin(String encryptedData, String iv,String code) { + System.out.println("code****"+code+"encryptedData**************"+encryptedData+"iv**********"+iv); System.out.println("来了小程序登录------------------------------------"); //微信那边的接口,grant_type=authorization_code是固定的 String url = String.format(weChatConfig.getWX_AUTH_URL(),weChatConfig.getXcxAppid(),weChatConfig.getXcxAppsecret(),code); @@ -345,15 +339,27 @@ public class UserLoginServiceImpl extends ServiceImpl Map map = new HashMap(); + //======================此处为死数据============================ + encryptedData="V6E2hVgfhatfPt/octP4c6881lJ1GCsYqtzY9MzqlWTpthAw5uWJLpRoXtmO5oM7XSHS6xKqh8YVzhKmrfzbb66574fbfE7n5ADSJYlsJwem1ifm3sypW9Ys3GSBwHaQ/x+Sn3rfs+HKMJgegGn+b3R5X7eXFhrA6lFnd+/xpYB4VWztFMsIyVT85Mlv5G3vp1FryctiGjWTFDDh1kAFXQ31Cso91SuAW2muSUaHh32pJ+WBrpZ7wrEZyyuqMqA0UpZve+gonUpZjnRWXewTTWm6jvc7lMQqFA1PD13pOGKYNKD/WxtaMXPWmvN+5WVwScH7ueEeppA1/aFwsMGnDBUU/+B04WxuQxo+M4b15vIq5GxI5Qvulv1taRdA5oiI10K+9UJAm+dz/2c2ZqEIiu+QTj9gvgbJsrIWMe0Wu5qmNTj/V97furJlcVaVvJvUy0N8zrqb7unAptjL0bQUvIB0ZXVgNbGEZLmAbpQhNgpIJ0ft6LiqvIzkrRYR+sIVr+mJrCoYxhyxB8cqsHJT2w=="; + session_key="Piqc8iFe6pN0i5ofq4Y6PA=="; + iv="Y37DfoP3+4ysUBo8YOnfiQ=="; + System.out.println("session_key======"+session_key+"openid===="+openid); + System.out.println("code****"+code+"encryptedData**************"+encryptedData+"iv**********"+iv); + //对encryptedData加密数据进行AES解密 try { - String result = AesCbcUtil.decrypt(encryptedData, session_key, iv, "UTF-8"); + String result = WXBizDataCrypt.getInstance().decrypt(encryptedData, session_key, iv, "utf-8"); + System.out.println("AES解密值==="+result); + //String result = AesCbcUtil.decrypt2(session_key,encryptedData, iv); + //String result = AesCbcUtil.decrypt(encryptedData, session_key, iv, "UTF-8"); if (null != result && result.length() > 0) { map.put("status", 1); map.put("msg", "解密成功"); + JSONObject userInfoJSON = JSONObject.parseObject(result); //JSONObject userInfoJSON = JSON.parseObject(result); - cn.hutool.json.JSONObject userInfoJSON = new cn.hutool.json.JSONObject(result); + //cn.hutool.json.JSONObject userInfoJSON = new cn.hutool.json.JSONObject(result); + System.out.println("userInfoJSON===="+userInfoJSON); Map userInfo = new HashMap(); userInfo.put("openId", userInfoJSON.get("openId")); userInfo.put("nickName", userInfoJSON.get("nickName")); @@ -376,10 +382,10 @@ public class UserLoginServiceImpl extends ServiceImpl e.printStackTrace(); } - System.out.println("map===================="+map.get("unionId")); + System.out.println("map===================="+map.get("userInfo")); - return null; - }*/ + return map; + } /* @Override public String wxAuthLogin(String encryptedData, String iv,String code) { @@ -420,7 +426,7 @@ public class UserLoginServiceImpl extends ServiceImpl return result.toString(); }*/ - @Override +/* @Override public String wxAuthLogin(String encryptedData, String iv,String code) { System.out.println(code); System.out.println("来了小程序登录------------------------------------"); @@ -436,6 +442,143 @@ public class UserLoginServiceImpl extends ServiceImpl System.out.println("小程序登录openId============="+openId+"unionId=============="+unionId+"baseMap============"+baseMap); return unionId; + }*/ +/* + *//** + * 1 先按照loginInfo信息查询有无有unionID + * 2 如果有,直接返回 ,程序结束 + * 3 如果没有,将用于解密的session_key获取 + * 4 根据userInfo拿取encryptedData等加密数据 + * 5 对加密数据进行逆解密 + * 6 拿到unionID 返回,程序结 + * + * userInfo TODO 注意一下:通过user.getInfo获取的和通过button授权获取的格式不一样 + * + *//* + @Override + public ResponseResult getUnionID(Long platformId, String userInfo, String loginInfo, HttpServletRequest request) { + + Map resLogign = null; + JSONObject resUserInfo = null; + + System.out.println("--------------->>>>>进入WeChatServiceImpl"); + resLogign = getUnionIDByLoginInfo(loginInfo, request); + // 加密session_key 解密需要 + String session_key = resLogign.get("session_key"); + if (StringUtils.isNotBlank(resLogign.get("unionid"))) { + System.out.println("返回数据,获取unionid,程序结束<<<------unionid={}"+resLogign.get("unionid")); + return ResponseResult.SUCCESS("获取unionid成功,返回数据!"+resLogign); + } else { + System.out.println("没有获取到unionid,userinfo进行对称解密操作start----->"); + + resUserInfo = decipherByUserInfo(session_key, userInfo, request); + if (resUserInfo != null && StringUtils.isNotEmpty(resUserInfo.toJSONString())) { + System.out.println("解密后的信息为resUserInfo:{}"+resUserInfo.toJSONString()); + // 解密信息由 data.get("unionid") 获取 + return ResponseResult.SUCCESS("获取解密信息成功"+resUserInfo); + } + } + return null; + } + *//** + * + * @param session_key + * @param userInfo + * @param request + * @return + *//* + private JSONObject decipherByUserInfo(String session_key, String userInfo, HttpServletRequest request) { + + System.out.println("--------------->>>>>进入 decipherByUserInfo"); + Map resUserInfo = new HashMap<>(); + + if (!userInfo.contains("login:ok")&&!userInfo.contains("getUserInfo:ok")) { + return null; + } + JSONObject jsonUserInfo = JSONObject.parseObject(userInfo); + System.out.println("将userInfo转换成JSON,userInfo:{}"+jsonUserInfo.toJSONString()); + String encryptedData = ""; + String iv = ""; + if (jsonUserInfo.get("detail") != null && StringUtils.isNotBlank(jsonUserInfo.get("detail").toString())) { + String detail = jsonUserInfo.get("detail").toString(); + + JSONObject parseObject = JSONObject.parseObject(detail); + encryptedData = (String) parseObject.get("encryptedData"); + iv = (String) parseObject.get("iv"); + } else { + encryptedData = (String) jsonUserInfo.get("encryptedData"); + iv = (String) jsonUserInfo.get("iv"); + } + System.out.println("获取解密数据解密start------------>>>解密需要的数据为:encryptedData:{},iv:{},session_key:{}"+"encryptedData===="+encryptedData+"iv===="+iv+"session_key===="+session_key); + // 被加密的数据 + byte[] dataByte = Base64.decodeBase64(encryptedData); + // 加密秘钥 + byte[] aeskey = Base64.decodeBase64(session_key); + // 偏移量 + byte[] ivByte = Base64.decodeBase64(iv); + System.out.println("对加密数据进行Base64编码完毕------------>>>dataByte:{},aeskey:{},ivByte:{}"+dataByte.toString()+aeskey.toString()+ivByte.toString()); + String newuserInfo = ""; + try { + AES aes = new AES(); + byte[] resultByte = aes.decrypt(dataByte, aeskey, ivByte); + if (null != resultByte && resultByte.length > 0) { + newuserInfo = new String(resultByte, "UTF-8"); + System.out.println("解密完毕,解密结果为newuserInfo:{}"+newuserInfo); + return JSONObject.parseObject(newuserInfo); + } + } catch (Exception e) { + System.out.println("解密异常!检查解密数据 {}"+newuserInfo+e); + e.printStackTrace(); + } + return null; } -} + *//** + * 根据logininfo 的code尝试获取unionID + * + * @param loginInfo + * @param request + * @return + *//* + private Map getUnionIDByLoginInfo(String loginInfo, HttpServletRequest request) { + JSONObject loginRes = null; + Map loginReq = new HashMap<>(); + Map loginResMap = new HashMap<>(); + + System.out.println("--------------->>>>>进入 getUnionIDByLoginInfo"); + + JSONObject loginMap = JSONObject.parseObject(loginInfo); + System.out.println("转换JSON完毕"); + + System.out.println("组装请求数据----start:"); + String resCode = (String) loginMap.get("code"); + loginReq.put("js_code", resCode); + loginReq.put("appid", weChatConfig.getXcxAppid()); // 这几个变量是自己去获取的 我做成了配置文件中 + loginReq.put("secret", weChatConfig.getXcxAppsecret()); // 去这个网址看参数说明: https://developers.weixin.qq.com/miniprogram/dev/api/api-login.html#wxloginobject + loginReq.put("grant_type", "authorization_code"); + System.out.println("组装请求参数完毕loginReq={}"+loginReq); + try { + + System.out.println("开始发送请求到微信...url={}"+weChatConfig.getWX_AUTH_URL()); + + loginRes = HttpClientUtils.doGet(SysConstants.WEICHAT_UNIONID_URL, loginReq); + } catch (Exception e) { + System.out.println("调用httpClient异常!异常信息={}"+e); + throw new RuntimeException(e); + } + String openid = (String) loginRes.get("openid"); + String session_key = (String) loginRes.get("session_key"); + String unionid = (String) loginRes.get("unionid"); + loginResMap.put("openid", openid); + loginResMap.put("unionid", unionid); + loginResMap.put("session_key", session_key); + System.out.println("https返回数据loginRes={}"+loginRes.toJSONString()); + // 微信建议不要在传输中有session_key,我们在这里做一个缓存数据key=session_key_safe,value="真实的session_key+真实的openid" + // TODO + // 时间问题,这里暂不处理 + // loginResMap.put("session_key", "session_key_safe"); + + return loginResMap; + }*/ + + } diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java index d1642a07..40a0d3f4 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java @@ -146,7 +146,8 @@ public class UserServiceImpl extends ServiceImpl imple return false; } String openId = (String) baseMap.get("openid"); - log.info(openId+"--------------------------------------------------------------------------------------------------"); + String unionId = (String) baseMap.get("unionid"); + log.info("openId========="+openId+"unionId===="+unionId); String md5OpenId = Md5Util.md5(openId); Integer countWeChatId = this.getBaseMapper().countWeChatId(md5OpenId); String token = this.getBaseMapper().getTokenByUserId(Long.parseLong(state)); diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AES.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AES.java new file mode 100644 index 00000000..75bc2081 --- /dev/null +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AES.java @@ -0,0 +1,73 @@ +package com.daqing.financial.hrauth.util; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.Security; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; + +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +public class AES { + public static boolean initialized = false; + + /** + * AES对称解密工具类 + * + * @param content + * 密文 + * @return + * @throws InvalidAlgorithmParameterException + * @throws NoSuchProviderException + */ + public byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException { + initialize(); + try { + // java是没有 + Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding"); + Key sKeySpec = new SecretKeySpec(keyByte, "AES"); + + cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化 + byte[] result = cipher.doFinal(content); + return result; + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } catch (NoSuchPaddingException e) { + e.printStackTrace(); + } catch (InvalidKeyException e) { + e.printStackTrace(); + } catch (IllegalBlockSizeException e) { + e.printStackTrace(); + } catch (BadPaddingException e) { + e.printStackTrace(); + } catch (NoSuchProviderException e) { + e.printStackTrace(); + } catch (Exception e) { + e.printStackTrace(); + } + return null; + } + + public static void initialize() { + if (initialized) + return; + Security.addProvider(new BouncyCastleProvider()); + initialized = true; + } + + // 生成iv + public static AlgorithmParameters generateIV(byte[] iv) throws Exception { + AlgorithmParameters params = AlgorithmParameters.getInstance("AES"); + params.init(new IvParameterSpec(iv)); + return params; + } +} \ No newline at end of file diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AesCbcUtil.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AesCbcUtil.java index 7dc84c7c..c8314a61 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AesCbcUtil.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AesCbcUtil.java @@ -3,15 +3,14 @@ package com.daqing.financial.hrauth.util; import org.apache.commons.codec.binary.Base64; import org.bouncycastle.jce.provider.BouncyCastleProvider; -import javax.crypto.BadPaddingException; -import javax.crypto.Cipher; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; +import javax.crypto.*; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import java.io.UnsupportedEncodingException; +import java.nio.charset.StandardCharsets; import java.security.*; import java.security.spec.InvalidParameterSpecException; +import java.util.Arrays; /** * Created by yfs on 2018/3/25. @@ -52,7 +51,6 @@ public class AesCbcUtil { try { Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding"); - //Cipher cipher = Cipher.getInstance("AES/ECB/ZeroBytePadding"); SecretKeySpec spec = new SecretKeySpec(keyByte, "AES"); @@ -60,7 +58,6 @@ public class AesCbcUtil { parameters.init(new IvParameterSpec(ivByte)); cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化 - //cipher.init(Cipher.ENCRYPT_MODE,key,new IvParameterSpec( java.util.Base64.Decoder.decode(IV.getBytes("UTF-8")))); byte[] resultByte = cipher.doFinal(dataByte); if (null != resultByte && resultByte.length > 0) { @@ -89,4 +86,86 @@ public class AesCbcUtil { return null; } + /** + * AES解密 + * + * @param encryptedData 消息密文 + * @param ivStr iv字符串 + */ + public static byte[] decrypt2(String sessionKey, String encryptedData, String ivStr) { + try { + AlgorithmParameters params = AlgorithmParameters.getInstance("AES"); + params.init(new IvParameterSpec(Base64.decodeBase64(ivStr))); + + Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); + cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(Base64.decodeBase64(sessionKey), "AES"), params); + + String encodingFormat = "UTF-8"; + byte[] resultByte = cipher.doFinal(Base64.decodeBase64(encryptedData)); + return resultByte; +/* System.out.println("resultByte===="+resultByte); + if (null != resultByte && resultByte.length > 0) { + String result = new String(resultByte, encodingFormat); + return result; + } + return null;*/ + //return new String(PKCS7Encoder.decode(cipher.doFinal(Base64.decodeBase64(encryptedData))), StandardCharsets.UTF_8); + } catch (Exception e) { + throw new RuntimeException("AES解密失败", e); + } + } + + + public static String decryptNew(String encryptedData, String sessionKey, String iv) throws Exception { + String result = ""; + // 被加密的数据 + byte[] dataByte = Base64.decodeBase64(encryptedData); + // 加密秘钥 + byte[] keyByte = Base64.decodeBase64(sessionKey); + // 偏移量 + byte[] ivByte = Base64.decodeBase64(iv); + try { + // 如果密钥不足16位,那么就补足. 这个if 中的内容很重要 + int base = 16; + if (keyByte.length % base != 0) { + int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0); + byte[] temp = new byte[groups * base]; + Arrays.fill(temp, (byte) 0); + System.arraycopy(keyByte, 0, temp, 0, keyByte.length); + keyByte = temp; + } + // 初始化 + Security.addProvider(new BouncyCastleProvider()); + Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC"); + SecretKeySpec spec = new SecretKeySpec(keyByte, "AES"); + AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES"); + parameters.init(new IvParameterSpec(ivByte)); + // 初始化 + cipher.init(Cipher.DECRYPT_MODE, spec, parameters); + byte[] resultByte = cipher.doFinal(dataByte); + if (null != resultByte && resultByte.length > 0) { + result = new String(resultByte, "UTF-8"); + } + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } catch (NoSuchPaddingException e) { + e.printStackTrace(); + } catch (InvalidParameterSpecException e) { + e.printStackTrace(); + } catch (IllegalBlockSizeException e) { + e.printStackTrace(); + } catch (BadPaddingException e) { + e.printStackTrace(); + } catch (UnsupportedEncodingException e) { + e.printStackTrace(); + } catch (InvalidKeyException e) { + e.printStackTrace(); + } catch (InvalidAlgorithmParameterException e) { + e.printStackTrace(); + } catch (NoSuchProviderException e) { + e.printStackTrace(); + } + return result; + } + } \ No newline at end of file diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/PKCS7Encoder.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/PKCS7Encoder.java new file mode 100644 index 00000000..967ee59d --- /dev/null +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/PKCS7Encoder.java @@ -0,0 +1,65 @@ +package com.daqing.financial.hrauth.util; +/** + * 对公众平台发送给公众账号的消息加解密示例代码. + * + * @copyright Copyright (c) 1998-2014 Tencent Inc. + */ + +import java.nio.charset.Charset; +import java.util.Arrays; + +/** + * 提供基于PKCS7算法的加解 + */ +public class PKCS7Encoder { + + private static final Charset CHARSET = Charset.forName("utf-8"); + private static final int BLOCK_SIZE = 32; + + /** + * 获得对明文进行补位填充的字节. + * + * @param count 需要进行填充补位操作的明文字节个数 + * @return 补齐用的字节数组 + */ + public static byte[] encode(int count) { + // 计算需要填充的位数 + int amountToPad = BLOCK_SIZE - (count % BLOCK_SIZE); + if (amountToPad == 0) { + amountToPad = BLOCK_SIZE; + } + // 获得补位所用的字符 + char padChr = chr(amountToPad); + String tmp = new String(); + for (int index = 0; index < amountToPad; index++) { + tmp += padChr; + } + return tmp.getBytes(CHARSET); + } + + /** + * 删除解密后明文的补位字符 + * + * @param decrypted 解密后的明文 + * @return 删除补位字符后的明文 + */ + public static byte[] decode(byte[] decrypted) { + int pad = decrypted[decrypted.length - 1]; + if (pad < 1 || pad > 32) { + pad = 0; + } + return Arrays.copyOfRange(decrypted, 0, decrypted.length - pad); + } + + /** + * 将数字转化成ASCII码对应的字符,用于对明文进行补码 + * + * @param a 需要转化的数字 + * @return 转化得到的字符 + */ + public static char chr(int a) { + byte target = (byte) (a & 0xFF); + return (char) target; + } + +} \ No newline at end of file diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/TestUtil.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/TestUtil.java new file mode 100644 index 00000000..b6093000 --- /dev/null +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/TestUtil.java @@ -0,0 +1,198 @@ +package com.daqing.financial.hrauth.util; + +import com.google.common.primitives.Bytes; +import org.apache.commons.codec.binary.Base64; + +import java.io.UnsupportedEncodingException; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.KeyGenerator; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; + +public class TestUtil { + /** + * 加密 + * + * @param content + * 需要加密的内容 + * @param password + * 加密密码 + * @return + */ + public static byte[] encrypt(String content, String password) { + try { + KeyGenerator kgen = KeyGenerator.getInstance("AES"); + kgen.init(128, new SecureRandom(password.getBytes())); + SecretKey secretKey = kgen.generateKey(); + byte[] enCodeFormat = secretKey.getEncoded(); + SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES"); + Cipher cipher = Cipher.getInstance("AES");// 创建密码器 + byte[] byteContent = content.getBytes("utf-8"); + cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化 + byte[] result = cipher.doFinal(byteContent); + return result; // 加密 + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } catch (NoSuchPaddingException e) { + e.printStackTrace(); + } catch (InvalidKeyException e) { + e.printStackTrace(); + } catch (UnsupportedEncodingException e) { + e.printStackTrace(); + } catch (IllegalBlockSizeException e) { + e.printStackTrace(); + } catch (BadPaddingException e) { + e.printStackTrace(); + } + return null; + } + + /** + * 解密 + * + * @param content + * 待解密内容 + * @param password + * 解密密钥 + * @return + */ + public static byte[] decrypt(byte[] content, String password) { + try { + KeyGenerator kgen = KeyGenerator.getInstance("AES"); + kgen.init(128, new SecureRandom(password.getBytes())); + SecretKey secretKey = kgen.generateKey(); + byte[] enCodeFormat = secretKey.getEncoded(); + SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES"); + Cipher cipher = Cipher.getInstance("AES");// 创建密码器 + cipher.init(Cipher.DECRYPT_MODE, key);// 初始化 + byte[] result = cipher.doFinal(content); + return result; // 加密 + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } catch (NoSuchPaddingException e) { + e.printStackTrace(); + } catch (InvalidKeyException e) { + e.printStackTrace(); + } catch (IllegalBlockSizeException e) { + e.printStackTrace(); + } catch (BadPaddingException e) { + e.printStackTrace(); + } + return null; + } + + /** + * 将二进制转换成16进制 + * + * @param buf + * @return + */ + public static String parseByte2HexStr(byte buf[]) { + StringBuffer sb = new StringBuffer(); + for (int i = 0; i < buf.length; i++) { + String hex = Integer.toHexString(buf[i] & 0xFF); + if (hex.length() == 1) { + hex = '0' + hex; + } + sb.append(hex.toUpperCase()); + } + return sb.toString(); + } + + /** + * 将16进制转换为二进制 + * + * @param hexStr + * @return + */ + public static byte[] parseHexStr2Byte(String hexStr) { + if (hexStr.length() < 1) + return null; + byte[] result = new byte[hexStr.length() / 2]; + for (int i = 0; i < hexStr.length() / 2; i++) { + int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16); + int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16); + result[i] = (byte) (high * 16 + low); + } + return result; + } + + /** + * 加密 + * + * @param content + * 需要加密的内容 + * @param password + * 加密密码 + * @return + */ + public static byte[] encrypt2(String content, String password) { + try { + SecretKeySpec key = new SecretKeySpec(password.getBytes(), "AES"); + Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding"); + byte[] byteContent = content.getBytes("utf-8"); + cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化 + byte[] result = cipher.doFinal(byteContent); + return result; // 加密 + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } catch (NoSuchPaddingException e) { + e.printStackTrace(); + } catch (InvalidKeyException e) { + e.printStackTrace(); + } catch (UnsupportedEncodingException e) { + e.printStackTrace(); + } catch (IllegalBlockSizeException e) { + e.printStackTrace(); + } catch (BadPaddingException e) { + e.printStackTrace(); + } + return null; + } + + public static void main(String[] args) throws UnsupportedEncodingException, InvalidAlgorithmParameterException { + String encryptedData="+WQuaG5Tr9EU6f+Cx7OR7O8/HbVAUK77P9/BRqhdA4qYKLcw0sbS1R5DfoU+D4HEpoUCXtmRH/gP" + + "eJqYFJpauBysbadiYrZ6wYWjp5wP+HgxWnfCOk7jwR8WUdvFFDuQMhAVudnFhhNP3g4iHfCeiU5yfmN4iw" + + "gpL4txJpuZDHhyjqBqGGxntyxgxHFonbFi94e+IaPrFqigvqJXI9RGW9eXUVhZEQGeadv+eW72ucPq90KGH" + + "wPj0uUMWRWPJC8ZWp+uRUbrENiKfo9QJqiMljq/wcbz4c/u/Wd7PF4o4s02uutMjsrpYdnpw20E7DDpUIBU" + + "fIkeDmIFOIEQYPAGbTFtbHwPyyrx/r+fSihmO6PRwAlUrfhCOZ3KNkmtqZPDjqfHGrW+MeiquW5vryXL8FWy++z" + + "OVdGzymGvW6E/hSVDoTNL4+zeuxhJAXCnuPjLtYeL0EkGam8ks0KDqhZy3gUwRwrM0HFzQ1IryTMsqeLCcLMm" + + "0vWG4PEuPv5j5+V66MTGYvyyM2v67zK7Z2cn2A=="; + String iv="zI+P8RVxEwMFBXcJDCemHg=="; + String session_key="Piqc8iFe6pN0i5ofq4Y6PA=="; + + String content = encryptedData; + String password = ""; + // 加密 + System.out.println("加密前:" + content); + byte[] encode = encrypt(content, password); + + //传输过程,不转成16进制的字符串,就等着程序崩溃掉吧 + String code = parseByte2HexStr(encode); + System.out.println("密文字符串:" + code); + byte[] decode = parseHexStr2Byte(code); + // 解密 + byte[] decryptResult = decrypt(decode, password); + System.out.println("decryptResult==="+decryptResult); + System.out.println("解密后:" + new String(decryptResult, "UTF-8")); //不转码会乱码 + System.out.println("========================================================="); + + byte[] dataByte = Base64.decodeBase64(session_key); + //byte[] d = TestUtil.parseHexStr2Byte(encryptedData); + byte[] dr = decrypt(dataByte, ""); + //String re = new String(dr, "UTF-8"); + //System.out.println("result====="+re); + + + + + } +} \ No newline at end of file diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXBizDataCrypt.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXBizDataCrypt.java new file mode 100644 index 00000000..db419bdc --- /dev/null +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXBizDataCrypt.java @@ -0,0 +1,115 @@ +package com.daqing.financial.hrauth.util; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; + +import sun.misc.BASE64Decoder; +import com.alibaba.fastjson.JSONObject; + +/** + * 对微信小程序用户加密数据的解密示例代码. + * + * @ClassName WXBizDataCrypt + * @Description TODO(这里用一句话描述这个类的作用) + * @author tf + * @Date 2016年11月19日 下午2:56:36 + * @version 1.0.0 + */ +@SuppressWarnings("restriction") +public class WXBizDataCrypt { + /* + * 加密用的Key 可以用26个字母和数字组成 此处使用AES-128-CBC加密模式,key需要为16位。 + */ + private static WXBizDataCrypt instance = null; + + private WXBizDataCrypt() { + + } + + public static WXBizDataCrypt getInstance() { + if (instance == null) + instance = new WXBizDataCrypt(); + return instance; + } + + /** + * 对于官方加密数据(encryptData)解密说明如下: 加密数据解密算法 接口如果涉及敏感数据(如wx.getUserInfo当中的 + * openId 和unionId ),接口的明文内容将不包含这些敏感数据。开发者如需要获取敏感数据,需要对接口返回的加密数据( + * encryptedData )进行对称解密。 解密算法如下: 对称解密使用的算法为 AES-128-CBC,数据采用PKCS#7填充。 + * 对称解密的目标密文为 Base64_Decode(encryptedData), 对称解密秘钥 aeskey = + * Base64_Decode(session_key), aeskey 是16字节 对称解密算法初始向量 iv 会在数据接口中返回。 + * + * @Description (TODO这里用一句话描述这个方法的作用) + * @param encryptedData + * 加密内容 + * @param sessionKey + * 小程序登录sessionKey + * @param iv + * 解密算法初始向量 iv 会在数据接口中返回。 + * @param encodingFormat + * 编码格式默认UTF-8 + * @return 返回解密后的字符串 + * @throws Exception + */ + public String decrypt(String encryptedData, String sessionKey, String iv, String encodingFormat) throws Exception { + try { + Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); + BASE64Decoder base64Decoder = new BASE64Decoder(); + byte[] _encryptedData = base64Decoder.decodeBuffer(encryptedData); + byte[] _sessionKey = base64Decoder.decodeBuffer(sessionKey); + byte[] _iv = base64Decoder.decodeBuffer(iv); + SecretKeySpec secretKeySpec = new SecretKeySpec(_sessionKey, "AES"); + IvParameterSpec ivParameterSpec = new IvParameterSpec(_iv); + cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec); + byte[] original = cipher.doFinal(_encryptedData); + byte[] bytes = PKCS7Encoder.decode(original); + String originalString = new String(bytes, "ISO-8859-1"); + return originalString; + } catch (Exception ex) { + return null; + } + } + + public static void main(String[] args) throws Exception { + // 需要加密的字串 + // String appid = "wx4f4bc4dec97d474b"; +/* String sessionKey = "tiihtNczf5v6AKRyjwEUhQ=="; + + String encryptedData = "CiyLU1Aw2KjvrjMdj8YKliAjtP4gsMZM" + "QmRzooG2xrDcvSnxIMXFufNstNGTyaGS" + + "9uT5geRa0W4oTOb1WT7fJlAC+oNPdbB+" + "3hVbJSRgv+4lGOETKUQz6OYStslQ142d" + + "NCuabNPGBzlooOmB231qMM85d2/fV6Ch" + "evvXvQP8Hkue1poOFtnEtpyxVLW1zAo6" + + "/1Xx1COxFvrc2d7UL/lmHInNlxuacJXw" + "u0fjpXfz/YqYzBIBzD6WUfTIF9GRHpOn" + + "/Hz7saL8xz+W//FRAUid1OksQaQx4CMs" + "8LOddcQhULW4ucetDf96JcR3g0gfRK4P" + + "C7E/r7Z6xNrXd2UIeorGj5Ef7b1pJAYB" + "6Y5anaHqZ9J6nKEBvB4DnNLIVWSgARns" + + "/8wR2SiRS7MNACwTyrGvt9ts8p12PKFd" + "lqYTopNHR1Vf7XjfhQlVsAJdNiKdYmYV" + + "oKlaRv85IfVunYzO0IKXsyl7JCUjCpoG" + "20f0a04COwfneQAGGwd5oa+T8yO5hzuy" + "Db/XcxxmK01EpqOyuxINew=="; + + String iv = "r7BXXKkLb8qrSNn05n0qiA==";*/ + +/* String encryptedData="+WQuaG5Tr9EU6f+Cx7OR7O8/HbVAUK77P9/BRqhdA4qYKLcw0sbS1R5DfoU+D4HEpoUCXtmRH/gP" + + "eJqYFJpauBysbadiYrZ6wYWjp5wP+HgxWnfCOk7jwR8WUdvFFDuQMhAVudnFhhNP3g4iHfCeiU5yfmN4iw" + + "gpL4txJpuZDHhyjqBqGGxntyxgxHFonbFi94e+IaPrFqigvqJXI9RGW9eXUVhZEQGeadv+eW72ucPq90KGH" + + "wPj0uUMWRWPJC8ZWp+uRUbrENiKfo9QJqiMljq/wcbz4c/u/Wd7PF4o4s02uutMjsrpYdnpw20E7DDpUIBU" + + "fIkeDmIFOIEQYPAGbTFtbHwPyyrx/r+fSihmO6PRwAlUrfhCOZ3KNkmtqZPDjqfHGrW+MeiquW5vryXL8FWy++z" + + "OVdGzymGvW6E/hSVDoTNL4+zeuxhJAXCnuPjLtYeL0EkGam8ks0KDqhZy3gUwRwrM0HFzQ1IryTMsqeLCcLMm" + + "0vWG4PEuPv5j5+V66MTGYvyyM2v67zK7Z2cn2A=="; + String iv="zI+P8RVxEwMFBXcJDCemHg=="; + String sessionKey="Piqc8iFe6pN0i5ofq4Y6PA==";*/ + + String iv="Y37DfoP3+4ysUBo8YOnfiQ=="; + String sessionKey="Piqc8iFe6pN0i5ofq4Y6PA=="; + String encryptedData="V6E2hVgfhatfPt/octP4c6881lJ1GCsYqtzY9MzqlWTpthAw5uWJLpRoXtmO5oM7XSHS6xKqh8YVzhKmrfzbb66574fbfE7n5ADSJYlsJwem1ifm3sypW9Ys3GSBwHaQ/x+Sn3rfs+HKMJgegGn+b3R5X7eXFhrA6lFnd+/xpYB4VWztFMsIyVT85Mlv5G3vp1FryctiGjWTFDDh1kAFXQ31Cso91SuAW2muSUaHh32pJ+WBrpZ7wrEZyyuqMqA0UpZve+gonUpZjnRWXewTTWm6jvc7lMQqFA1PD13pOGKYNKD/WxtaMXPWmvN+5WVwScH7ueEeppA1/aFwsMGnDBUU/+B04WxuQxo+M4b15vIq5GxI5Qvulv1taRdA5oiI10K+9UJAm+dz/2c2ZqEIiu+QTj9gvgbJsrIWMe0Wu5qmNTj/V97furJlcVaVvJvUy0N8zrqb7unAptjL0bQUvIB0ZXVgNbGEZLmAbpQhNgpIJ0ft6LiqvIzkrRYR+sIVr+mJrCoYxhyxB8cqsHJT2w=="; + +/* String iv="sAUv8qjwP8j/Ql9KLgA4iQ=="; + String sessionKey="H5lUk3IPIIENRdLxzLi2Hg=="; + String encryptedData="QygyXroVw0DNuwO4mlZDBX9wy8XYYE+AA0D738aAKe4icD9UPhtFywJ49UbmT7syv+fb4cn+3ao/w0aQCceh/dEsUhdSWsqAQZtaaXGeCHzi1iGdznIVD06ZYUdgZrJ7rY8Ie9w5/SYVSdSn5pyGovNCohUW4fp2CVowzwrRydsngDDWYjutkSfdvKgT19sCwuOOqZTzDM3gRqIUxwfrjKaDaoCPfa6z+otC0F/BtZYiiqd3MQIMJ0+JSll3ZVrpQKitBhc1EydxN3WSayxhYc4fiEa0YHoXaci0C/6bAfedgGQhejK6hSPLXr/TC++I0lfWnCS/2aidIsifLfyNg2/84yc5mWY5snoc9QeyAoXHczL62n1RwGBetE1Sq7q/sRn9XOFvM0kJ6UOS0n3FvMrH7716hBjUIP/lIf7hAH2IBbnPWyk5iKrMYt/T1Ky5e+RjBwnqJCyYTAxrvEczj2IQPwpGS3B3KWNTGGaK42Sf07w6ID37J3bWsPDAllZUSDhm67vmUjH8AyPTPsGPOg=="; + */ + +/* String iv="amXf/b7Ollz6WV6e9ZCosg=="; + String sessionKey="H8d5dQnmec8Wtm1Ac1IaxQ=="; + String encryptedData="/xY631in/VQwauJfAsB9gGH8XpFAzZUprSYBoZzfbDbx60xsBpaikxnn1K+00MMzZ9hAVV4RRKRp+4qaoj+iSuJArgKlZByXaPQa4TxV7JGEuAA2qByTNHK/H2hrFdAxEDERwk7DjYqq1OhMO5n4pTRPxVUZ5ovKm81oOxVw77TjfkkQlgd2Uab/Oe7eM59HkoDQQDC9H2f4q7KmX7sHUuUWmMhEa8+rsJBMy2CWfTvfJpKE9BqNuNOHrXILMpvNm4vKcsc5DB6QzjbwJq8BLCLbmcE3Fa4ZQzcVW2Zi5lT0sOMX/kytgaceo/Rw3VpLkBwwRTsZDB7p+KRUbJYG7f3iSMWYveH09vL8dU+s9ZRO1FCgkyOj5jcpRAKEUAT2njdK4ozXYu+/qMUPeCp00G1NNlDq7gvBnhzYbQzg4+InTmENDYlckAIktBxa3ENWpDjiYWHBSHwbA/gJpAKoZz/oNUrBnPIH91UqRjGQXhdVnBQxeyMcnPuVrk3D51r5Ki3aAuwvB1l6+TWA//RcjTfSQtQnJ/yFctMmk3A7OGo="; + */String deString = WXBizDataCrypt.getInstance().decrypt(encryptedData, sessionKey, iv, "utf-8"); + JSONObject jsonObject = JSONObject.parseObject(deString); + System.out.println(jsonObject); + } +} \ No newline at end of file diff --git a/dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/DqFinancialHrmsAuthApplicationTests.java b/dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/DqFinancialHrmsAuthApplicationTests.java index 23d264aa..d7e65c5a 100644 --- a/dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/DqFinancialHrmsAuthApplicationTests.java +++ b/dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/DqFinancialHrmsAuthApplicationTests.java @@ -1,34 +1,132 @@ package com.daqing.financial.hrauth; import com.daqing.financial.hrauth.util.AesCbcUtil; -import org.junit.Test; -import org.springframework.boot.test.context.SpringBootTest; +import io.swagger.models.auth.In; -/*@SpringBootTest -class DqFinancialHrmsAuthApplicationTests { +import java.io.BufferedReader; +import java.io.FileNotFoundException; +import java.io.FileReader; +import java.util.*; +import java.util.regex.Pattern; +import java.util.stream.Stream; - @Test - void contextLoads() throws Exception { - - String encryptedData="m7CF698f222KiEse8aFLIwSiXjxojbFesVpHltvrKPqKH3OclT7Qc+UhOw+MbxRAOSKgMb+erVYXYcrPwQ6TSF4VBt9Lzv0GdxJf82876SgANFURjVZBXKSwp0snxw/9wdfTGV2t7nIbpbUfBFD0QEi4rrsD8hZdPr4s/WLtHcpcvRkJvb3KDRw+PsnTyBtFOnXnv5sOJW84uy9OGuTTV8s0miqZCy//xZU2DJ3EZsg3Rp9E5xe0jMLtLOfvQEf5tM/pPw9hCkWbbBJEBSUn5IkSgkt3jAasjoWOSuDzw+MAJvnT7byJ7bvOSbEY14RAZzX6sZYw8Rd/n9fOssZivfF+F2HIfHhWuBNcGhNYTIYXtJsvmhtT5Wo4mMnq0j/TElZOoAjc385xkluHNRB/T+PVo+FEkRZgiugAOzOPn24WjZU7nbPrtoEYH5Bcdfcf3quP4hQAIQd6EvkfdnRti+Mfn925llWSS+fa+AV3hx0mwtFkk1VFMBuLPjL2nvvvUl4NkoMVzw0NRGPpeiS+DA=="; - String iv="jh3Io5uYeMSbU903QXpewA=="; - String session_key="LKv54UbAoCTx4yz5mi6S1A=="; +class DqFinancialHrmsAuthApplicationTests{ + public static void main(String[] args) throws Exception { + String encryptedData="+WQuaG5Tr9EU6f+Cx7OR7O8/HbVAUK77P9/BRqhdA4qYKLcw0sbS1R5DfoU+D4HEpoUCXtmRH/gPeJqYFJpauBysbadiYrZ6wYWjp5wP+HgxWnfCOk7jwR8WUdvFFDuQMhAVudnFhhNP3g4iHfCeiU5yfmN4iwgpL4txJpuZDHhyjqBqGGxntyxgxHFonbFi94e+IaPrFqigvqJXI9RGW9eXUVhZEQGeadv+eW72ucPq90KGHwPj0uUMWRWPJC8ZWp+uRUbrENiKfo9QJqiMljq/wcbz4c/u/Wd7PF4o4s02uutMjsrpYdnpw20E7DDpUIBUfIkeDmIFOIEQYPAGbTFtbHwPyyrx/r+fSihmO6PRwAlUrfhCOZ3KNkmtqZPDjqfHGrW+MeiquW5vryXL8FWy++zOVdGzymGvW6E/hSVDoTNL4+zeuxhJAXCnuPjLtYeL0EkGam8ks0KDqhZy3gUwRwrM0HFzQ1IryTMsqeLCcLMm0vWG4PEuPv5j5+V66MTGYvyyM2v67zK7Z2cn2A=="; + String iv="zI+P8RVxEwMFBXcJDCemHg=="; + String session_key="Piqc8iFe6pN0i5ofq4Y6PA=="; - String result = AesCbcUtil.decrypt(encryptedData, session_key, iv, "UTF-8"); +/* String result = AesCbcUtil.decrypt2(session_key,encryptedData,iv); + String s2 = new String(result.getBytes("UTF-8"),"GBK"); System.out.println(result); + System.out.println(s2);*/ } -}*/ +/* public static void main(String[] args) { + //=================================流的常用创建方法======================================= + //1,使用Collection下的stream()和parallelStream()操作 + List list = new ArrayList(); + Stream stream = list.stream();//获取一个顺序流 + Stream parallelStream = list.parallelStream();//获取一个并行流 -class DqFinancialHrmsAuthApplicationTests{ - public static void main(String[] args) throws Exception { - String encryptedData="m7CF698f222KiEse8aFLIwSiXjxojbFesVpHltvrKPqKH3OclT7Qc+UhOw+MbxRAOSKgMb+erVYXYcrPwQ6TSF4VBt9Lzv0GdxJf82876SgANFURjVZBXKSwp0snxw/9wdfTGV2t7nIbpbUfBFD0QEi4rrsD8hZdPr4s/WLtHcpcvRkJvb3KDRw+PsnTyBtFOnXnv5sOJW84uy9OGuTTV8s0miqZCy//xZU2DJ3EZsg3Rp9E5xe0jMLtLOfvQEf5tM/pPw9hCkWbbBJEBSUn5IkSgkt3jAasjoWOSuDzw+MAJvnT7byJ7bvOSbEY14RAZzX6sZYw8Rd/n9fOssZivfF+F2HIfHhWuBNcGhNYTIYXtJsvmhtT5Wo4mMnq0j/TElZOoAjc385xkluHNRB/T+PVo+FEkRZgiugAOzOPn24WjZU7nbPrtoEYH5Bcdfcf3quP4hQAIQd6EvkfdnRti+Mfn925llWSS+fa+AV3hx0mwtFkk1VFMBuLPjL2nvvvUl4NkoMVzw0NRGPpeiS+DA=="; - String iv="jh3Io5uYeMSbU903QXpewA=="; - String session_key="LKv54UbAoCTx4yz5mi6S1A=="; + //2,使用Arrays中的stream()方法,将数组转成流 + Integer[]num = new Integer[10]; + Stream stream1 = Arrays.stream(num); + //System.out.println("stream1==="+stream1); + //3,使用Stream中的静态方法:如of(),iterate(),generate() + Streamstream2 = Stream.of(1,2,3,4,5,6); + //stream2.forEach(System.out::println); + //stream2.forEach((t)->System.out.println(t));每次创建的stream只能使用一次,否则报错stream has already been operated upon or closed - String result = AesCbcUtil.decrypt(encryptedData, session_key, iv, "UTF-8"); - System.out.println(result); - } + Streamstream3 = Stream.iterate(0,(x)->x+2).limit(8); + //stream3.forEach(System.out::println); + + Streamstream4 = Stream.generate(Math::random).limit(2); +// stream4.forEach((t)->System.out.println(t)); + + //4,使用BufferedReader.lines()方法,将每行内容转成流 + BufferedReader reader=null; + try { + reader = new BufferedReader(new FileReader("D:\\myfile\\工作文档.txt")); + } catch (FileNotFoundException e) { + e.printStackTrace(); + } + StreamlineStream = reader.lines(); + //lineStream.forEach(System.out::println); + + //5,使用Pattern.splitAsStream()方法,将字符串分隔成流 + Pattern pattern = Pattern.compile(","); + Stream stream5 = pattern.splitAsStream("漆柒,菜园子"); +// stream5.forEach(System.out::println); + + //=================================流的中间操作======================================== + //1,筛选与切片 + Stream stream6 = Stream.of(6, 4, 6, 7, 3, 9, 8, 10, 12, 14, 14, 20, 3); + Stream newStream = stream6.filter(t -> t>5)//6, 6, 7, 9, 8, 10, 12, 14, 14, 20 + .distinct()//6, 7, 9, 8, 10, 12, 14, 20 + .skip(2)//9, 8, 10, 12, 14, 20 + .limit(5);//9, 8, 10, 12, 14 + //filter:过滤流中的某些元素,limit(n):获取n个元素,skip(n):跳过n元素,配合limit(n)可做分页,distinct:通过流中元素的hashCode()和equals()去重 +// newStream.forEach(System.out::println); + + //2,映射 + List list2 = Arrays.asList("a,b,c", "1,2,3"); + //将每个元素转成一个新的且不带括号的元素 + Stream streamMap = list2.stream().map(s->s.replaceAll(",","")); +// streamMap.forEach(System.out::println); + + Stream streamFlatMap = list2.stream().flatMap(s->{ + //将每个元素转换成一个Stream流 + String[]split = s.split(","); + Streamss = Arrays.stream(split); + return ss; + }); +// streamFlatMap.forEach(System.out::println); + + //3,排序 + Listlist3=Arrays.asList("az","fb","de"); + Streamstream7 = list3.stream().sorted(); +// stream7.forEach(System.out::println); + + Student s1 = new Student("aa",10); + Student s2 = new Student("bb",20); + Student s3 = new Student("aa",30); + Student s4 = new Student("dd",40); + ListpojoList = Arrays.asList(s1,s2,s3,s4); + + //自定义排序,先按姓名升序,姓名相同的按年龄升序 + //jdk8新操作 + pojoList.stream().sorted( + (o1,o2)->{ + if(o1.getName().equals(o2.getName())){ + return o1.getAge()-o2.getAge(); + }else{ + return o1.getName().compareTo(o2.getName()); + } + }); + + //jdk7骚操作 + Collections.sort(pojoList, new Comparator() { + @Override + public int compare(Student o1, Student o2) { + if(o1.getName().equals(o2.getName())){ + return o1.getAge()-o2.getAge(); + }else{ + return o1.getName().compareTo(o2.getName()); + } + } + }); + + //4,消费 peek + List studentList = Arrays.asList(s1,s2); + studentList.stream().peek(s->s.setAge(100)); + + //===================================流的终止操作===================================== + //1,匹配,聚合操作 + + + + }*/ } \ No newline at end of file diff --git a/dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/Student.java b/dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/Student.java new file mode 100644 index 00000000..00169159 --- /dev/null +++ b/dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/Student.java @@ -0,0 +1,41 @@ +package com.daqing.financial.hrauth; + +import com.baomidou.mybatisplus.annotation.IdType; +import com.baomidou.mybatisplus.annotation.TableId; +import io.swagger.annotations.ApiModelProperty; +import lombok.Data; + +import java.io.Serializable; + +/** + * 记录部门信息 + * + * @author gongsj + * @email gongsj@gmail.com + * @date 2020-09-07 17:12:14 + */ +@Data +public class Student implements Serializable { + private static final long serialVersionUID = 1L; + + public Student(String name, Integer age) { + this.name = name; + this.age = age; + } + + /** + * 主键 + */ + @TableId(value = "id", type = IdType.AUTO) + private Long id; + /** + * 部门名称 + */ + @ApiModelProperty(value = "部门名称") + private String name; + /** + * 上级部门id + */ + private Integer age; + +} diff --git a/dq-framework-model/src/main/java/com/daqing/framework/domain/crms/CrmsCompanyPersonal.java b/dq-framework-model/src/main/java/com/daqing/framework/domain/crms/CrmsCompanyPersonal.java index e559678b..2252dd82 100644 --- a/dq-framework-model/src/main/java/com/daqing/framework/domain/crms/CrmsCompanyPersonal.java +++ b/dq-framework-model/src/main/java/com/daqing/framework/domain/crms/CrmsCompanyPersonal.java @@ -3,6 +3,7 @@ package com.daqing.framework.domain.crms; import com.baomidou.mybatisplus.annotation.IdType; import com.baomidou.mybatisplus.annotation.TableId; import com.baomidou.mybatisplus.annotation.TableName; +import com.fasterxml.jackson.annotation.JsonFormat; import io.swagger.annotations.ApiModelProperty; import lombok.Data; @@ -58,6 +59,7 @@ public class CrmsCompanyPersonal implements Serializable { * 注册时间 */ @ApiModelProperty(value = "注册时间") + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8") private Date registeredTime; /** diff --git a/dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgApplyAmountList.java b/dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgApplyAmountList.java index 6de4af6f..2b05eb9f 100644 --- a/dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgApplyAmountList.java +++ b/dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgApplyAmountList.java @@ -81,4 +81,6 @@ public class DgApplyAmountList implements Serializable { @ApiModelProperty(value = "更新时间") @TableField(fill = FieldFill.INSERT_UPDATE) private Date updateTime; + + private Integer ver; } diff --git a/dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgBusinessCompany.java b/dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgBusinessCompany.java index b0a72436..b3ca72d2 100644 --- a/dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgBusinessCompany.java +++ b/dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgBusinessCompany.java @@ -3,6 +3,7 @@ package com.daqing.framework.domain.guarantee; import com.baomidou.mybatisplus.annotation.IdType; import com.baomidou.mybatisplus.annotation.TableId; import com.baomidou.mybatisplus.annotation.TableName; +import com.fasterxml.jackson.annotation.JsonFormat; import lombok.Data; import java.io.Serializable; @@ -76,6 +77,7 @@ public class DgBusinessCompany implements Serializable { /** * 注册时间 */ + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8") private Date registerTime; /** diff --git a/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java b/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java index 679040c6..6d20259e 100644 --- a/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java +++ b/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java @@ -79,6 +79,8 @@ public enum HrmsCode implements ResultCode { EMP_POSITION_EXSIT(false, 22006, "该职位下已关联员工!"), ROLE_EMP_LINK(false,44003,"该角色关联业务管理模块,不能删除!"), + TOKEN_EXCEPTION(false,401,"TOKEN已过期,请重新登录!"), + EMP_SAME(false, 51001, "A,B角不能选同一个人!"), EMP_TO_BE_CHOOSE(false, 51002, "该用户已经被指派!");