From 04916e9bd9b4c445bc4c8ce3b76d7e921b8bf8e4 Mon Sep 17 00:00:00 2001 From: shijie <648688341@qq.com> Date: Thu, 8 Apr 2021 18:26:03 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E6=B6=88=E6=81=AF=E8=AE=A2=E9=98=85?= =?UTF-8?q?=E9=85=8D=E7=BD=AE=E9=AA=8C=E8=AF=81Token?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/UserLoginController.java | 5 +- .../hrauth/controller/WXTokenController.java | 31 ++++++++++++ .../hrauth/service/impl/UserServiceImpl.java | 15 +++--- .../daqing/financial/hrauth/util/SHA1.java | 47 +++++++++++++++++++ .../financial/hrauth/util/WXPublicUtils.java | 24 ++++++++++ .../model/response/PromptSuccess.java | 10 ++-- .../src/main/resources/jwt.properties | 3 +- 7 files changed, 116 insertions(+), 19 deletions(-) create mode 100644 dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/WXTokenController.java create mode 100644 dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/SHA1.java create mode 100644 dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXPublicUtils.java diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java index 0c0fddae..7e560d8c 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java @@ -140,10 +140,9 @@ public class UserLoginController implements UserLoginControllerApi { headerImg = URLDecoder.decode(imgUrl,encoder); //account = new String(username.getBytes("GBK"),"iso-8859-1"); log.info("account==========="+account+"headerImg============="+headerImg); - //response.sendRedirect("http://8.129.127.185/dq/index.html#/login?token="+token+"&account="+account+"&headerImg="+headerImg); - response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/login?token="+token+"&account="+account+"&headerImg="+headerImg); +// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/login?token="+token+"&account="+account+"&headerImg="+headerImg); // response.sendRedirect("https://www.huorantech.cn/index/#/login?token="+token+"&account="+account+"&headerImg="+headerImg); -// response.sendRedirect("https://www.feifanhitech.com/index/#/login?token="+token+"&account="+account+"&headerImg="+headerImg); + response.sendRedirect("https://www.feifanhitech.com/index/#/login?token="+token+"&account="+account+"&headerImg="+headerImg); } }else { userService.weChatBinding(code,response,state); diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/WXTokenController.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/WXTokenController.java new file mode 100644 index 00000000..95a71bfc --- /dev/null +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/WXTokenController.java @@ -0,0 +1,31 @@ +package com.daqing.financial.hrauth.controller; + + +import com.daqing.financial.hrauth.util.WXPublicUtils; +import io.swagger.annotations.Api; +import lombok.extern.slf4j.Slf4j; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import javax.servlet.http.HttpServletRequest; + +@RestController +@RequestMapping("/wxpublic") +@Api(tags = "验证公众平台token") +@Slf4j +public class WXTokenController { + @RequestMapping("/verify_wx_token") + public String verifyWXToken(HttpServletRequest request) { + String msgSignature = request.getParameter("signature"); + String msgTimestamp = request.getParameter("timestamp"); + String msgNonce = request.getParameter("nonce"); + String echostr = request.getParameter("echostr"); + if (WXPublicUtils.verifyUrl(msgSignature, msgTimestamp, msgNonce)) { + return echostr; + } + return null; + } + +} + + diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java index e2d7acba..f1bf97c6 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java @@ -94,10 +94,9 @@ public class UserServiceImpl extends ServiceImpl imple if(dbUser == null){//openId不存在,返回绑定手机号页面,须另写绑定手机号接口 log.info("dbUser为空,openId不存在,请先绑定手机号哦~~~"); try { -// response.sendRedirect("https://www.feifanhitech.com/index/#/bind-phone?matched="+md5UnionId); + response.sendRedirect("https://www.feifanhitech.com/index/#/bind-phone?matched="+md5UnionId); // response.sendRedirect("https://www.huorantech.cn/index/#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面 - //response.sendRedirect("http://8.129.127.185/dq/index.html#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面 - response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面 +// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面 } catch (IOException e) { e.printStackTrace(); } @@ -163,9 +162,8 @@ public class UserServiceImpl extends ServiceImpl imple try { log.info("微信重复了,我走到了这里............................."); // response.sendRedirect("https://www.huorantech.cn/index/#/workbench-manpower?token="+token+"&message=1"); - //response.sendRedirect("http://8.129.127.185/dq/index.html#/workbench-manpower?token="+token+"&message=1"); - response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token+"&message=1"); -// response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token+"&message=1"); +// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token+"&message=1"); + response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token+"&message=1"); } catch (IOException e) { e.printStackTrace(); } @@ -176,9 +174,8 @@ public class UserServiceImpl extends ServiceImpl imple try { log.info("转发成功---------------------------------------"); // response.sendRedirect("https://www.huorantech.cn/index/#/workbench-manpower?token="+token); - //response.sendRedirect("http://8.129.127.185/dq/index.html#/workbench-manpower?token="+token); - response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token); -// response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token); +// response.sendRedirect("https://test.feifanhitech.com/dq/index.html#/workbench-manpower?token="+token); + response.sendRedirect("https://www.feifanhitech.com/index/#/workbench-manpower?token="+token); }catch (IOException e){ e.printStackTrace(); } diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/SHA1.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/SHA1.java new file mode 100644 index 00000000..d625e054 --- /dev/null +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/SHA1.java @@ -0,0 +1,47 @@ +package com.daqing.financial.hrauth.util; + + +import java.security.MessageDigest; +import java.util.Arrays; + +public class SHA1 { + + /** + * 用SHA1算法验证Token + * + * @param token 票据 + * @param timestamp 时间戳 + * @param nonce 随机字符串 + * @return 安全签名 + */ + public static String getSHA1(String token, String timestamp, String nonce) { + try { + String[] array = new String[]{token, timestamp, nonce}; + StringBuffer sb = new StringBuffer(); + // 字符串排序 + Arrays.sort(array); + for (int i = 0; i < 3; i++) { + sb.append(array[i]); + } + String str = sb.toString(); + // SHA1签名生成 + MessageDigest md = MessageDigest.getInstance("SHA-1"); + md.update(str.getBytes()); + byte[] digest = md.digest(); + + StringBuffer hexstr = new StringBuffer(); + String shaHex = ""; + for (int i = 0; i < digest.length; i++) { + shaHex = Integer.toHexString(digest[i] & 0xFF); + if (shaHex.length() < 2) { + hexstr.append(0); + } + hexstr.append(shaHex); + } + return hexstr.toString(); + } catch (Exception e) { + e.printStackTrace(); + throw new IllegalArgumentException("用SHA1算法验证Token异常"); + } + } +} diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXPublicUtils.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXPublicUtils.java new file mode 100644 index 00000000..0bbb4f91 --- /dev/null +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXPublicUtils.java @@ -0,0 +1,24 @@ +package com.daqing.financial.hrauth.util; + + + +public class WXPublicUtils { + + /** + * 验证Token + * @param msgSignature 签名串,对应URL参数的signature + * @param timeStamp 时间戳,对应URL参数的timestamp + * @param nonce 随机串,对应URL参数的nonce + * + * @return 是否为安全签名 + */ + public static boolean verifyUrl(String msgSignature, String timeStamp, String nonce){ + // 这里的 WXPublicConstants.TOKEN 填写你自己设置的Token就可以了 + String signature = SHA1.getSHA1("123456", timeStamp, nonce); + if (!signature.equals(msgSignature)) { +// throw new AesException(AesException.ValidateSignatureError); + throw new IllegalArgumentException("验证Token异常"); + } + return true; + } +} diff --git a/dq-framework-common/src/main/java/com/daqing/framework/model/response/PromptSuccess.java b/dq-framework-common/src/main/java/com/daqing/framework/model/response/PromptSuccess.java index fcc1adef..fd5986aa 100644 --- a/dq-framework-common/src/main/java/com/daqing/framework/model/response/PromptSuccess.java +++ b/dq-framework-common/src/main/java/com/daqing/framework/model/response/PromptSuccess.java @@ -33,18 +33,16 @@ public class PromptSuccess { public static final String UPLOAD_FILE_PATH = "//usr//local//nginx//html//admin//headImg//"; // linux图片存放路径 // public static final String IMAGE_URL_PATH = "https://www.huorantech.cn/headImg/"; // 数据库/预加载图片路径 - //public static final String IMAGE_URL_PATH = "http://8.129.127.185/headImg/"; // 数据库/预加载图片路径 - public static final String IMAGE_URL_PATH = "https://test.feifanhitech.com/headImg/"; // 数据库/预加载图片路径 -// public static final String IMAGE_URL_PATH = "https://www.feifanhitech.com/headImg/"; // 数据库/预加载图片路径 +// public static final String IMAGE_URL_PATH = "https://test.feifanhitech.com/headImg/"; // 数据库/预加载图片路径 + public static final String IMAGE_URL_PATH = "https://www.feifanhitech.com/headImg/"; // 数据库/预加载图片路径 public static final String[] LETTERS = {"A","B","C","D","E"}; // 员工姓名重复时自动加的字母,可再添加 public static final String STATUS_REFUSE = "拒绝"; // public static final String ENCLOSUREFILE_URL_PATH = "https://www.huorantech.cn/enclosureFile/"; // 附件文件存放路径 - //public static final String ENCLOSUREFILE_URL_PATH = "http://8.129.127.185/enclosureFile/"; // 附件文件存放路径 - public static final String ENCLOSUREFILE_URL_PATH = "https://test.feifanhitech.com/enclosureFile/"; // 附件文件存放路径 -// public static final String ENCLOSUREFILE_URL_PATH = "https://www.feifanhitech.com/enclosureFile/"; // 附件文件存放路径 +// public static final String ENCLOSUREFILE_URL_PATH = "https://test.feifanhitech.com/enclosureFile/"; // 附件文件存放路径 + public static final String ENCLOSUREFILE_URL_PATH = "https://www.feifanhitech.com/enclosureFile/"; // 附件文件存放路径 public static final String FILE_URL_PATH = "//usr//local//nginx//html//admin//enclosureFile//"; // 附件文件存放路径 diff --git a/dq-govern-gateway/src/main/resources/jwt.properties b/dq-govern-gateway/src/main/resources/jwt.properties index 82c34445..d099f1d1 100644 --- a/dq-govern-gateway/src/main/resources/jwt.properties +++ b/dq-govern-gateway/src/main/resources/jwt.properties @@ -35,7 +35,8 @@ jwt.ignoreUrlList=/apiHrmsAuth/hrms/auth/userlogin/getBackPwd,\ /api-guarantee/al-repayment-entry/excelExport,\ /api-guarantee/al-collection/list/export/excel,\ /api-guarantee/al-collection/collection/list/export/excel,\ - /api-guarantee/dg-apply-amount-info/download + /api-guarantee/dg-apply-amount-info/download,\ + /apiHrmsAuth/wxpublic/verify_wx_token From be3339fd250484b73377cea26ad24df39bb55a06 Mon Sep 17 00:00:00 2001 From: shijie <648688341@qq.com> Date: Fri, 9 Apr 2021 11:57:04 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E5=8C=BA=E5=88=86=E6=9F=A5=E7=9C=8B?= =?UTF-8?q?=E5=92=8C=E4=BF=AE=E6=94=B9=E6=97=B6=E6=9F=A5=E7=9C=8B=E8=AF=A6?= =?UTF-8?q?=E6=83=85=E6=8E=A5=E5=8F=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../DgApplyAmountInfoController.java | 13 ++++ .../BusinessApplicationDetailResponse.java | 4 +- .../service/IDgApplyAmountInfoService.java | 2 + .../impl/DgApplyAmountInfoServiceImpl.java | 63 +++++++++++++------ 4 files changed, 61 insertions(+), 21 deletions(-) diff --git a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/controller/DgApplyAmountInfoController.java b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/controller/DgApplyAmountInfoController.java index af4f6d20..4449a92a 100644 --- a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/controller/DgApplyAmountInfoController.java +++ b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/controller/DgApplyAmountInfoController.java @@ -406,4 +406,17 @@ public class DgApplyAmountInfoController implements DgApplyAmountInfoControllerA return result ? ResponseResult.SUCCESS() : ResponseResult.FAIL(); } + + /** + * 根据业务id查询业务申请详情 + * @param id + * @return + */ + @Log(detail = "小程序业务申请详情",level = 3,operationUnit = OperationUnit.APPLYAMOUNTINFO,operationType = OperationType.SELECT) + @GetMapping("/xcxBusinessAppDetail") + @ApiOperation(value = "小程序业务申请详情") + public ResponseResult xcxBusinessAppDetail(Integer id){ + BusinessApplicationDetailResponse response = applyAmountInfoService.xcxBusinessAppDetail(id); + return ResponseResult.SUCCESS(response); + } } diff --git a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/model/response/BusinessApplicationDetailResponse.java b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/model/response/BusinessApplicationDetailResponse.java index 832c702c..fe51a930 100644 --- a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/model/response/BusinessApplicationDetailResponse.java +++ b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/model/response/BusinessApplicationDetailResponse.java @@ -32,8 +32,8 @@ public class BusinessApplicationDetailResponse implements Serializable { /** * 企业详细 */ -/* @ApiModelProperty(value = "企业详细") - private LinkedHashMap linkedHashMap;*/ + @ApiModelProperty(value = "企业详细") + private LinkedHashMap linkedHashMap; /** * 附件详细 diff --git a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/IDgApplyAmountInfoService.java b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/IDgApplyAmountInfoService.java index 8f321a6e..30f9e0bb 100644 --- a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/IDgApplyAmountInfoService.java +++ b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/IDgApplyAmountInfoService.java @@ -39,4 +39,6 @@ public interface IDgApplyAmountInfoService extends IService { DgApplyField queryApplyField(); Boolean updateApplyField(DgApplyField dgApplyField); + + BusinessApplicationDetailResponse xcxBusinessAppDetail(Integer id); } diff --git a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgApplyAmountInfoServiceImpl.java b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgApplyAmountInfoServiceImpl.java index 855a70d9..c66528d5 100644 --- a/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgApplyAmountInfoServiceImpl.java +++ b/dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgApplyAmountInfoServiceImpl.java @@ -300,6 +300,19 @@ public class DgApplyAmountInfoServiceImpl extends ServiceImpl() + .eq("business_id", dgApplyAmountList.getBusinessId())); + + response.setDgBusinessCompany(dgBusinessCompany); + return response; + } + + public BusinessApplicationDetailResponse publicBusinessCommon(Integer id) { //根据id查询业务id DgApplyAmountList dgApplyAmountList = dgApplyAmountListMapper.selectById(id); //根据主键id查询业务申请详细信息 @@ -316,10 +329,6 @@ public class DgApplyAmountInfoServiceImpl extends ServiceImpl() - .eq("business_id", dgApplyAmountList.getBusinessId())); - //查询附件详细,附件关联业务主键id DgEnclosureInfoResponse dgEnclosureInfo = dgEnclosureInfoMapper.selectByCompanyId(dgApplyAmountList.getBusinessId()); @@ -355,29 +364,45 @@ public class DgApplyAmountInfoServiceImpl extends ServiceImpl0){ if(!arr1List2.get(0).toString().equals("[]"))*/ - dgEnclosureInfo.setAccountingFirmList((List) arr1List2.get(0)); - dgEnclosureInfo.setAssessmentReportList((List) arr1List2.get(1)); - dgEnclosureInfo.setBusinessLicenseList((List) arr1List2.get(2)); - dgEnclosureInfo.setCertificateAuthorizationList((List) arr1List2.get(3)); - dgEnclosureInfo.setCompanyConstitutionList((List) arr1List2.get(4)); - dgEnclosureInfo.setCompanyCreditList((List) arr1List2.get(5)); - dgEnclosureInfo.setConversationSummaryList((List) arr1List2.get(6)); - dgEnclosureInfo.setCreditReportList((List) arr1List2.get(7)); - dgEnclosureInfo.setInspectionPhotosList((List) arr1List2.get(8)); - dgEnclosureInfo.setLegalCardCopyList((List) arr1List2.get(9)); - dgEnclosureInfo.setLegalCopyList((List) arr1List2.get(10)); - dgEnclosureInfo.setTaxCertificateList((List) arr1List2.get(11)); - dgEnclosureInfo.setMeetingMinutesList((List) arr1List2.get(12)); - dgEnclosureInfo.setMarriageCopyList((List) arr1List2.get(13)); + dgEnclosureInfo.setAccountingFirmList((List) arr1List2.get(0)); + dgEnclosureInfo.setAssessmentReportList((List) arr1List2.get(1)); + dgEnclosureInfo.setBusinessLicenseList((List) arr1List2.get(2)); + dgEnclosureInfo.setCertificateAuthorizationList((List) arr1List2.get(3)); + dgEnclosureInfo.setCompanyConstitutionList((List) arr1List2.get(4)); + dgEnclosureInfo.setCompanyCreditList((List) arr1List2.get(5)); + dgEnclosureInfo.setConversationSummaryList((List) arr1List2.get(6)); + dgEnclosureInfo.setCreditReportList((List) arr1List2.get(7)); + dgEnclosureInfo.setInspectionPhotosList((List) arr1List2.get(8)); + dgEnclosureInfo.setLegalCardCopyList((List) arr1List2.get(9)); + dgEnclosureInfo.setLegalCopyList((List) arr1List2.get(10)); + dgEnclosureInfo.setTaxCertificateList((List) arr1List2.get(11)); + dgEnclosureInfo.setMeetingMinutesList((List) arr1List2.get(12)); + dgEnclosureInfo.setMarriageCopyList((List) arr1List2.get(13)); // } BusinessApplicationDetailResponse businessApplicationDetail= new BusinessApplicationDetailResponse(); businessApplicationDetail.setDgApplyAmountInfo(dgApplyAmountInfo); businessApplicationDetail.setDgEnclosureInfo(dgEnclosureInfo); - businessApplicationDetail.setDgBusinessCompany(dgBusinessCompany); return businessApplicationDetail; } + @Override + public BusinessApplicationDetailResponse xcxBusinessAppDetail(Integer id) { + //根据id查询业务id + DgApplyAmountList dgApplyAmountList = dgApplyAmountListMapper.selectById(id); + BusinessApplicationDetailResponse response = publicBusinessCommon(id); + + DgApplyAmountInfo dgApplyAmountInfo = dgApplyAmountInfoMapper.selectById(dgApplyAmountList.getBusinessId()); + DgApplyAmountInfoRequest applyAmountInfo = new DgApplyAmountInfoRequest(); + applyAmountInfo.setCompanyId(dgApplyAmountInfo.getCompanyId()); + //根据企业id查询企业详情 + ResponseResult result = crmsFeignService.queryCustomerInfoById(applyAmountInfo); + + LinkedHashMap linkedList = (LinkedHashMap)result.getData(); + response.setLinkedHashMap(linkedList); + return response; + } + @Override public int updateBusinessApplication(BusinessApplicationRequest businessApplication) { //根据业务id以及type查询对应的记录