huoran
/
dqFinancial
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

微信小程序登录处理

Browse Source
master
shijie 4 years ago
parent 76b053e21f
commit caf6396194
15 changed files with 368 additions and 672 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java
  2. 2
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/dao/UserLoginDao.java
  3. 4
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/filter/MyAuthenticationFilter.java
  4. 3
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/model/XccLoginReq.java
  5. 2
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/UserLoginService.java
  6. 251
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java
  7. 14
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java
  8. 146
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AES.java
  9. 342
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AesCbcUtil.java
  10. 198
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/TestUtil.java
  11. 65
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXBizDataCrypt.java
  12. 4
      dq-financial-hrms-auth/src/main/resources/mapper/hrauth/UserLoginMapper.xml
  13. 1
      dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/DqFinancialHrmsAuthApplicationTests.java
  14. 2
      dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/request/BindOpenIdRequest.java
  15. 2
      dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/request/LoginRequest.java

4
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java
Unescape View File

@ -228,7 +228,7 @@ public class UserLoginController implements UserLoginControllerApi {
String encryptedData = xccLoginReq.getEncryptedData();
String code = xccLoginReq.getCode();
String iv = xccLoginReq.getIv();
Map openid = userLoginService.wxAuthLogin(encryptedData,iv,code);
return ResponseResult.SUCCESS(openid);
Integer identify = xccLoginReq.getIdentify();
return userLoginService.wxAuthLogin(encryptedData,iv,code,identify);
}
}

2
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/dao/UserLoginDao.java
Unescape View File

@ -16,7 +16,7 @@ import java.util.Date;
public interface UserLoginDao extends BaseMapper<UserEntity> {
UserEntity getUser(String code);
int selectCount(String phoneAccount);
int selectPhoneCount(String phoneAccount);
int updatePasswordByPhoneAccount(@Param("phoneAccount") String phoneAccount, @Param("password") String password);
UserEntity login(LoginRequest loginRequest);

4
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/filter/MyAuthenticationFilter.java
Unescape View File

@ -100,9 +100,9 @@ public class MyAuthenticationFilter extends OncePerRequestFilter {
// 全局注入角色权限信息和登录用户基本信息
SecurityContextHolder.getContext().setAuthentication(authentication);
}
else {
/* else {
throw new AccessDeniedException("TOKEN不存在,请重新登录!");
}
}*/
filterChain.doFilter(wrappedRequest, wrappedResponse);
} finally {
stopWatch.stop();

3
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/model/XccLoginReq.java
Unescape View File

@ -8,7 +8,7 @@ import java.io.Serializable;
/**
* <p>
* 访问记录表
* 小程序授权登录
* </p>
*
* @author Qyq
@ -21,5 +21,6 @@ public class XccLoginReq implements Serializable {
private String iv;//加密算法的初始向量
private String code;//用户允许登录后,回调内容会带上 code(有效期五分钟),开发者需要将 code 发送到开发者服务器后台
// ,使用code 换取 session_key api,将 code 换成 openid 和 session_key
private Integer identify;//标识 0->员工;1->客户
}

2
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/UserLoginService.java
Unescape View File

@ -25,5 +25,5 @@ public interface UserLoginService extends IService<UserEntity> {
int isPhoneExist(String mobile);
Map wxAuthLogin(String encryptedData, String iv, String code);
ResponseResult wxAuthLogin(String encryptedData, String iv, String code, Integer identify);
}

251
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java
Unescape View File

@ -85,7 +85,7 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
@Override
public UserLoginRequest verifyMobile(UserLoginRequest user){
//校验手机账号是否存在
int count = userLoginDao.selectCount(user.getPhoneAccount());
int count = userLoginDao.selectPhoneCount(user.getPhoneAccount());
if (count == 0) {
ExceptionCast.cast(HrmsCode.PHNOE_ACCOUNT_NOT_EXIST);
}
@ -123,7 +123,6 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
@Transactional
public ResponseResult login(LoginRequest loginRequest) {
System.out.println("wechatId222================"+loginRequest.getWechatId());
//判断用户登录方式
UserEntity userEntity = baseMapper.login(loginRequest);
String name = null;
@ -242,6 +241,15 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
//返回用户信息
LoginResponse loginResponse = new LoginResponse();
if(name == null || name == ""){//名称如果为空,则代表是客户的名称,小程序端登录,名称默认为微信名称
name = userEntity.getAccount();
}
if(headImg != null || headImg != ""){//头像如果为空,则默认为微信头像
if(userEntity.getHeadPortaritUrl() != null){
headImg = userEntity.getHeadPortaritUrl();
}
}
loginResponse.setAccount(name);
loginResponse.setToken(token);
if(headImg != null)
@ -295,7 +303,7 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
ExceptionCast.cast(HrmsCode.VERIFY_CODE_ILLEGAL);
}
//根据手机账号查询是否存在该用户
int count = userLoginDao.selectCount(bindOpenIdRequest.getPhoneAccount());
int count = userLoginDao.selectPhoneCount(bindOpenIdRequest.getPhoneAccount());
if(count > 0){
//存在,直接绑定openId
userLoginDao.updateOpenIdByPhoneAccount(bindOpenIdRequest.getPhoneAccount(),bindOpenIdRequest.getWechatId());
@ -308,11 +316,11 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
@Override
public int isPhoneExist(String mobile) {
return userLoginDao.selectCount(mobile);
return userLoginDao.selectPhoneCount(mobile);
}
@Override
public Map wxAuthLogin(String encryptedData, String iv,String code) {
public ResponseResult wxAuthLogin(String encryptedData, String iv,String code,Integer identify) {
System.out.println("code****"+code+"encryptedData**************"+encryptedData+"iv**********"+iv);
System.out.println("来了小程序登录------------------------------------");
//微信那边的接口,grant_type=authorization_code是固定的
@ -328,7 +336,6 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
System.out.println("sr==================="+sr);
// 解析相应内容(转换成json对象)
//JSONObject json = JSON.parseObject(url);
cn.hutool.json.JSONObject json = new cn.hutool.json.JSONObject(sr);
// 获取会话密钥(session_key)
String session_key = json.get("session_key").toString();
@ -339,28 +346,18 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
Map map = new HashMap();
//======================此处为死数据============================
encryptedData="V6E2hVgfhatfPt/octP4c6881lJ1GCsYqtzY9MzqlWTpthAw5uWJLpRoXtmO5oM7XSHS6xKqh8YVzhKmrfzbb66574fbfE7n5ADSJYlsJwem1ifm3sypW9Ys3GSBwHaQ/x+Sn3rfs+HKMJgegGn+b3R5X7eXFhrA6lFnd+/xpYB4VWztFMsIyVT85Mlv5G3vp1FryctiGjWTFDDh1kAFXQ31Cso91SuAW2muSUaHh32pJ+WBrpZ7wrEZyyuqMqA0UpZve+gonUpZjnRWXewTTWm6jvc7lMQqFA1PD13pOGKYNKD/WxtaMXPWmvN+5WVwScH7ueEeppA1/aFwsMGnDBUU/+B04WxuQxo+M4b15vIq5GxI5Qvulv1taRdA5oiI10K+9UJAm+dz/2c2ZqEIiu+QTj9gvgbJsrIWMe0Wu5qmNTj/V97furJlcVaVvJvUy0N8zrqb7unAptjL0bQUvIB0ZXVgNbGEZLmAbpQhNgpIJ0ft6LiqvIzkrRYR+sIVr+mJrCoYxhyxB8cqsHJT2w==";
session_key="Piqc8iFe6pN0i5ofq4Y6PA==";
iv="Y37DfoP3+4ysUBo8YOnfiQ==";
System.out.println("session_key======"+session_key+"openid===="+openid);
System.out.println("code****"+code+"encryptedData**************"+encryptedData+"iv**********"+iv);
//对encryptedData加密数据进行AES解密
try {
String result = WXBizDataCrypt.getInstance().decrypt(encryptedData, session_key, iv, "utf-8");
System.out.println("AES解密值==="+result);
//String result = AesCbcUtil.decrypt2(session_key,encryptedData, iv);
//String result = AesCbcUtil.decrypt(encryptedData, session_key, iv, "UTF-8");
if (null != result && result.length() > 0) {
map.put("status", 1);
map.put("msg", "解密成功");
JSONObject userInfoJSON = JSONObject.parseObject(result);
//JSONObject userInfoJSON = JSON.parseObject(result);
//cn.hutool.json.JSONObject userInfoJSON = new cn.hutool.json.JSONObject(result);
System.out.println("userInfoJSON===="+userInfoJSON);
Map userInfo = new HashMap();
// 解密unionId & openId;
userInfo.put("openId", userInfoJSON.get("openId"));
userInfo.put("nickName", userInfoJSON.get("nickName"));
userInfo.put("gender", userInfoJSON.get("gender"));
@ -368,11 +365,9 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
userInfo.put("province", userInfoJSON.get("province"));
userInfo.put("country", userInfoJSON.get("country"));
userInfo.put("avatarUrl", userInfoJSON.get("avatarUrl"));
// 解密unionId & openId;
userInfo.put("unionId", userInfoJSON.get("unionId"));
System.out.println("userInfoJSON==============="+userInfoJSON);
System.out.println("unionId============"+userInfoJSON.get("unionId"));
userInfo.put("unionId", userInfoJSON.get("unionId"));
map.put("userInfo", userInfo);
} else {
map.put("status", 0);
@ -382,203 +377,37 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
e.printStackTrace();
}
System.out.println("map===================="+map.get("userInfo"));
Map userMap = (Map<String,Object>)map.get("userInfo");
return map;
}
String unionId = userMap.get("unionId").toString();
String md5UnionId = Md5Util.md5(unionId);
/* @Override
public String wxAuthLogin(String encryptedData, String iv,String code) {
System.out.println(code);
System.out.println("来了小程序登录------------------------------------");
//微信那边的接口,grant_type=authorization_code是固定的
String url = String.format(weChatConfig.getWX_AUTH_URL(),weChatConfig.getXcxAppid(),weChatConfig.getXcxAppsecret(),code);
System.out.println("字符串格式userMap里面的unionId===="+userMap.get("unionId").toString());
//根据unionId查询用户是否注册过,如果已经是老用户,则直接调登录接口,如果为新用户,则先保存用户信息,再调登录
int count = userLoginDao.selectCount(new QueryWrapper<UserEntity>().eq("wechat_id",md5UnionId));
System.out.println("url==============="+url);
//发送请求给微信后端
CloseableHttpClient httpClient= HttpClients.createDefault();
HttpGet httpGet=new HttpGet(url);
InputStream inputStream=null;
CloseableHttpResponse httpResponse=null;
StringBuilder result=new StringBuilder();
try {
httpResponse=httpClient.execute(httpGet);
HttpEntity entity=httpResponse.getEntity();
inputStream=entity.getContent();
BufferedReader bufferedReader=new BufferedReader(new InputStreamReader(inputStream));
String line="";
while ((line=bufferedReader.readLine())!=null){
System.out.println(line); //这里需要使用fastjson来提取一下内容
JSONObject jsonObject= JSON.parseObject(line);
Login login=new Login();
System.out.println("jsonObject====================="+jsonObject);
System.out.println("unionId==================="+jsonObject.getString("unionid"));
login.setOpenid(jsonObject.getString("openid"));
login.setSession_key(jsonObject.getString("session_key"));
login.setUnionid(jsonObject.getString("unionid"));
result.append(login.getUnionid());
System.out.println(result.toString());
}
} catch (IOException e) {
e.printStackTrace();
//根据标识判断是员工还是客户登录,如果为员工登录,则直接登录,无需保存记录,如果为客户登录,则先查询是否已注册
LoginRequest loginRequest = new LoginRequest();
loginRequest.setWechatId(md5UnionId);
loginRequest.setType(2);
loginRequest.setTenDayEffective(2);
if(identify==0){//员工小程序登录
if(count<=0){
return ResponseResult.FAIL(60001,"您不是员工,请使用客户小程序登录!");
}
return result.toString();
}*/
/* @Override
public String wxAuthLogin(String encryptedData, String iv,String code) {
System.out.println(code);
System.out.println("来了小程序登录------------------------------------");
//微信那边的接口,grant_type=authorization_code是固定的
String url = String.format(weChatConfig.getWX_AUTH_URL(),weChatConfig.getXcxAppid(),weChatConfig.getXcxAppsecret(),code);
System.out.println("url==============="+url);
Map<String ,Object> baseMap = HttpUtils.doGet(url);
if(baseMap == null || baseMap.isEmpty()){ return null; }
String accessToken = (String)baseMap.get("access_token");
String openId = (String) baseMap.get("openid");
String unionId = (String) baseMap.get("unionid");
System.out.println("小程序登录openId============="+openId+"unionId=============="+unionId+"baseMap============"+baseMap);
return unionId;
}*/
/*
*//**
* 1 先按照loginInfo信息查询有无有unionID
* 2 如果有,直接返回 ,程序结束
* 3 如果没有,将用于解密的session_key获取
* 4 根据userInfo拿取encryptedData等加密数据
* 5 对加密数据进行逆解密
* 6 拿到unionID 返回,程序结
*
* userInfo TODO 注意一下通过user.getInfo获取的和通过button授权获取的格式不一样
*
*//*
@Override
public ResponseResult getUnionID(Long platformId, String userInfo, String loginInfo, HttpServletRequest request) {
Map<String, String> resLogign = null;
JSONObject resUserInfo = null;
System.out.println("--------------->>>>>进入WeChatServiceImpl");
resLogign = getUnionIDByLoginInfo(loginInfo, request);
// 加密session_key 解密需要
String session_key = resLogign.get("session_key");
if (StringUtils.isNotBlank(resLogign.get("unionid"))) {
System.out.println("返回数据,获取unionid,程序结束<<<------unionid={}"+resLogign.get("unionid"));
return ResponseResult.SUCCESS("获取unionid成功,返回数据!"+resLogign);
} else {
System.out.println("没有获取到unionid,userinfo进行对称解密操作start----->");
resUserInfo = decipherByUserInfo(session_key, userInfo, request);
if (resUserInfo != null && StringUtils.isNotEmpty(resUserInfo.toJSONString())) {
System.out.println("解密后的信息为resUserInfo:{}"+resUserInfo.toJSONString());
// 解密信息由 data.get("unionid") 获取
return ResponseResult.SUCCESS("获取解密信息成功"+resUserInfo);
}
}
return null;
}
*//**
*
* @param session_key
* @param userInfo
* @param request
* @return
*//*
private JSONObject decipherByUserInfo(String session_key, String userInfo, HttpServletRequest request) {
System.out.println("--------------->>>>>进入 decipherByUserInfo");
Map<String, String> resUserInfo = new HashMap<>();
if (!userInfo.contains("login:ok")&&!userInfo.contains("getUserInfo:ok")) {
return null;
}
JSONObject jsonUserInfo = JSONObject.parseObject(userInfo);
System.out.println("将userInfo转换成JSON,userInfo:{}"+jsonUserInfo.toJSONString());
String encryptedData = "";
String iv = "";
if (jsonUserInfo.get("detail") != null && StringUtils.isNotBlank(jsonUserInfo.get("detail").toString())) {
String detail = jsonUserInfo.get("detail").toString();
JSONObject parseObject = JSONObject.parseObject(detail);
encryptedData = (String) parseObject.get("encryptedData");
iv = (String) parseObject.get("iv");
} else {
encryptedData = (String) jsonUserInfo.get("encryptedData");
iv = (String) jsonUserInfo.get("iv");
}
System.out.println("获取解密数据解密start------------>>>解密需要的数据为:encryptedData:{},iv:{},session_key:{}"+"encryptedData===="+encryptedData+"iv===="+iv+"session_key===="+session_key);
// 被加密的数据
byte[] dataByte = Base64.decodeBase64(encryptedData);
// 加密秘钥
byte[] aeskey = Base64.decodeBase64(session_key);
// 偏移量
byte[] ivByte = Base64.decodeBase64(iv);
System.out.println("对加密数据进行Base64编码完毕------------>>>dataByte:{},aeskey:{},ivByte:{}"+dataByte.toString()+aeskey.toString()+ivByte.toString());
String newuserInfo = "";
try {
AES aes = new AES();
byte[] resultByte = aes.decrypt(dataByte, aeskey, ivByte);
if (null != resultByte && resultByte.length > 0) {
newuserInfo = new String(resultByte, "UTF-8");
System.out.println("解密完毕,解密结果为newuserInfo:{}"+newuserInfo);
return JSONObject.parseObject(newuserInfo);
}else{//客户小程序登录
if(count <=0){//新用户
UserEntity userEntity = new UserEntity();
userEntity.setAccount(userMap.get("nickName").toString());//账号默认为微信名称
userEntity.setWechatId(md5UnionId);//加密后unionId
userEntity.setHeadPortaritUrl(userMap.get("avatarUrl").toString());//头像路径
userEntity.setCreateTime(new Date());//创建时间
userLoginDao.insert(userEntity);
}
} catch (Exception e) {
System.out.println("解密异常!检查解密数据 {}"+newuserInfo+e);
e.printStackTrace();
}
return null;
}
*//**
* 根据logininfo 的code尝试获取unionID
*
* @param loginInfo
* @param request
* @return
*//*
private Map<String, String> getUnionIDByLoginInfo(String loginInfo, HttpServletRequest request) {
JSONObject loginRes = null;
Map<String, Object> loginReq = new HashMap<>();
Map<String, String> loginResMap = new HashMap<>();
System.out.println("--------------->>>>>进入 getUnionIDByLoginInfo");
JSONObject loginMap = JSONObject.parseObject(loginInfo);
System.out.println("转换JSON完毕");
System.out.println("组装请求数据----start:");
String resCode = (String) loginMap.get("code");
loginReq.put("js_code", resCode);
loginReq.put("appid", weChatConfig.getXcxAppid()); // 这几个变量是自己去获取的 我做成了配置文件中
loginReq.put("secret", weChatConfig.getXcxAppsecret()); // 去这个网址看参数说明: https://developers.weixin.qq.com/miniprogram/dev/api/api-login.html#wxloginobject
loginReq.put("grant_type", "authorization_code");
System.out.println("组装请求参数完毕loginReq={}"+loginReq);
try {
System.out.println("开始发送请求到微信...url={}"+weChatConfig.getWX_AUTH_URL());
loginRes = HttpClientUtils.doGet(SysConstants.WEICHAT_UNIONID_URL, loginReq);
} catch (Exception e) {
System.out.println("调用httpClient异常!异常信息={}"+e);
throw new RuntimeException(e);
}
String openid = (String) loginRes.get("openid");
String session_key = (String) loginRes.get("session_key");
String unionid = (String) loginRes.get("unionid");
loginResMap.put("openid", openid);
loginResMap.put("unionid", unionid);
loginResMap.put("session_key", session_key);
System.out.println("https返回数据loginRes={}"+loginRes.toJSONString());
// 微信建议不要在传输中有session_key,我们在这里做一个缓存数据key=session_key_safe,value="真实的session_key+真实的openid"
// TODO
// 时间问题,这里暂不处理
// loginResMap.put("session_key", "session_key_safe");
return loginResMap;
}*/
ResponseResult result = login(loginRequest);
return result;
}
}

14
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java
Unescape View File

@ -62,16 +62,17 @@ public class UserServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> imple
System.out.println("微信扫码加密前openId============="+openId+"unionId=============="+unionId+"baseMap============"+baseMap);
//对code(回调过来的openid)加密
String md5OpenId = Md5Util.md5(openId);
String md5UnionId = Md5Util.md5(unionId);
log.info("accessToken========> "+accessToken+"openId========> "+openId+"code=======> "+code+"md5OpenId============>"+md5OpenId);
UserEntity dbUser = userMapper.findByOpenid(md5OpenId);
UserEntity dbUser = userMapper.findByOpenid(md5UnionId);
if(dbUser!=null && dbUser.getPhoneAccount()!=null) { //dbUser不为空,存在直接让它登录
log.info("来了微信扫码登录~~~~~~~~~~~~~~~~~~~~~~~~~~~");
LoginRequest loginRequest = new LoginRequest();
loginRequest.setTenDayEffective(1);
loginRequest.setType(2);
loginRequest.setWechatId(md5OpenId);
loginRequest.setWechatId(md5UnionId);
ResponseResult login = userLoginService.login(loginRequest);
LoginResponse data = (LoginResponse) login.getData();
@ -91,8 +92,8 @@ public class UserServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> imple
if(dbUser == null){//openId不存在,返回绑定手机号页面,须另写绑定手机号接口
log.info("dbUser为空,openId不存在,请先绑定手机号哦~~~");
try {
response.sendRedirect("https://www.huorantech.cn/index/#/bind-phone?matched="+md5OpenId);//跳转绑定手机号页面
//response.sendRedirect("http://8.129.127.185/dq/index.html#/bind-phone?matched="+md5OpenId);//跳转绑定手机号页面
response.sendRedirect("https://www.huorantech.cn/index/#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面
//response.sendRedirect("http://8.129.127.185/dq/index.html#/bind-phone?matched="+md5UnionId);//跳转绑定手机号页面
} catch (IOException e) {
e.printStackTrace();
}
@ -149,7 +150,8 @@ public class UserServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> imple
String unionId = (String) baseMap.get("unionid");
log.info("openId========="+openId+"unionId===="+unionId);
String md5OpenId = Md5Util.md5(openId);
Integer countWeChatId = this.getBaseMapper().countWeChatId(md5OpenId);
String md5UnionId = Md5Util.md5(unionId);
Integer countWeChatId = this.getBaseMapper().countWeChatId(md5UnionId);
String token = this.getBaseMapper().getTokenByUserId(Long.parseLong(state));
if (countWeChatId > 0){
try {
@ -160,7 +162,7 @@ public class UserServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> imple
e.printStackTrace();
}
}else {
Boolean result = this.getBaseMapper().updateWeChat(Long.parseLong(state), md5OpenId);
Boolean result = this.getBaseMapper().updateWeChat(Long.parseLong(state), md5UnionId);
log.info("绑定成功---------------------------------------");
if (result){
try {

146
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AES.java
Unescape View File

@ -1,73 +1,73 @@
package com.daqing.financial.hrauth.util;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class AES {
public static boolean initialized = false;
/**
* AES对称解密工具类
*
* @param content
* 密文
* @return
* @throws InvalidAlgorithmParameterException
* @throws NoSuchProviderException
*/
public byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException {
initialize();
try {
// java是没有
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
Key sKeySpec = new SecretKeySpec(keyByte, "AES");
cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化
byte[] result = cipher.doFinal(content);
return result;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (NoSuchProviderException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static void initialize() {
if (initialized)
return;
Security.addProvider(new BouncyCastleProvider());
initialized = true;
}
// 生成iv
public static AlgorithmParameters generateIV(byte[] iv) throws Exception {
AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
params.init(new IvParameterSpec(iv));
return params;
}
}
//package com.daqing.financial.hrauth.util;
//
//import java.security.AlgorithmParameters;
//import java.security.InvalidAlgorithmParameterException;
//import java.security.InvalidKeyException;
//import java.security.Key;
//import java.security.NoSuchAlgorithmException;
//import java.security.NoSuchProviderException;
//import java.security.Security;
//
//import javax.crypto.BadPaddingException;
//import javax.crypto.Cipher;
//import javax.crypto.IllegalBlockSizeException;
//import javax.crypto.NoSuchPaddingException;
//import javax.crypto.spec.IvParameterSpec;
//import javax.crypto.spec.SecretKeySpec;
//
//import org.bouncycastle.jce.provider.BouncyCastleProvider;
//
//public class AES {
// public static boolean initialized = false;
//
// /**
// * AES对称解密工具类
// *
// * @param content
// * 密文
// * @return
// * @throws InvalidAlgorithmParameterException
// * @throws NoSuchProviderException
// */
// public byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException {
// initialize();
// try {
// // java是没有
// Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
// Key sKeySpec = new SecretKeySpec(keyByte, "AES");
//
// cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化
// byte[] result = cipher.doFinal(content);
// return result;
// } catch (NoSuchAlgorithmException e) {
// e.printStackTrace();
// } catch (NoSuchPaddingException e) {
// e.printStackTrace();
// } catch (InvalidKeyException e) {
// e.printStackTrace();
// } catch (IllegalBlockSizeException e) {
// e.printStackTrace();
// } catch (BadPaddingException e) {
// e.printStackTrace();
// } catch (NoSuchProviderException e) {
// e.printStackTrace();
// } catch (Exception e) {
// e.printStackTrace();
// }
// return null;
// }
//
// public static void initialize() {
// if (initialized)
// return;
// Security.addProvider(new BouncyCastleProvider());
// initialized = true;
// }
//
// // 生成iv
// public static AlgorithmParameters generateIV(byte[] iv) throws Exception {
// AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
// params.init(new IvParameterSpec(iv));
// return params;
// }
//}

342
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AesCbcUtil.java
Unescape View File

@ -1,171 +1,171 @@
package com.daqing.financial.hrauth.util;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.*;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.*;
import java.security.spec.InvalidParameterSpecException;
import java.util.Arrays;
/**
* Created by yfs on 2018/3/25.
* <p>
* AES-128-CBC 加密方式
*
* AES-128-CBC可以自己定义密钥偏移量
* AES-128是jdk自动生成的密钥
*/
public class AesCbcUtil {
static {
//BouncyCastle是一个开源的加解密解决方案,主页在http://www.bouncycastle.org/
Security.addProvider(new BouncyCastleProvider());
}
/**
* AES解密
*
* @param data //密文,被加密的数据
* @param key //秘钥
* @param iv //偏移量
* @param encodingFormat //解密后的结果需要进行的编码
* @return
* @throws Exception
*/
public static String decrypt(String data, String key, String iv, String encodingFormat) throws Exception {
// initialize();
//被加密的数据
byte[] dataByte = Base64.decodeBase64(data);
//加密秘钥
byte[] keyByte = Base64.decodeBase64(key);
//偏移量
byte[] ivByte = Base64.decodeBase64(iv);
try {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
parameters.init(new IvParameterSpec(ivByte));
cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
byte[] resultByte = cipher.doFinal(dataByte);
if (null != resultByte && resultByte.length > 0) {
String result = new String(resultByte, encodingFormat);
return result;
}
return null;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidParameterSpecException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return null;
}
/**
* AES解密
*
* @param encryptedData 消息密文
* @param ivStr iv字符串
*/
public static byte[] decrypt2(String sessionKey, String encryptedData, String ivStr) {
try {
AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
params.init(new IvParameterSpec(Base64.decodeBase64(ivStr)));
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(Base64.decodeBase64(sessionKey), "AES"), params);
String encodingFormat = "UTF-8";
byte[] resultByte = cipher.doFinal(Base64.decodeBase64(encryptedData));
return resultByte;
/* System.out.println("resultByte===="+resultByte);
if (null != resultByte && resultByte.length > 0) {
String result = new String(resultByte, encodingFormat);
return result;
}
return null;*/
//return new String(PKCS7Encoder.decode(cipher.doFinal(Base64.decodeBase64(encryptedData))), StandardCharsets.UTF_8);
} catch (Exception e) {
throw new RuntimeException("AES解密失败", e);
}
}
public static String decryptNew(String encryptedData, String sessionKey, String iv) throws Exception {
String result = "";
// 被加密的数据
byte[] dataByte = Base64.decodeBase64(encryptedData);
// 加密秘钥
byte[] keyByte = Base64.decodeBase64(sessionKey);
// 偏移量
byte[] ivByte = Base64.decodeBase64(iv);
try {
// 如果密钥不足16位,那么就补足. 这个if 中的内容很重要
int base = 16;
if (keyByte.length % base != 0) {
int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
byte[] temp = new byte[groups * base];
Arrays.fill(temp, (byte) 0);
System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
keyByte = temp;
}
// 初始化
Security.addProvider(new BouncyCastleProvider());
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
parameters.init(new IvParameterSpec(ivByte));
// 初始化
cipher.init(Cipher.DECRYPT_MODE, spec, parameters);
byte[] resultByte = cipher.doFinal(dataByte);
if (null != resultByte && resultByte.length > 0) {
result = new String(resultByte, "UTF-8");
}
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidParameterSpecException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
} catch (NoSuchProviderException e) {
e.printStackTrace();
}
return result;
}
}
//package com.daqing.financial.hrauth.util;
//
//import org.apache.commons.codec.binary.Base64;
//import org.bouncycastle.jce.provider.BouncyCastleProvider;
//
//import javax.crypto.*;
//import javax.crypto.spec.IvParameterSpec;
//import javax.crypto.spec.SecretKeySpec;
//import java.io.UnsupportedEncodingException;
//import java.nio.charset.StandardCharsets;
//import java.security.*;
//import java.security.spec.InvalidParameterSpecException;
//import java.util.Arrays;
//
///**
// * Created by yfs on 2018/3/25.
// * <p>
// * AES-128-CBC 加密方式
// * 注:
// * AES-128-CBC可以自己定义“密钥”和“偏移量“。
// * AES-128是jdk自动生成的“密钥”。
// */
//public class AesCbcUtil {
//
//
// static {
// //BouncyCastle是一个开源的加解密解决方案,主页在http://www.bouncycastle.org/
// Security.addProvider(new BouncyCastleProvider());
// }
//
// /**
// * AES解密
// *
// * @param data //密文,被加密的数据
// * @param key //秘钥
// * @param iv //偏移量
// * @param encodingFormat //解密后的结果需要进行的编码
// * @return
// * @throws Exception
// */
// public static String decrypt(String data, String key, String iv, String encodingFormat) throws Exception {
//// initialize();
//
// //被加密的数据
// byte[] dataByte = Base64.decodeBase64(data);
// //加密秘钥
// byte[] keyByte = Base64.decodeBase64(key);
// //偏移量
// byte[] ivByte = Base64.decodeBase64(iv);
//
//
// try {
// Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
//
// SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
//
// AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
// parameters.init(new IvParameterSpec(ivByte));
//
// cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
//
// byte[] resultByte = cipher.doFinal(dataByte);
// if (null != resultByte && resultByte.length > 0) {
// String result = new String(resultByte, encodingFormat);
// return result;
// }
// return null;
// } catch (NoSuchAlgorithmException e) {
// e.printStackTrace();
// } catch (NoSuchPaddingException e) {
// e.printStackTrace();
// } catch (InvalidParameterSpecException e) {
// e.printStackTrace();
// } catch (InvalidKeyException e) {
// e.printStackTrace();
// } catch (InvalidAlgorithmParameterException e) {
// e.printStackTrace();
// } catch (IllegalBlockSizeException e) {
// e.printStackTrace();
// } catch (BadPaddingException e) {
// e.printStackTrace();
// } catch (UnsupportedEncodingException e) {
// e.printStackTrace();
// }
//
// return null;
// }
//
// /**
// * AES解密
// *
// * @param encryptedData 消息密文
// * @param ivStr iv字符串
// */
// public static byte[] decrypt2(String sessionKey, String encryptedData, String ivStr) {
// try {
// AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
// params.init(new IvParameterSpec(Base64.decodeBase64(ivStr)));
//
// Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
// cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(Base64.decodeBase64(sessionKey), "AES"), params);
//
// String encodingFormat = "UTF-8";
// byte[] resultByte = cipher.doFinal(Base64.decodeBase64(encryptedData));
// return resultByte;
///* System.out.println("resultByte===="+resultByte);
// if (null != resultByte && resultByte.length > 0) {
// String result = new String(resultByte, encodingFormat);
// return result;
// }
// return null;*/
// //return new String(PKCS7Encoder.decode(cipher.doFinal(Base64.decodeBase64(encryptedData))), StandardCharsets.UTF_8);
// } catch (Exception e) {
// throw new RuntimeException("AES解密失败", e);
// }
// }
//
//
// public static String decryptNew(String encryptedData, String sessionKey, String iv) throws Exception {
// String result = "";
// // 被加密的数据
// byte[] dataByte = Base64.decodeBase64(encryptedData);
// // 加密秘钥
// byte[] keyByte = Base64.decodeBase64(sessionKey);
// // 偏移量
// byte[] ivByte = Base64.decodeBase64(iv);
// try {
// // 如果密钥不足16位,那么就补足. 这个if 中的内容很重要
// int base = 16;
// if (keyByte.length % base != 0) {
// int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
// byte[] temp = new byte[groups * base];
// Arrays.fill(temp, (byte) 0);
// System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
// keyByte = temp;
// }
// // 初始化
// Security.addProvider(new BouncyCastleProvider());
// Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
// SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
// AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
// parameters.init(new IvParameterSpec(ivByte));
// // 初始化
// cipher.init(Cipher.DECRYPT_MODE, spec, parameters);
// byte[] resultByte = cipher.doFinal(dataByte);
// if (null != resultByte && resultByte.length > 0) {
// result = new String(resultByte, "UTF-8");
// }
// } catch (NoSuchAlgorithmException e) {
// e.printStackTrace();
// } catch (NoSuchPaddingException e) {
// e.printStackTrace();
// } catch (InvalidParameterSpecException e) {
// e.printStackTrace();
// } catch (IllegalBlockSizeException e) {
// e.printStackTrace();
// } catch (BadPaddingException e) {
// e.printStackTrace();
// } catch (UnsupportedEncodingException e) {
// e.printStackTrace();
// } catch (InvalidKeyException e) {
// e.printStackTrace();
// } catch (InvalidAlgorithmParameterException e) {
// e.printStackTrace();
// } catch (NoSuchProviderException e) {
// e.printStackTrace();
// }
// return result;
// }
//
//}

198
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/TestUtil.java
Unescape View File

@ -1,198 +0,0 @@
package com.daqing.financial.hrauth.util;
import com.google.common.primitives.Bytes;
import org.apache.commons.codec.binary.Base64;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
public class TestUtil {
/**
* 加密
*
* @param content
* 需要加密的内容
* @param password
* 加密密码
* @return
*/
public static byte[] encrypt(String content, String password) {
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128, new SecureRandom(password.getBytes()));
SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");// 创建密码器
byte[] byteContent = content.getBytes("utf-8");
cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化
byte[] result = cipher.doFinal(byteContent);
return result; // 加密
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
/**
* 解密
*
* @param content
* 待解密内容
* @param password
* 解密密钥
* @return
*/
public static byte[] decrypt(byte[] content, String password) {
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128, new SecureRandom(password.getBytes()));
SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");// 创建密码器
cipher.init(Cipher.DECRYPT_MODE, key);// 初始化
byte[] result = cipher.doFinal(content);
return result; // 加密
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
/**
* 将二进制转换成16进制
*
* @param buf
* @return
*/
public static String parseByte2HexStr(byte buf[]) {
StringBuffer sb = new StringBuffer();
for (int i = 0; i < buf.length; i++) {
String hex = Integer.toHexString(buf[i] & 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
sb.append(hex.toUpperCase());
}
return sb.toString();
}
/**
* 将16进制转换为二进制
*
* @param hexStr
* @return
*/
public static byte[] parseHexStr2Byte(String hexStr) {
if (hexStr.length() < 1)
return null;
byte[] result = new byte[hexStr.length() / 2];
for (int i = 0; i < hexStr.length() / 2; i++) {
int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16);
int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16);
result[i] = (byte) (high * 16 + low);
}
return result;
}
/**
* 加密
*
* @param content
* 需要加密的内容
* @param password
* 加密密码
* @return
*/
public static byte[] encrypt2(String content, String password) {
try {
SecretKeySpec key = new SecretKeySpec(password.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
byte[] byteContent = content.getBytes("utf-8");
cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化
byte[] result = cipher.doFinal(byteContent);
return result; // 加密
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
public static void main(String[] args) throws UnsupportedEncodingException, InvalidAlgorithmParameterException {
String encryptedData="+WQuaG5Tr9EU6f+Cx7OR7O8/HbVAUK77P9/BRqhdA4qYKLcw0sbS1R5DfoU+D4HEpoUCXtmRH/gP" +
"eJqYFJpauBysbadiYrZ6wYWjp5wP+HgxWnfCOk7jwR8WUdvFFDuQMhAVudnFhhNP3g4iHfCeiU5yfmN4iw" +
"gpL4txJpuZDHhyjqBqGGxntyxgxHFonbFi94e+IaPrFqigvqJXI9RGW9eXUVhZEQGeadv+eW72ucPq90KGH" +
"wPj0uUMWRWPJC8ZWp+uRUbrENiKfo9QJqiMljq/wcbz4c/u/Wd7PF4o4s02uutMjsrpYdnpw20E7DDpUIBU" +
"fIkeDmIFOIEQYPAGbTFtbHwPyyrx/r+fSihmO6PRwAlUrfhCOZ3KNkmtqZPDjqfHGrW+MeiquW5vryXL8FWy++z" +
"OVdGzymGvW6E/hSVDoTNL4+zeuxhJAXCnuPjLtYeL0EkGam8ks0KDqhZy3gUwRwrM0HFzQ1IryTMsqeLCcLMm" +
"0vWG4PEuPv5j5+V66MTGYvyyM2v67zK7Z2cn2A==";
String iv="zI+P8RVxEwMFBXcJDCemHg==";
String session_key="Piqc8iFe6pN0i5ofq4Y6PA==";
String content = encryptedData;
String password = "";
// 加密
System.out.println("加密前:" + content);
byte[] encode = encrypt(content, password);
//传输过程,不转成16进制的字符串,就等着程序崩溃掉吧
String code = parseByte2HexStr(encode);
System.out.println("密文字符串:" + code);
byte[] decode = parseHexStr2Byte(code);
// 解密
byte[] decryptResult = decrypt(decode, password);
System.out.println("decryptResult==="+decryptResult);
System.out.println("解密后:" + new String(decryptResult, "UTF-8")); //不转码会乱码
System.out.println("=========================================================");
byte[] dataByte = Base64.decodeBase64(session_key);
//byte[] d = TestUtil.parseHexStr2Byte(encryptedData);
byte[] dr = decrypt(dataByte, "");
//String re = new String(dr, "UTF-8");
//System.out.println("result====="+re);
}
}

65
dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXBizDataCrypt.java
Unescape View File

@ -3,9 +3,16 @@ import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import cn.hutool.core.codec.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import sun.misc.BASE64Decoder;
import com.alibaba.fastjson.JSONObject;
import java.security.AlgorithmParameters;
import java.security.Security;
import java.util.Arrays;
import java.util.Map;
/**
* 对微信小程序用户加密数据的解密示例代码.
*
@ -63,14 +70,68 @@ public class WXBizDataCrypt {
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);
byte[] original = cipher.doFinal(_encryptedData);
byte[] bytes = PKCS7Encoder.decode(original);
String originalString = new String(bytes, "ISO-8859-1");
String originalString = new String(bytes, "UTF-8");//ISO-8859-1
return originalString;
} catch (Exception ex) {
return null;
}
}
/**
* 解密encryptedData获取用户信息
*
* @param encryptedData
* @param sessionKey
* @param iv
* @return
*/
public static JSONObject getUserInfo(String encryptedData, String sessionKey, String iv) {
// 被加密的数据
byte[] dataByte = Base64.decode(encryptedData);
// 加密秘钥
byte[] keyByte = Base64.decode(sessionKey);
// 偏移量
byte[] ivByte = Base64.decode(iv);
try {
// 如果密钥不足16位,那么就补足. 这个if 中的内容很重要
int base = 16;
if (keyByte.length % base != 0) {
int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
byte[] temp = new byte[groups * base];
Arrays.fill(temp, (byte) 0);
System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
keyByte = temp;
}
// 初始化
Security.addProvider(new BouncyCastleProvider());
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
parameters.init(new IvParameterSpec(ivByte));
cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
byte[] resultByte = cipher.doFinal(dataByte);
if (null != resultByte && resultByte.length > 0) {
String result = new String(resultByte, "UTF-8");
return JSONObject.parseObject(result);
}
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static void main(String[] args) throws Exception {
String iv="dvIIKwlnHIneQrj1ZGhhWQ==";
String sessionKey="xUkcqKQdaK0vpVUXj8ityA==";
String encryptedData="nK44nXrhAtBbmwBNgZ+du5mJbGoEr9pyPJG3upfQq6GXK3IKDHGkec6HDxGyBGe1qCs2kwLIOzm24da4o7cb6eEeNbewj18SMsWErGE3KWfy1b2BEg1ttu8oKp9Eatsmofavn/TnZeZSXVe5hDsmJSUPPRidjVp6AWCmOiQLCjY2RiNjpVx2fdgVvrzARK6IOlYyoL0soMUQXt0jnTdza5XVUbY/iTLbVc5Hrbw52+/n2tphoBc1iFXlkkKsJiHL6482LAZ43U5ev/AWoEV/lGfs4APktlppWjdIQkXFlpnb4z5TV0S5QT4D4fxigvjIi6MgTO9CYViCVS7K3/WK0JeuMS61dKJLAriajZN1LiBJhz29jG1PctEnGS56C+o59PrUKfULvRD6U0cGLpgsVuyFM6EFVgz7NIEmBC4gOVGnOSAenkc++xVvVUf164SBMIQItVXaYSv+13Dat43CyHmN+bZowJz0ghJ730gPv3f01RqCMmjrWwQuBzZi8RuXNPIBzpBhymfvnM8QF+FjXA==";
/* Map<String, Object> userInfo = getUserInfo(encryptedData, sessionKey, iv);
System.out.println(userInfo);
String nickName = (String) userInfo.get("nickName"); //昵称
String avatarUrl = (String) userInfo.get("avatarUrl"); //头像
String unionId = (String) userInfo.get("unionId"); //unionid*/
// 需要加密的字串
// String appid = "wx4f4bc4dec97d474b";
/* String sessionKey = "tiihtNczf5v6AKRyjwEUhQ==";
@ -96,9 +157,11 @@ public class WXBizDataCrypt {
String iv="zI+P8RVxEwMFBXcJDCemHg==";
String sessionKey="Piqc8iFe6pN0i5ofq4Y6PA==";*/
/*
String iv="Y37DfoP3+4ysUBo8YOnfiQ==";
String sessionKey="Piqc8iFe6pN0i5ofq4Y6PA==";
String encryptedData="V6E2hVgfhatfPt/octP4c6881lJ1GCsYqtzY9MzqlWTpthAw5uWJLpRoXtmO5oM7XSHS6xKqh8YVzhKmrfzbb66574fbfE7n5ADSJYlsJwem1ifm3sypW9Ys3GSBwHaQ/x+Sn3rfs+HKMJgegGn+b3R5X7eXFhrA6lFnd+/xpYB4VWztFMsIyVT85Mlv5G3vp1FryctiGjWTFDDh1kAFXQ31Cso91SuAW2muSUaHh32pJ+WBrpZ7wrEZyyuqMqA0UpZve+gonUpZjnRWXewTTWm6jvc7lMQqFA1PD13pOGKYNKD/WxtaMXPWmvN+5WVwScH7ueEeppA1/aFwsMGnDBUU/+B04WxuQxo+M4b15vIq5GxI5Qvulv1taRdA5oiI10K+9UJAm+dz/2c2ZqEIiu+QTj9gvgbJsrIWMe0Wu5qmNTj/V97furJlcVaVvJvUy0N8zrqb7unAptjL0bQUvIB0ZXVgNbGEZLmAbpQhNgpIJ0ft6LiqvIzkrRYR+sIVr+mJrCoYxhyxB8cqsHJT2w==";
*/
/* String iv="sAUv8qjwP8j/Ql9KLgA4iQ==";
String sessionKey="H5lUk3IPIIENRdLxzLi2Hg==";

4
dq-financial-hrms-auth/src/main/resources/mapper/hrauth/UserLoginMapper.xml
Unescape View File

@ -20,12 +20,12 @@
<select id="getUser" parameterType="string" resultType="com.daqing.framework.domain.hrms.UserEntity">
SELECT id,account,password FROM hrms_user WHERE account = #{account}
</select>
<select id="selectCount" resultType="java.lang.Integer">
<select id="selectPhoneCount" resultType="java.lang.Integer">
select count(1) from hrms_user where phone_account = #{phoneAccount}
</select>
<select id="login" parameterType="com.daqing.framework.domain.hrms.request.LoginRequest" resultType="com.daqing.framework.domain.hrms.UserEntity">
select id,account,phone_account,password,login_num from hrms_user
select id,account,phone_account,password,login_num,head_portarit_url from hrms_user
where del_or_not = 0 and status = 0
<if test="phone != null and phone != '' ">
and (phone_account = #{phone} or account = #{phone})

1
dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/DqFinancialHrmsAuthApplicationTests.java
Unescape View File

@ -1,6 +1,5 @@
package com.daqing.financial.hrauth;
import com.daqing.financial.hrauth.util.AesCbcUtil;
import io.swagger.models.auth.In;
import java.io.BufferedReader;

2
dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/request/BindOpenIdRequest.java
Unescape View File

@ -24,7 +24,7 @@ public class BindOpenIdRequest implements Serializable {
private String phoneAccount;
/**
* openId
* unionId
*/
private String wechatId;

2
dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/request/LoginRequest.java
Unescape View File

@ -14,7 +14,7 @@ public class LoginRequest {
@ApiModelProperty(value = "登录类型(1:手机号 2:微信登录)")
private int type;
@ApiModelProperty(value = "微信唯一编号")
@ApiModelProperty(value = "微信唯一编号(unionId)")
private String wechatId;
@ApiModelProperty(value = "密码")

Write Preview
Loading…
Cancel
Save