Merge remote-tracking branch 'origin/master'

dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/model/request/BusinessApplicationRequest.java

@@ -261,7 +261,7 @@ public class BusinessApplicationRequest implements Serializable {
      * 注册时间
      */
     @ApiModelProperty(value = "注册时间")
-    private Date registerTime;
+    private String registerTime;
 
     /**
      * 注册地址
@@ -335,4 +335,7 @@ public class BusinessApplicationRequest implements Serializable {
     @ApiModelProperty(value = "联系电话（指个人或企业的）")
     private String phone;
 
+    @ApiModelProperty(value = "客户基本信息表id")
+    private Long customerId;
+
 }

dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgApplyAmountInfoServiceImpl.java

@@ -247,6 +247,7 @@ public class DgApplyAmountInfoServiceImpl extends ServiceImpl<DgApplyAmountInfoM
             applyAmountList.setType(2);//设置类型
             applyAmountList.setStatus(StatusCode.SP_IN_REVIEW);//状态设置为审核中
             applyAmountList.setOperatingStatus(StatusCode.CZ_ON_HAND);//操作状态设置为待处理
+            applyAmountList.setVer(1);//设置担保部经理的初始版本号
             dgApplyAmountListMapper.insert(applyAmountList);
 
             //同时往业务流程状态表新增一条记录
@@ -400,6 +401,7 @@ public class DgApplyAmountInfoServiceImpl extends ServiceImpl<DgApplyAmountInfoM
             applyAmountList.setType(2);//设置类型
             applyAmountList.setStatus(StatusCode.SP_IN_REVIEW);//状态设置为审核中
             applyAmountList.setOperatingStatus(StatusCode.CZ_ON_HAND);//操作状态设置为待处理
+            applyAmountList.setVer(1);//设置担保部经理的初始版本号
             dgApplyAmountListMapper.insert(applyAmountList);
         }
 
@@ -563,16 +565,21 @@ public class DgApplyAmountInfoServiceImpl extends ServiceImpl<DgApplyAmountInfoM
         } catch (Exception e) {
             e.printStackTrace();
         }
+        //根据id查询业务id
+        DgApplyAmountList dgApplyAmountList1 = dgApplyAmountListMapper.selectById(id);
+
         //根据dg_apply_amount_list表的id修改当前业务状态
         DgApplyAmountList dgApplyAmountList = new DgApplyAmountList();
         dgApplyAmountList.setStatus(status);
         dgApplyAmountList.setOperatingStatus(StatusCode.CZ_PROCESSED);//操作状态改为已处理
         dgApplyAmountList.setApplyContent(remark);
         dgApplyAmountList.setEmpId(Integer.parseInt(userId));
-        dgApplyAmountListMapper.update(dgApplyAmountList,new QueryWrapper<DgApplyAmountList>().eq("id",id));
+        dgApplyAmountList.setVer(dgApplyAmountList1.getVer()+1);//设置担保部经理的版本号+1
+        int update = dgApplyAmountListMapper.update(dgApplyAmountList, new QueryWrapper<DgApplyAmountList>()
+                .eq("id", id).eq("ver", dgApplyAmountList1.getVer()));
+        if(update<=0)
+            return 0;
 
-        //根据id查询业务id
-        DgApplyAmountList dgApplyAmountList1 = dgApplyAmountListMapper.selectById(id);
         //修改专员那一条记录审核状态
         DgApplyAmountList applyAmountList = new DgApplyAmountList();
         applyAmountList.setStatus(status);

dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgCopyUserServiceImpl.java

@@ -95,18 +95,21 @@ public class DgCopyUserServiceImpl extends ServiceImpl<DgCopyUserMapper, DgCopyU
                 employeeMessage = (List<LinkedHashMap>) responseResult.getData();
             }
 
-            for (CopyForMeResponse response : copyForMeResponseList) {
-                for (LinkedHashMap res : employeeMessage) {
-                    if (response.getApplicantId().equals(res.get("id"))) {//如果提单人id相同情况下，就往对象里面赋值
-                        response.setApplicant(JSONObject.toJSONString(res.get("account")).replace("\"", ""));
-                    }
-                    if (response.getApproveId()!=null){
-                        if (response.getApproveId().equals(res.get("id"))) {//如果审批人id相同情况下，就往对象里面赋值
-                            response.setApprove(JSONObject.toJSONString(res.get("account")).replace("\"", ""));
+            if(employeeMessage != null){
+                for (CopyForMeResponse response : copyForMeResponseList) {
+                    for (LinkedHashMap res : employeeMessage) {
+                        if (response.getApplicantId()!=null && response.getApplicantId().equals(res.get("id"))) {//如果提单人id相同情况下，就往对象里面赋值
+                            response.setApplicant(JSONObject.toJSONString(res.get("account")).replace("\"", ""));
+                        }
+                        if (response.getApproveId()!=null){
+                            if (response.getApproveId().equals(res.get("id"))) {//如果审批人id相同情况下，就往对象里面赋值
+                                response.setApprove(JSONObject.toJSONString(res.get("account")).replace("\"", ""));
+                            }
                         }
                     }
                 }
             }
+
         }
 
         return copyForMeResponseList;

dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/util/MyBatisPlusCodeGenerator.java

@@ -25,7 +25,7 @@ public class MyBatisPlusCodeGenerator {
     public static final String PACKAGE_NAME = "com.daqing.financial.guarantee";
 
     public static void main(String[] args) {
-        String[] tables = new String[] {"dg_business_company"};//表名数组
+        String[] tables = new String[] {"dg_customer_related"};//表名数组
         String[] tablePrefixs = new String[] {""};//去掉前缀
         executeCode(PACKAGE_NAME,tables,tablePrefixs);
     }

dq-financial-guarantee/src/main/resources/bootstrap.properties

@@ -30,9 +30,9 @@ ribbon.ConnectTimeout: 120000
 
 
 # 上传文件总的最大值
-#spring.servlet.multipart.max-request-size=10MB
-## 单个文件的最大值
-#spring.servlet.multipart.max-file-size=10MB
+spring.servlet.multipart.max-request-size=10MB
+# 单个文件的最大值
+spring.servlet.multipart.max-file-size=10MB
 #
 ##正式环境（prod）
 ##服务名称

dq-financial-guarantee/src/main/resources/mapper/guarantee/DgApplyAmountListMapper.xml

@@ -21,8 +21,9 @@
         au.status,au.operating_status,cc.name,cc.phone,ps.business_status
         from dg_apply_amount_list au
         left join dg_apply_amount_info ai on au.business_id = ai.id
-        left join crms_company_customer ccl on ai.company_id = ccl.id
-        left join crms_customer cc on cc.id = ccl.customer_id
+        left join dg_business_company cc on cc.business_id = ai.id
+/*        left join crms_company_customer ccl on ai.company_id = ccl.id
+        left join crms_customer cc on cc.id = ccl.customer_id*/
         left JOIN dg_business_process_status ps ON ps.business_id = au.business_id
         <where>
             au.role_id in

dq-financial-guarantee/src/main/resources/mapper/guarantee/DgAssetsInvestigationMapper.xml

@@ -37,8 +37,9 @@
         au.status,au.operating_status,cc.name,cc.phone,ps.business_status
         from dg_assets_investigation au
         left join dg_apply_amount_info ai on au.business_id = ai.id
-        left join crms_company_customer ccl on ai.company_id = ccl.id
-        left join crms_customer cc on cc.id = ccl.customer_id
+        left join dg_business_company cc on cc.business_id = ai.id
+/*        left join crms_company_customer ccl on ai.company_id = ccl.id
+        left join crms_customer cc on cc.id = ccl.customer_id*/
         left JOIN dg_business_process_status ps ON ps.business_id = au.business_id
         <where>
             au.role_id in

dq-financial-guarantee/src/main/resources/mapper/guarantee/DgBusinessCompanyMapper.xml

@@ -28,6 +28,7 @@
         <result column="name" property="name" />
         <result column="addr" property="addr" />
         <result column="phone" property="phone" />
+        <result column="customer_id" property="customerId" />
     </resultMap>
 
 </mapper>

dq-financial-guarantee/src/main/resources/mapper/guarantee/DgComplianceInvestigationMapper.xml

@@ -23,14 +23,15 @@
         FROM dg_compliance_investigation AS i
         LEFT JOIN dg_apply_amount_info AS a
         ON a.id = i.business_id
-        LEFT JOIN crms_company_customer AS cc
+        left join dg_business_company c on c.business_id = a.id
+/*        LEFT JOIN crms_company_customer AS cc
         ON a.company_id = cc.id
         LEFT JOIN crms_customer AS c
-        ON c.id = cc.customer_id
+        ON c.id = cc.customer_id*/
         LEFT JOIN dg_business_process_status AS b
         ON b.business_id = a.id
-        WHERE c.del_or_not  = 0
-        AND (i.user_id = #{userId} OR i.user_id IS NULL)
+        WHERE /*c.del_or_not  = 0*/
+        /*AND */(i.user_id = #{userId} OR i.user_id IS NULL)
         AND i.role_id IN
         <foreach collection="roleIds" open="(" separator="," close=")" item="roleId">
             #{roleId}

dq-financial-guarantee/src/main/resources/mapper/guarantee/DgGuaranteeAssignUserMapper.xml

@@ -24,8 +24,9 @@
         au.status,au.operating_status,cc.name,cc.phone,ps.business_status
         from dg_guarantee_assign_user au
         left join dg_apply_amount_info ai on au.business_id = ai.id
-        left join crms_company_customer ccl on ai.company_id = ccl.id
-        left join crms_customer cc on cc.id = ccl.customer_id
+        left join dg_business_company cc on cc.business_id = ai.id
+/*        left join crms_company_customer ccl on ai.company_id = ccl.id
+        left join crms_customer cc on cc.id = ccl.customer_id*/
         left JOIN dg_business_process_status ps ON ps.business_id = au.business_id
         <where>
             au.role_id in

dq-financial-guarantee/src/main/resources/mapper/guarantee/DgGuaranteeLetterAssignUserMapper.xml

@@ -38,8 +38,9 @@
         aai.bank,lcc.passing_time,lcc.file,lau.audit_opinion,lau.operating_status,bps.business_status,lau.business_id,lau.role_id
         from dg_guarantee_letter_assign_user lau
         left join dg_apply_amount_info aai on lau.business_id = aai.id
-        left join crms_company_customer ccc on lau.company_id = ccc.id
-        left join crms_customer cc on ccc.customer_id = cc.id
+        left join dg_business_company cc on cc.business_id = aai.id
+/*        left join crms_company_customer ccc on lau.company_id = ccc.id
+        left join crms_customer cc on ccc.customer_id = cc.id*/
         left join dg_loan_committee_consider lcc on lau.business_id = lcc.business_id
         left join dg_business_process_status bps on lau.business_id = bps.business_id
         <where>

dq-financial-guarantee/src/main/resources/mapper/guarantee/DgLoanCommitteeConsiderMapper.xml

@@ -26,14 +26,15 @@
         FROM dg_loan_committee_consider AS l
         LEFT JOIN dg_apply_amount_info AS a
         ON a.id = l.business_id
-        LEFT JOIN crms_company_customer AS cc
+        left join dg_business_company c on c.business_id = a.id
+/*        LEFT JOIN crms_company_customer AS cc
         ON a.company_id = cc.id
         LEFT JOIN crms_customer AS c
-        ON cc.customer_id = c.id
+        ON cc.customer_id = c.id*/
         LEFT JOIN dg_business_process_status AS b
         ON b.business_id = a.id
-        WHERE c.del_or_not = 0
-        AND (l.consider_id = #{userId} OR l.consider_id IS NULL)
+        WHERE /*c.del_or_not = 0*/
+        /*AND*/ (l.consider_id = #{userId} OR l.consider_id IS NULL)
         AND l.role_id IN
         <foreach collection="roleIds" open="(" separator="," close=")" item="roleId">
             #{roleId}

dq-financial-guarantee/src/main/resources/mapper/guarantee/DgLoanNoticeMapper.xml

@@ -37,8 +37,9 @@
         aai.create_time,ln.status,aai.bank,ln.audit_opinion,ln.operating_status,bps.business_status,ln.business_id,lcc.passing_time
         from dg_loan_notice ln
         left join dg_apply_amount_info aai on ln.business_id = aai.id
-        left join crms_company_customer ccc on ln.company_id = ccc.id
-        left join crms_customer cc on ccc.customer_id = cc.id
+        left join dg_business_company cc on cc.business_id = aai.id
+/*        left join crms_company_customer ccc on ln.company_id = ccc.id
+        left join crms_customer cc on ccc.customer_id = cc.id*/
         left join dg_loan_committee_consider lcc on ln.business_id = lcc.business_id
         left join dg_business_process_status bps on ln.business_id = bps.business_id
         <where>

dq-financial-guarantee/src/main/resources/mapper/guarantee/DgMessageInvestigationMapper.xml

@@ -23,8 +23,9 @@
         au.status,au.operating_status,cc.name,cc.phone,ps.business_status
         from dg_message_investigation au
         left join dg_apply_amount_info ai on au.business_id = ai.id
-        left join crms_company_customer ccl on ai.company_id = ccl.id
-        left join crms_customer cc on cc.id = ccl.customer_id
+        left join dg_business_company cc on cc.business_id = ai.id
+/*        left join crms_company_customer ccl on ai.company_id = ccl.id
+        left join crms_customer cc on cc.id = ccl.customer_id*/
         left JOIN dg_business_process_status ps ON ps.business_id = au.business_id
         <where>
             au.role_id in

dq-financial-guarantee/src/main/resources/mapper/guarantee/DgPaymentConfirmationConsiderMapper.xml

@@ -40,8 +40,9 @@
         aai.bank,lcc.passing_time,lcc.file,pcc.audit_opinion,pcc.operating_status,bps.business_status,pcc.business_id,pcc.img_file,pcc.role_id
         from dg_payment_confirmation_consider pcc
         left join dg_apply_amount_info aai on pcc.business_id = aai.id
-        left join crms_company_customer ccc on pcc.company_id = ccc.id
-        left join crms_customer cc on ccc.customer_id = cc.id
+        left join dg_business_company cc on cc.business_id = aai.id
+/*        left join crms_company_customer ccc on pcc.company_id = ccc.id
+        left join crms_customer cc on ccc.customer_id = cc.id*/
         left join dg_loan_committee_consider lcc on pcc.business_id = lcc.business_id
         left join dg_business_process_status bps on pcc.business_id = bps.business_id
         <where>

dq-financial-guarantee/src/main/resources/mapper/guarantee/DgWorkConferenceConsiderMapper.xml

@@ -22,10 +22,11 @@
         FROM dg_work_conference_consider AS w
         LEFT JOIN dg_apply_amount_info AS a
         ON a.id = w.business_id
-        LEFT JOIN crms_company_customer AS cc
+        left join dg_business_company c on c.business_id = a.id
+/*        LEFT JOIN crms_company_customer AS cc
         ON a.company_id = cc.id
         LEFT JOIN crms_customer AS c
-        ON cc.customer_id = c.id
+        ON cc.customer_id = c.id*/
         LEFT JOIN dg_business_process_status AS b
         ON b.business_id = a.id
         LEFT JOIN (SELECT business_id,SUM(CASE role_id WHEN 59 THEN emp_id ELSE 0 END) AS A,
@@ -38,8 +39,8 @@
         ON a.id = ass.business_id
         LEFT JOIN dg_message_investigation AS m
         ON a.id = m.business_id
-        WHERE c.del_or_not = 0
-        AND (w.user_id = #{userId} OR w.user_id IS NULL)
+        WHERE /*c.del_or_not = 0*/
+        /*AND*/ (w.user_id = #{userId} OR w.user_id IS NULL)
         AND w.role_id IN
         <foreach collection="roleIds" open="(" separator="," close=")" item="roleId">
             #{roleId}

dq-financial-hrms-auth/pom.xml

@@ -82,6 +82,35 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
+
+        <dependency>
+            <groupId>cn.hutool</groupId>
+            <artifactId>hutool-all</artifactId>
+            <version>5.3.8</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.codehaus.xfire</groupId>
+            <artifactId>xfire-core</artifactId>
+            <version>1.2.6</version>
+        </dependency>
+        <dependency>
+            <groupId>com.vaadin.external.google</groupId>
+            <artifactId>android-json</artifactId>
+            <version>0.0.20131108.vaadin1</version>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-jdk16</artifactId>
+            <version>1.46</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-test</artifactId>
+            <version>2.3.5.RELEASE</version>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <dependencyManagement>

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java

@@ -2,12 +2,8 @@ package com.daqing.financial.hrauth.config;
 
 import com.daqing.financial.hrauth.filter.AdminAuthenticationProcessingFilter;
 import com.daqing.financial.hrauth.filter.MyAuthenticationFilter;
-import com.daqing.financial.hrauth.handle.AdminAuthenticationEntryPoint;
-import com.daqing.financial.hrauth.handle.UrlAccessDecisionManager;
-import com.daqing.financial.hrauth.handle.UrlAccessDeniedHandler;
-import com.daqing.financial.hrauth.handle.UrlFilterInvocationSecurityMetadataSource;
+import com.daqing.financial.hrauth.handle.*;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.ObjectPostProcessor;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -60,13 +56,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
      */
     private final UrlAccessDeniedHandler urlAccessDeniedHandler;
 
-    public SecurityConfig(MyAuthenticationFilter myAuthenticationFilter, AdminAuthenticationEntryPoint adminAuthenticationEntryPoint, AdminAuthenticationProcessingFilter adminAuthenticationProcessingFilter, UrlFilterInvocationSecurityMetadataSource urlFilterInvocationSecurityMetadataSource, UrlAccessDeniedHandler urlAccessDeniedHandler, UrlAccessDecisionManager urlAccessDecisionManager) {
+    /**
+     * Token异常处理
+     */
+    private final CustomAccessDeniedHandler customAccessDeniedHandler;
+
+    public SecurityConfig(MyAuthenticationFilter myAuthenticationFilter, AdminAuthenticationEntryPoint adminAuthenticationEntryPoint, AdminAuthenticationProcessingFilter adminAuthenticationProcessingFilter, UrlFilterInvocationSecurityMetadataSource urlFilterInvocationSecurityMetadataSource, UrlAccessDeniedHandler urlAccessDeniedHandler, UrlAccessDecisionManager urlAccessDecisionManager, CustomAccessDeniedHandler customAccessDeniedHandler) {
         this.myAuthenticationFilter = myAuthenticationFilter;
         this.adminAuthenticationEntryPoint = adminAuthenticationEntryPoint;
         this.adminAuthenticationProcessingFilter = adminAuthenticationProcessingFilter;
         this.urlFilterInvocationSecurityMetadataSource = urlFilterInvocationSecurityMetadataSource;
         this.urlAccessDeniedHandler = urlAccessDeniedHandler;
         this.urlAccessDecisionManager = urlAccessDecisionManager;
+        this.customAccessDeniedHandler = customAccessDeniedHandler;
     }
 
 
@@ -87,6 +89,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
         // 登录过后访问无权限的接口时自定义403响应内容
         http.exceptionHandling().accessDeniedHandler(urlAccessDeniedHandler);
 
+        //Token异常
+        http.exceptionHandling().accessDeniedHandler(customAccessDeniedHandler);
+
         // url权限认证处理
         registry.withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
             @Override
@@ -115,7 +120,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
         //registry.antMatchers("/api-guarantee/dg-apply-amount-info/getRoles").hasIpAddress("127.0.0.1");
         // 允许匿名的url - 可理解为放行接口 - 多个接口使用,分割
         registry.antMatchers("/**").permitAll();
-        //registry.antMatchers("/api-guarantee/dg-apply-amount-info/getRoles").permitAll();
+//        registry.antMatchers("/api-guarantee/dg-apply-amount-info/getRoles").permitAll();
 //        registry.antMatchers("/**").access("hasAuthority('admin')");
         // OPTIONS(选项)：查找适用于一个特定网址资源的通讯选择。 在不需执行具体的涉及数据传输的动作情况下， 允许客户端来确定与资源相关的选项以及 / 或者要求， 或是一个服务器的性能
         //registry.antMatchers(HttpMethod.OPTIONS, "/**").denyAll();
@@ -141,7 +146,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     @Override
     public void configure(WebSecurity web) throws Exception {
         web.ignoring().antMatchers("/**");
-        //web.ignoring().antMatchers("/dg-apply-amount-info/getRoles","/api-guarantee/dg-apply-amount-info/getRoles");
+//        web.ignoring().antMatchers("/dg-apply-amount-info/getRoles","/api-guarantee/dg-apply-amount-info/getRoles");
     }
 
 }

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java

@@ -5,6 +5,7 @@ import com.alibaba.fastjson.JSONObject;
 import com.daqing.financial.hrauth.UserLoginControllerApi;
 import com.daqing.financial.hrauth.config.WeChatConfig;
 import com.daqing.financial.hrauth.feign.HrmsFeignService;
+import com.daqing.financial.hrauth.model.XccLoginReq;
 import com.daqing.financial.hrauth.service.UserLoginService;
 import com.daqing.financial.hrauth.service.UserService;
 import com.daqing.framework.domain.hrms.EmployeeEntity;
@@ -33,6 +34,7 @@ import java.io.InputStreamReader;
 import java.io.UnsupportedEncodingException;
 import java.net.URLDecoder;
 import java.net.URLEncoder;
+import java.util.Map;
 
 
 /**
@@ -217,14 +219,16 @@ public class UserLoginController implements UserLoginControllerApi {
 
     /**
      * 微信小程序获取openid和session_key授权登录
-     * @param code
+     * @param
      * @return
      */
     @PostMapping(value = "/wxAuthLogin")
-    public ResponseResult wxAuthLogin(@RequestBody String code){
+    public ResponseResult wxAuthLogin(@RequestBody XccLoginReq xccLoginReq){
 
-        String openid = userLoginService.wxAuthLogin(code);
+        String encryptedData = xccLoginReq.getEncryptedData();
+        String code = xccLoginReq.getCode();
+        String iv = xccLoginReq.getIv();
+        Map openid = userLoginService.wxAuthLogin(encryptedData,iv,code);
         return ResponseResult.SUCCESS(openid);
     }
-
 }

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/CustomAccessDeniedHandler.java

@@ -0,0 +1,66 @@
+package com.daqing.financial.hrauth.handle;
+
+import com.daqing.financial.hrauth.model.ApiResult;
+import com.daqing.financial.hrauth.service.impl.UserDetailsServiceImpl;
+import com.daqing.financial.hrauth.util.ResponseUtils;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.MediaType;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.stereotype.Component;
+import org.springframework.stereotype.Service;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Security自定义异常处理类
+ * @Author: jialing xu
+ * @Description: xvjialing@outlook.com
+ * @Date: 17:24 2018/8/7
+ */
+@Slf4j
+@Component
+public class CustomAccessDeniedHandler implements AccessDeniedHandler {
+
+    @Autowired
+    private ObjectMapper objectMapper;
+
+    private final UserDetailsServiceImpl userDetailsService;
+
+    protected CustomAccessDeniedHandler(UserDetailsServiceImpl userDetailsService) {
+        this.userDetailsService = userDetailsService;
+    }
+
+    @Override
+    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException {
+/*        log.error("Token异常处理来了~~~~"+accessDeniedException.getMessage());
+        response.setContentType("application/json;charset=UTF-8");
+        Map map = new HashMap();
+        map.put("code", "403");
+        map.put("msg", accessDeniedException.getMessage());
+        map.put("data","");
+        response.setContentType("application/json");
+        response.setStatus(HttpServletResponse.SC_OK);
+        response.getWriter().write(objectMapper.writeValueAsString(map));*/
+
+//        ResponseUtils.out(response, ApiResult.fail(401, e.getMessage()));
+        String token = request.getHeader("token");
+        if (StringUtils.isNotBlank(token)) {
+            // 检查token
+            SecurityUser securityUser = userDetailsService.getUserByToken(token);
+            if (securityUser == null || securityUser.getCurrentUserInfo() == null) {
+                //ExceptionCast.cast(HrmsCode.TOKEN_EXCEPTION);
+                throw new AccessDeniedException("TOKEN已过期，请重新登录~~~");
+            }
+        }
+    }
+}

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/model/XccLoginReq.java

@@ -0,0 +1,25 @@
+package com.daqing.financial.hrauth.model;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import java.io.Serializable;
+
+/**
+ * <p>
+ * 访问记录表
+ * </p>
+ *
+ * @author Qyq
+ * @since 2021-01-12
+ */
+@Data
+public class XccLoginReq implements Serializable {
+
+    private String encryptedData;//明文,加密数据
+    private String iv;//加密算法的初始向量
+    private String code;//用户允许登录后，回调内容会带上 code（有效期五分钟），开发者需要将 code 发送到开发者服务器后台
+    // ，使用code 换取 session_key api，将 code 换成 openid 和 session_key
+
+}

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/UserLoginService.java

@@ -6,6 +6,8 @@ import com.daqing.framework.domain.hrms.UserEntity;
 import com.daqing.framework.domain.hrms.request.*;
 import com.daqing.framework.model.response.ResponseResult;
 
+import java.util.Map;
+
 /**
  * @auther River
  * @date 2020/9/22 15:00
@@ -23,5 +25,5 @@ public interface UserLoginService extends IService<UserEntity> {
 
     int isPhoneExist(String mobile);
 
-    String wxAuthLogin(String code);
+    Map wxAuthLogin(String encryptedData, String iv, String code);
 }

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java

@@ -1,5 +1,6 @@
 package com.daqing.financial.hrauth.service.impl;
 
+
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
@@ -13,34 +14,27 @@ import com.daqing.financial.hrauth.model.HrmsAccessRecordsLog;
 import com.daqing.financial.hrauth.service.LoginLogService;
 import com.daqing.financial.hrauth.service.TokenService;
 import com.daqing.financial.hrauth.service.UserLoginService;
-import com.daqing.framework.domain.guarantee.response.EmployeeMessageResponse;
+import com.daqing.financial.hrauth.util.*;
 import com.daqing.framework.domain.hrms.*;
 import com.daqing.framework.domain.hrms.request.*;
 import com.daqing.framework.domain.hrms.response.HrmsCode;
 import com.daqing.framework.domain.hrms.response.LoginResponse;
 import com.daqing.framework.exception.ExceptionCast;
-import com.daqing.framework.model.response.CommonCode;
 import com.daqing.framework.model.response.ResponseResult;
 import com.daqing.framework.util.JwtUtils;
 import com.daqing.framework.util.Md5Util;
-import com.daqing.framework.util.RedisUtil;
 import com.daqing.framework.util.SendUtil;
+import lombok.extern.java.Log;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.lang3.StringUtils;
-import org.apache.http.HttpEntity;
-import org.apache.http.client.methods.CloseableHttpResponse;
-import org.apache.http.client.methods.HttpGet;
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClients;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import javax.annotation.Resource;
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
+import javax.servlet.http.HttpServletRequest;
 import java.util.*;
 
 /**
@@ -170,7 +164,8 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
         }
 
         //登录成功，token生成
-        long times = 86400;
+        long times = 86400;//24h
+        //long times =60;//1min
         if(loginRequest.getTenDayEffective() == 1){
             times = 864000;
         }
@@ -317,13 +312,86 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
     }
 
     @Override
-    public String wxAuthLogin(String code) {
-        System.out.println(code);
+    public Map wxAuthLogin(String encryptedData, String iv,String code) {
+        System.out.println("code****"+code+"encryptedData**************"+encryptedData+"iv**********"+iv);
         System.out.println("来了小程序登录------------------------------------");
         //微信那边的接口，grant_type=authorization_code是固定的
-/*        String url="https://api.weixin.qq.com/sns/jscode2session?appid="+APPID+
-                "&secret="+SECRET+"&js_code="+ code +"&grant_type=authorization_code";*/
+        String url = String.format(weChatConfig.getWX_AUTH_URL(),weChatConfig.getXcxAppid(),weChatConfig.getXcxAppsecret(),code);
+        System.out.println("url==============="+url);
+
+        //向微信服务器 使用登录凭证 code 获取 session_key 和 openid
+        // 请求参数
+        String params = "appid=" + weChatConfig.getXcxAppid() + "&secret=" + weChatConfig.getXcxAppsecret() + "&js_code=" + code + "&grant_type="
+                + "authorization_code";
+        // 发送请求
+        String sr = HttpRequest.sendGet("https://api.weixin.qq.com/sns/jscode2session", params);
+
+        System.out.println("sr==================="+sr);
+        // 解析相应内容（转换成json对象）
+        //JSONObject json = JSON.parseObject(url);
+        cn.hutool.json.JSONObject json = new cn.hutool.json.JSONObject(sr);
+        // 获取会话密钥（session_key）
+        String session_key = json.get("session_key").toString();
+        // 用户的唯一标识（openid）
+        String openid = (String) json.get("openid");
+
+        System.out.println("session_key======"+session_key+"openid===="+openid);
+
+        Map map = new HashMap();
+
+        //======================此处为死数据============================
+        encryptedData="V6E2hVgfhatfPt/octP4c6881lJ1GCsYqtzY9MzqlWTpthAw5uWJLpRoXtmO5oM7XSHS6xKqh8YVzhKmrfzbb66574fbfE7n5ADSJYlsJwem1ifm3sypW9Ys3GSBwHaQ/x+Sn3rfs+HKMJgegGn+b3R5X7eXFhrA6lFnd+/xpYB4VWztFMsIyVT85Mlv5G3vp1FryctiGjWTFDDh1kAFXQ31Cso91SuAW2muSUaHh32pJ+WBrpZ7wrEZyyuqMqA0UpZve+gonUpZjnRWXewTTWm6jvc7lMQqFA1PD13pOGKYNKD/WxtaMXPWmvN+5WVwScH7ueEeppA1/aFwsMGnDBUU/+B04WxuQxo+M4b15vIq5GxI5Qvulv1taRdA5oiI10K+9UJAm+dz/2c2ZqEIiu+QTj9gvgbJsrIWMe0Wu5qmNTj/V97furJlcVaVvJvUy0N8zrqb7unAptjL0bQUvIB0ZXVgNbGEZLmAbpQhNgpIJ0ft6LiqvIzkrRYR+sIVr+mJrCoYxhyxB8cqsHJT2w==";
+        session_key="Piqc8iFe6pN0i5ofq4Y6PA==";
+        iv="Y37DfoP3+4ysUBo8YOnfiQ==";
+        System.out.println("session_key======"+session_key+"openid===="+openid);
+        System.out.println("code****"+code+"encryptedData**************"+encryptedData+"iv**********"+iv);
+
+        //对encryptedData加密数据进行AES解密
+        try {
+            String result = WXBizDataCrypt.getInstance().decrypt(encryptedData, session_key, iv, "utf-8");
+            System.out.println("AES解密值==="+result);
+            //String result = AesCbcUtil.decrypt2(session_key,encryptedData, iv);
+            //String result = AesCbcUtil.decrypt(encryptedData, session_key, iv, "UTF-8");
+            if (null != result && result.length() > 0) {
+                map.put("status", 1);
+                map.put("msg", "解密成功");
+
+                JSONObject userInfoJSON = JSONObject.parseObject(result);
+                //JSONObject userInfoJSON = JSON.parseObject(result);
+                //cn.hutool.json.JSONObject userInfoJSON = new cn.hutool.json.JSONObject(result);
+                System.out.println("userInfoJSON===="+userInfoJSON);
+                Map userInfo = new HashMap();
+                userInfo.put("openId", userInfoJSON.get("openId"));
+                userInfo.put("nickName", userInfoJSON.get("nickName"));
+                userInfo.put("gender", userInfoJSON.get("gender"));
+                userInfo.put("city", userInfoJSON.get("city"));
+                userInfo.put("province", userInfoJSON.get("province"));
+                userInfo.put("country", userInfoJSON.get("country"));
+                userInfo.put("avatarUrl", userInfoJSON.get("avatarUrl"));
+                // 解密unionId & openId;
+
+                System.out.println("userInfoJSON==============="+userInfoJSON);
+                System.out.println("unionId============"+userInfoJSON.get("unionId"));
+                userInfo.put("unionId", userInfoJSON.get("unionId"));
+                map.put("userInfo", userInfo);
+            } else {
+                map.put("status", 0);
+                map.put("msg", "解密失败");
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+
+        System.out.println("map===================="+map.get("userInfo"));
+
+        return map;
+    }
 
+/*    @Override
+    public String wxAuthLogin(String encryptedData, String iv,String code) {
+        System.out.println(code);
+        System.out.println("来了小程序登录------------------------------------");
+        //微信那边的接口，grant_type=authorization_code是固定的
         String url = String.format(weChatConfig.getWX_AUTH_URL(),weChatConfig.getXcxAppid(),weChatConfig.getXcxAppsecret(),code);
 
         System.out.println("url==============="+url);
@@ -343,9 +411,12 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
                 System.out.println(line); //这里需要使用fastjson来提取一下内容
                 JSONObject jsonObject= JSON.parseObject(line);
                 Login login=new Login();
+                System.out.println("jsonObject====================="+jsonObject);
+                System.out.println("unionId==================="+jsonObject.getString("unionid"));
                 login.setOpenid(jsonObject.getString("openid"));
                 login.setSession_key(jsonObject.getString("session_key"));
-                result.append(login.getOpenid());
+                login.setUnionid(jsonObject.getString("unionid"));
+                result.append(login.getUnionid());
                 System.out.println(result.toString());
             }
         } catch (IOException e) {
@@ -353,6 +424,161 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
         }
 
         return result.toString();
+    }*/
+
+/*    @Override
+    public String wxAuthLogin(String encryptedData, String iv,String code) {
+        System.out.println(code);
+        System.out.println("来了小程序登录------------------------------------");
+        //微信那边的接口，grant_type=authorization_code是固定的
+        String url = String.format(weChatConfig.getWX_AUTH_URL(),weChatConfig.getXcxAppid(),weChatConfig.getXcxAppsecret(),code);
+
+        System.out.println("url==============="+url);
+        Map<String ,Object> baseMap =  HttpUtils.doGet(url);
+        if(baseMap == null || baseMap.isEmpty()){ return  null; }
+        String accessToken = (String)baseMap.get("access_token");
+        String openId  = (String) baseMap.get("openid");
+        String unionId  = (String) baseMap.get("unionid");
+        System.out.println("小程序登录openId============="+openId+"unionId=============="+unionId+"baseMap============"+baseMap);
+
+        return unionId;
+    }*/
+/*
+    *//**
+     * 1 先按照loginInfo信息查询有无有unionID
+     *  2 如果有,直接返回 ,程序结束
+     *  3 如果没有,将用于解密的session_key获取
+     *  4 根据userInfo拿取encryptedData等加密数据
+     *  5 对加密数据进行逆解密
+     *  6 拿到unionID 返回,程序结
+     *
+     * userInfo TODO 注意一下：通过user.getInfo获取的和通过button授权获取的格式不一样
+     *
+     *//*
+    @Override
+    public ResponseResult getUnionID(Long platformId, String userInfo, String loginInfo, HttpServletRequest request) {
+
+        Map<String, String> resLogign = null;
+        JSONObject resUserInfo = null;
+
+        System.out.println("--------------->>>>>进入WeChatServiceImpl");
+        resLogign = getUnionIDByLoginInfo(loginInfo, request);
+        // 加密session_key 解密需要
+        String session_key = resLogign.get("session_key");
+        if (StringUtils.isNotBlank(resLogign.get("unionid"))) {
+            System.out.println("返回数据,获取unionid,程序结束<<<------unionid={}"+resLogign.get("unionid"));
+            return ResponseResult.SUCCESS("获取unionid成功,返回数据！"+resLogign);
+        } else {
+            System.out.println("没有获取到unionid,userinfo进行对称解密操作start----->");
+
+            resUserInfo = decipherByUserInfo(session_key, userInfo, request);
+            if (resUserInfo != null && StringUtils.isNotEmpty(resUserInfo.toJSONString())) {
+                System.out.println("解密后的信息为resUserInfo:{}"+resUserInfo.toJSONString());
+                // 解密信息由 data.get("unionid") 获取
+                return ResponseResult.SUCCESS("获取解密信息成功"+resUserInfo);
+            }
+        }
+        return null;
     }
+    *//**
+     *
+     * @param session_key
+     * @param userInfo
+     * @param request
+     * @return
+     *//*
+    private  JSONObject decipherByUserInfo(String session_key, String userInfo, HttpServletRequest request) {
+
+        System.out.println("--------------->>>>>进入 decipherByUserInfo");
+        Map<String, String> resUserInfo = new HashMap<>();
+
+        if (!userInfo.contains("login:ok")&&!userInfo.contains("getUserInfo:ok")) {
+            return null;
+        }
+        JSONObject jsonUserInfo = JSONObject.parseObject(userInfo);
+        System.out.println("将userInfo转换成JSON,userInfo:{}"+jsonUserInfo.toJSONString());
+        String encryptedData = "";
+        String iv = "";
+        if (jsonUserInfo.get("detail") != null && StringUtils.isNotBlank(jsonUserInfo.get("detail").toString())) {
+            String detail = jsonUserInfo.get("detail").toString();
+
+            JSONObject parseObject = JSONObject.parseObject(detail);
+            encryptedData = (String) parseObject.get("encryptedData");
+            iv = (String) parseObject.get("iv");
+        } else {
+            encryptedData = (String) jsonUserInfo.get("encryptedData");
+            iv = (String) jsonUserInfo.get("iv");
+        }
+        System.out.println("获取解密数据解密start------------>>>解密需要的数据为：encryptedData:{},iv:{},session_key:{}"+"encryptedData===="+encryptedData+"iv===="+iv+"session_key===="+session_key);
+        // 被加密的数据
+        byte[] dataByte = Base64.decodeBase64(encryptedData);
+        // 加密秘钥
+        byte[] aeskey = Base64.decodeBase64(session_key);
+        // 偏移量
+        byte[] ivByte = Base64.decodeBase64(iv);
+        System.out.println("对加密数据进行Base64编码完毕------------>>>dataByte:{},aeskey:{},ivByte:{}"+dataByte.toString()+aeskey.toString()+ivByte.toString());
+        String newuserInfo = "";
+        try {
+            AES aes = new AES();
+            byte[] resultByte = aes.decrypt(dataByte, aeskey, ivByte);
+            if (null != resultByte && resultByte.length > 0) {
+                newuserInfo = new String(resultByte, "UTF-8");
+                System.out.println("解密完毕,解密结果为newuserInfo:{}"+newuserInfo);
+                return JSONObject.parseObject(newuserInfo);
+            }
+        } catch (Exception e) {
+            System.out.println("解密异常!检查解密数据 {}"+newuserInfo+e);
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    *//**
+     * 根据logininfo 的code尝试获取unionID
+     *
+     * @param loginInfo
+     * @param request
+     * @return
+     *//*
+    private  Map<String, String> getUnionIDByLoginInfo(String loginInfo, HttpServletRequest request) {
+        JSONObject loginRes = null;
+        Map<String, Object> loginReq = new HashMap<>();
+        Map<String, String> loginResMap = new HashMap<>();
+
+        System.out.println("--------------->>>>>进入 getUnionIDByLoginInfo");
+
+        JSONObject loginMap = JSONObject.parseObject(loginInfo);
+        System.out.println("转换JSON完毕");
+
+        System.out.println("组装请求数据----start：");
+        String resCode = (String) loginMap.get("code");
+        loginReq.put("js_code", resCode);
+        loginReq.put("appid", weChatConfig.getXcxAppid()); // 这几个变量是自己去获取的 我做成了配置文件中
+        loginReq.put("secret", weChatConfig.getXcxAppsecret()); // 去这个网址看参数说明:  https://developers.weixin.qq.com/miniprogram/dev/api/api-login.html#wxloginobject
+        loginReq.put("grant_type", "authorization_code");
+        System.out.println("组装请求参数完毕loginReq={}"+loginReq);
+        try {
 
-}
+            System.out.println("开始发送请求到微信...url={}"+weChatConfig.getWX_AUTH_URL());
+
+            loginRes = HttpClientUtils.doGet(SysConstants.WEICHAT_UNIONID_URL, loginReq);
+        } catch (Exception e) {
+            System.out.println("调用httpClient异常！异常信息={}"+e);
+            throw new RuntimeException(e);
+        }
+        String openid = (String) loginRes.get("openid");
+        String session_key = (String) loginRes.get("session_key");
+        String unionid = (String) loginRes.get("unionid");
+        loginResMap.put("openid", openid);
+        loginResMap.put("unionid", unionid);
+        loginResMap.put("session_key", session_key);
+        System.out.println("https返回数据loginRes={}"+loginRes.toJSONString());
+        // 微信建议不要在传输中有session_key,我们在这里做一个缓存数据key=session_key_safe,value="真实的session_key+真实的openid"
+        // TODO
+        // 时间问题,这里暂不处理
+        // loginResMap.put("session_key", "session_key_safe");
+
+        return loginResMap;
+    }*/
+
+    }

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java

@@ -58,7 +58,8 @@ public class UserServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> imple
         if(baseMap == null || baseMap.isEmpty()){ return  null; }
         String accessToken = (String)baseMap.get("access_token");
         String openId  = (String) baseMap.get("openid");
-        System.out.println("微信扫码加密前openId============="+openId);
+        String unionId  = (String) baseMap.get("unionid");
+        System.out.println("微信扫码加密前openId============="+openId+"unionId=============="+unionId+"baseMap============"+baseMap);
         //对code(回调过来的openid)加密
         String md5OpenId = Md5Util.md5(openId);
         log.info("accessToken========> "+accessToken+"openId========> "+openId+"code=======> "+code+"md5OpenId============>"+md5OpenId);
@@ -145,7 +146,8 @@ public class UserServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> imple
             return false;
         }
         String openId  = (String) baseMap.get("openid");
-        log.info(openId+"--------------------------------------------------------------------------------------------------");
+        String unionId  = (String) baseMap.get("unionid");
+        log.info("openId========="+openId+"unionId===="+unionId);
         String md5OpenId = Md5Util.md5(openId);
         Integer countWeChatId = this.getBaseMapper().countWeChatId(md5OpenId);
         String token = this.getBaseMapper().getTokenByUserId(Long.parseLong(state));

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AES.java

@@ -0,0 +1,73 @@
+package com.daqing.financial.hrauth.util;
+
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Security;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
+public class AES {
+    public static boolean initialized = false;
+
+    /**
+     * AES对称解密工具类
+     *
+     * @param content
+     *            密文
+     * @return
+     * @throws InvalidAlgorithmParameterException
+     * @throws NoSuchProviderException
+     */
+    public byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException {
+        initialize();
+        try {
+            // java是没有
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
+            Key sKeySpec = new SecretKeySpec(keyByte, "AES");
+
+            cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化
+            byte[] result = cipher.doFinal(content);
+            return result;
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (NoSuchPaddingException e) {
+            e.printStackTrace();
+        } catch (InvalidKeyException e) {
+            e.printStackTrace();
+        } catch (IllegalBlockSizeException e) {
+            e.printStackTrace();
+        } catch (BadPaddingException e) {
+            e.printStackTrace();
+        } catch (NoSuchProviderException e) {
+            e.printStackTrace();
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    public static void initialize() {
+        if (initialized)
+            return;
+        Security.addProvider(new BouncyCastleProvider());
+        initialized = true;
+    }
+
+    // 生成iv
+    public static AlgorithmParameters generateIV(byte[] iv) throws Exception {
+        AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
+        params.init(new IvParameterSpec(iv));
+        return params;
+    }
+}

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AesCbcUtil.java

@@ -0,0 +1,171 @@
+package com.daqing.financial.hrauth.util;
+
+import org.apache.commons.codec.binary.Base64;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
+import javax.crypto.*;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.io.UnsupportedEncodingException;
+import java.nio.charset.StandardCharsets;
+import java.security.*;
+import java.security.spec.InvalidParameterSpecException;
+import java.util.Arrays;
+
+/**
+ * Created by yfs on 2018/3/25.
+ * <p>
+ * AES-128-CBC 加密方式
+ * 注：
+ * AES-128-CBC可以自己定义“密钥”和“偏移量“。
+ * AES-128是jdk自动生成的“密钥”。
+ */
+public class AesCbcUtil {
+
+
+    static {
+        //BouncyCastle是一个开源的加解密解决方案，主页在http://www.bouncycastle.org/
+        Security.addProvider(new BouncyCastleProvider());
+    }
+
+    /**
+     * AES解密
+     *
+     * @param data           //密文，被加密的数据
+     * @param key            //秘钥
+     * @param iv             //偏移量
+     * @param encodingFormat //解密后的结果需要进行的编码
+     * @return
+     * @throws Exception
+     */
+    public static String decrypt(String data, String key, String iv, String encodingFormat) throws Exception {
+//        initialize();
+
+        //被加密的数据
+        byte[] dataByte = Base64.decodeBase64(data);
+        //加密秘钥
+        byte[] keyByte = Base64.decodeBase64(key);
+        //偏移量
+        byte[] ivByte = Base64.decodeBase64(iv);
+
+
+        try {
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
+
+            SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
+
+            AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
+            parameters.init(new IvParameterSpec(ivByte));
+
+            cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
+
+            byte[] resultByte = cipher.doFinal(dataByte);
+            if (null != resultByte && resultByte.length > 0) {
+                String result = new String(resultByte, encodingFormat);
+                return result;
+            }
+            return null;
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (NoSuchPaddingException e) {
+            e.printStackTrace();
+        } catch (InvalidParameterSpecException e) {
+            e.printStackTrace();
+        } catch (InvalidKeyException e) {
+            e.printStackTrace();
+        } catch (InvalidAlgorithmParameterException e) {
+            e.printStackTrace();
+        } catch (IllegalBlockSizeException e) {
+            e.printStackTrace();
+        } catch (BadPaddingException e) {
+            e.printStackTrace();
+        } catch (UnsupportedEncodingException e) {
+            e.printStackTrace();
+        }
+
+        return null;
+    }
+
+    /**
+     * AES解密
+     *
+     * @param encryptedData 消息密文
+     * @param ivStr         iv字符串
+     */
+    public static byte[] decrypt2(String sessionKey, String encryptedData, String ivStr) {
+        try {
+            AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
+            params.init(new IvParameterSpec(Base64.decodeBase64(ivStr)));
+
+            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
+            cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(Base64.decodeBase64(sessionKey), "AES"), params);
+
+            String encodingFormat = "UTF-8";
+            byte[] resultByte = cipher.doFinal(Base64.decodeBase64(encryptedData));
+            return  resultByte;
+/*            System.out.println("resultByte===="+resultByte);
+            if (null != resultByte && resultByte.length > 0) {
+                String result = new String(resultByte, encodingFormat);
+                return result;
+            }
+            return null;*/
+            //return new String(PKCS7Encoder.decode(cipher.doFinal(Base64.decodeBase64(encryptedData))), StandardCharsets.UTF_8);
+        } catch (Exception e) {
+            throw new RuntimeException("AES解密失败", e);
+        }
+    }
+
+
+    public static String decryptNew(String encryptedData, String sessionKey, String iv) throws Exception {
+        String result = "";
+        // 被加密的数据
+        byte[] dataByte = Base64.decodeBase64(encryptedData);
+        // 加密秘钥
+        byte[] keyByte = Base64.decodeBase64(sessionKey);
+        // 偏移量
+        byte[] ivByte = Base64.decodeBase64(iv);
+        try {
+            // 如果密钥不足16位，那么就补足. 这个if 中的内容很重要
+            int base = 16;
+            if (keyByte.length % base != 0) {
+                int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
+                byte[] temp = new byte[groups * base];
+                Arrays.fill(temp, (byte) 0);
+                System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
+                keyByte = temp;
+            }
+            // 初始化
+            Security.addProvider(new BouncyCastleProvider());
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
+            SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
+            AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
+            parameters.init(new IvParameterSpec(ivByte));
+            // 初始化
+            cipher.init(Cipher.DECRYPT_MODE, spec, parameters);
+            byte[] resultByte = cipher.doFinal(dataByte);
+            if (null != resultByte && resultByte.length > 0) {
+                result = new String(resultByte, "UTF-8");
+            }
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (NoSuchPaddingException e) {
+            e.printStackTrace();
+        } catch (InvalidParameterSpecException e) {
+            e.printStackTrace();
+        } catch (IllegalBlockSizeException e) {
+            e.printStackTrace();
+        } catch (BadPaddingException e) {
+            e.printStackTrace();
+        } catch (UnsupportedEncodingException e) {
+            e.printStackTrace();
+        } catch (InvalidKeyException e) {
+            e.printStackTrace();
+        } catch (InvalidAlgorithmParameterException e) {
+            e.printStackTrace();
+        } catch (NoSuchProviderException e) {
+            e.printStackTrace();
+        }
+        return result;
+    }
+
+}

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/HttpRequest.java

@@ -0,0 +1,137 @@
+package com.daqing.financial.hrauth.util;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.PrintWriter;
+import java.net.URL;
+import java.net.URLConnection;
+import java.util.List;
+import java.util.Map;
+
+public class HttpRequest {
+
+    public static void main(String[] args) {
+        //发送 GET 请求
+        String s=HttpRequest.sendGet("http://v.qq.com/x/cover/kvehb7okfxqstmc.html?vid=e01957zem6o", "");
+        System.out.println(s);
+
+//        //发送 POST 请求
+//        String sr=HttpRequest.sendPost("http://www.toutiao.com/stream/widget/local_weather/data/?city=%E4%B8%8A%E6%B5%B7", "");
+//        JSONObject json = JSONObject.fromObject(sr);
+//        System.out.println(json.get("data"));
+    }
+
+    /**
+     * 向指定URL发送GET方法的请求
+     *
+     * @param url
+     *            发送请求的URL
+     * @param param
+     *            请求参数，请求参数应该是 name1=value1&name2=value2 的形式。
+     * @return URL 所代表远程资源的响应结果
+     */
+    public static String sendGet(String url, String param) {
+        String result = "";
+        BufferedReader in = null;
+        try {
+            String urlNameString = url + "?" + param;
+            URL realUrl = new URL(urlNameString);
+            // 打开和URL之间的连接
+            URLConnection connection = realUrl.openConnection();
+            // 设置通用的请求属性
+            connection.setRequestProperty("accept", "*/*");
+            connection.setRequestProperty("connection", "Keep-Alive");
+            connection.setRequestProperty("user-agent",
+                    "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
+            // 建立实际的连接
+            connection.connect();
+            // 获取所有响应头字段
+            Map<String, List<String>> map = connection.getHeaderFields();
+            // 遍历所有的响应头字段
+            for (String key : map.keySet()) {
+                System.out.println(key + "--->" + map.get(key));
+            }
+            // 定义 BufferedReader输入流来读取URL的响应
+            in = new BufferedReader(new InputStreamReader(
+                    connection.getInputStream()));
+            String line;
+            while ((line = in.readLine()) != null) {
+                result += line;
+            }
+        } catch (Exception e) {
+            System.out.println("发送GET请求出现异常！" + e);
+            e.printStackTrace();
+        }
+        // 使用finally块来关闭输入流
+        finally {
+            try {
+                if (in != null) {
+                    in.close();
+                }
+            } catch (Exception e2) {
+                e2.printStackTrace();
+            }
+        }
+        return result;
+    }
+
+    /**
+     * 向指定 URL 发送POST方法的请求
+     *
+     * @param url
+     *            发送请求的 URL
+     * @param param
+     *            请求参数，请求参数应该是 name1=value1&name2=value2 的形式。
+     * @return 所代表远程资源的响应结果
+     */
+    public static String sendPost(String url, String param) {
+        PrintWriter out = null;
+        BufferedReader in = null;
+        String result = "";
+        try {
+            URL realUrl = new URL(url);
+            // 打开和URL之间的连接
+            URLConnection conn = realUrl.openConnection();
+            // 设置通用的请求属性
+            conn.setRequestProperty("accept", "*/*");
+            conn.setRequestProperty("connection", "Keep-Alive");
+            conn.setRequestProperty("user-agent",
+                    "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
+            // 发送POST请求必须设置如下两行
+            conn.setDoOutput(true);
+            conn.setDoInput(true);
+            // 获取URLConnection对象对应的输出流
+            out = new PrintWriter(conn.getOutputStream());
+            // 发送请求参数
+            out.print(param);
+            // flush输出流的缓冲
+            out.flush();
+            // 定义BufferedReader输入流来读取URL的响应
+            in = new BufferedReader(
+                    new InputStreamReader(conn.getInputStream()));
+            String line;
+            while ((line = in.readLine()) != null) {
+                result += line;
+            }
+        } catch (Exception e) {
+            System.out.println("发送 POST 请求出现异常！"+e);
+            e.printStackTrace();
+        }
+        //使用finally块来关闭输出流、输入流
+        finally{
+            try{
+                if(out!=null){
+                    out.close();
+                }
+                if(in!=null){
+                    in.close();
+                }
+            }
+            catch(IOException ex){
+                ex.printStackTrace();
+            }
+        }
+        return result;
+    }
+}

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/PKCS7Encoder.java

@@ -0,0 +1,65 @@
+package com.daqing.financial.hrauth.util;
+/**
+ * 对公众平台发送给公众账号的消息加解密示例代码.
+ *
+ * @copyright Copyright (c) 1998-2014 Tencent Inc.
+ */
+
+import java.nio.charset.Charset;
+import java.util.Arrays;
+
+/**
+ * 提供基于PKCS7算法的加解
+ */
+public class PKCS7Encoder {
+
+    private static final Charset CHARSET = Charset.forName("utf-8");
+    private static final int BLOCK_SIZE = 32;
+
+    /**
+     * 获得对明文进行补位填充的字节.
+     *
+     * @param count 需要进行填充补位操作的明文字节个数
+     * @return 补齐用的字节数组
+     */
+    public static byte[] encode(int count) {
+        // 计算需要填充的位数
+        int amountToPad = BLOCK_SIZE - (count % BLOCK_SIZE);
+        if (amountToPad == 0) {
+            amountToPad = BLOCK_SIZE;
+        }
+        // 获得补位所用的字符
+        char padChr = chr(amountToPad);
+        String tmp = new String();
+        for (int index = 0; index < amountToPad; index++) {
+            tmp += padChr;
+        }
+        return tmp.getBytes(CHARSET);
+    }
+
+    /**
+     * 删除解密后明文的补位字符
+     *
+     * @param decrypted 解密后的明文
+     * @return 删除补位字符后的明文
+     */
+    public static byte[] decode(byte[] decrypted) {
+        int pad = decrypted[decrypted.length - 1];
+        if (pad < 1 || pad > 32) {
+            pad = 0;
+        }
+        return Arrays.copyOfRange(decrypted, 0, decrypted.length - pad);
+    }
+
+    /**
+     * 将数字转化成ASCII码对应的字符，用于对明文进行补码
+     *
+     * @param a 需要转化的数字
+     * @return 转化得到的字符
+     */
+    public static char chr(int a) {
+        byte target = (byte) (a & 0xFF);
+        return (char) target;
+    }
+
+}

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/TestUtil.java

@@ -0,0 +1,198 @@
+package com.daqing.financial.hrauth.util;
+
+import com.google.common.primitives.Bytes;
+import org.apache.commons.codec.binary.Base64;
+
+import java.io.UnsupportedEncodingException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+public class TestUtil {
+    /**
+     * 加密
+     *
+     * @param content
+     *            需要加密的内容
+     * @param password
+     *            加密密码
+     * @return
+     */
+    public static byte[] encrypt(String content, String password) {
+        try {
+            KeyGenerator kgen = KeyGenerator.getInstance("AES");
+            kgen.init(128, new SecureRandom(password.getBytes()));
+            SecretKey secretKey = kgen.generateKey();
+            byte[] enCodeFormat = secretKey.getEncoded();
+            SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
+            Cipher cipher = Cipher.getInstance("AES");// 创建密码器
+            byte[] byteContent = content.getBytes("utf-8");
+            cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化
+            byte[] result = cipher.doFinal(byteContent);
+            return result; // 加密
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (NoSuchPaddingException e) {
+            e.printStackTrace();
+        } catch (InvalidKeyException e) {
+            e.printStackTrace();
+        } catch (UnsupportedEncodingException e) {
+            e.printStackTrace();
+        } catch (IllegalBlockSizeException e) {
+            e.printStackTrace();
+        } catch (BadPaddingException e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    /**
+     * 解密
+     *
+     * @param content
+     *            待解密内容
+     * @param password
+     *            解密密钥
+     * @return
+     */
+    public static byte[] decrypt(byte[] content, String password) {
+        try {
+            KeyGenerator kgen = KeyGenerator.getInstance("AES");
+            kgen.init(128, new SecureRandom(password.getBytes()));
+            SecretKey secretKey = kgen.generateKey();
+            byte[] enCodeFormat = secretKey.getEncoded();
+            SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
+            Cipher cipher = Cipher.getInstance("AES");// 创建密码器
+            cipher.init(Cipher.DECRYPT_MODE, key);// 初始化
+            byte[] result = cipher.doFinal(content);
+            return result; // 加密
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (NoSuchPaddingException e) {
+            e.printStackTrace();
+        } catch (InvalidKeyException e) {
+            e.printStackTrace();
+        } catch (IllegalBlockSizeException e) {
+            e.printStackTrace();
+        } catch (BadPaddingException e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    /**
+     * 将二进制转换成16进制
+     *
+     * @param buf
+     * @return
+     */
+    public static String parseByte2HexStr(byte buf[]) {
+        StringBuffer sb = new StringBuffer();
+        for (int i = 0; i < buf.length; i++) {
+            String hex = Integer.toHexString(buf[i] & 0xFF);
+            if (hex.length() == 1) {
+                hex = '0' + hex;
+            }
+            sb.append(hex.toUpperCase());
+        }
+        return sb.toString();
+    }
+
+    /**
+     * 将16进制转换为二进制
+     *
+     * @param hexStr
+     * @return
+     */
+    public static byte[] parseHexStr2Byte(String hexStr) {
+        if (hexStr.length() < 1)
+            return null;
+        byte[] result = new byte[hexStr.length() / 2];
+        for (int i = 0; i < hexStr.length() / 2; i++) {
+            int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16);
+            int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16);
+            result[i] = (byte) (high * 16 + low);
+        }
+        return result;
+    }
+
+    /**
+     * 加密
+     *
+     * @param content
+     *            需要加密的内容
+     * @param password
+     *            加密密码
+     * @return
+     */
+    public static byte[] encrypt2(String content, String password) {
+        try {
+            SecretKeySpec key = new SecretKeySpec(password.getBytes(), "AES");
+            Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
+            byte[] byteContent = content.getBytes("utf-8");
+            cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化
+            byte[] result = cipher.doFinal(byteContent);
+            return result; // 加密
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (NoSuchPaddingException e) {
+            e.printStackTrace();
+        } catch (InvalidKeyException e) {
+            e.printStackTrace();
+        } catch (UnsupportedEncodingException e) {
+            e.printStackTrace();
+        } catch (IllegalBlockSizeException e) {
+            e.printStackTrace();
+        } catch (BadPaddingException e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    public static void main(String[] args) throws UnsupportedEncodingException, InvalidAlgorithmParameterException {
+        String encryptedData="+WQuaG5Tr9EU6f+Cx7OR7O8/HbVAUK77P9/BRqhdA4qYKLcw0sbS1R5DfoU+D4HEpoUCXtmRH/gP" +
+                "eJqYFJpauBysbadiYrZ6wYWjp5wP+HgxWnfCOk7jwR8WUdvFFDuQMhAVudnFhhNP3g4iHfCeiU5yfmN4iw" +
+                "gpL4txJpuZDHhyjqBqGGxntyxgxHFonbFi94e+IaPrFqigvqJXI9RGW9eXUVhZEQGeadv+eW72ucPq90KGH" +
+                "wPj0uUMWRWPJC8ZWp+uRUbrENiKfo9QJqiMljq/wcbz4c/u/Wd7PF4o4s02uutMjsrpYdnpw20E7DDpUIBU" +
+                "fIkeDmIFOIEQYPAGbTFtbHwPyyrx/r+fSihmO6PRwAlUrfhCOZ3KNkmtqZPDjqfHGrW+MeiquW5vryXL8FWy++z" +
+                "OVdGzymGvW6E/hSVDoTNL4+zeuxhJAXCnuPjLtYeL0EkGam8ks0KDqhZy3gUwRwrM0HFzQ1IryTMsqeLCcLMm" +
+                "0vWG4PEuPv5j5+V66MTGYvyyM2v67zK7Z2cn2A==";
+        String iv="zI+P8RVxEwMFBXcJDCemHg==";
+        String session_key="Piqc8iFe6pN0i5ofq4Y6PA==";
+
+        String content = encryptedData;
+        String password = "";
+        // 加密
+        System.out.println("加密前：" + content);
+        byte[] encode = encrypt(content, password);
+
+        //传输过程,不转成16进制的字符串，就等着程序崩溃掉吧
+        String code = parseByte2HexStr(encode);
+        System.out.println("密文字符串：" + code);
+        byte[] decode = parseHexStr2Byte(code);
+        // 解密
+        byte[] decryptResult = decrypt(decode, password);
+        System.out.println("decryptResult==="+decryptResult);
+        System.out.println("解密后：" + new String(decryptResult, "UTF-8")); //不转码会乱码
+        System.out.println("=========================================================");
+
+        byte[] dataByte = Base64.decodeBase64(session_key);
+        //byte[] d = TestUtil.parseHexStr2Byte(encryptedData);
+        byte[] dr = decrypt(dataByte, "");
+        //String re = new String(dr, "UTF-8");
+        //System.out.println("result====="+re);
+
+
+
+
+    }
+}

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXBizDataCrypt.java

@@ -0,0 +1,115 @@
+package com.daqing.financial.hrauth.util;
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import sun.misc.BASE64Decoder;
+import com.alibaba.fastjson.JSONObject;
+
+/**
+ * 对微信小程序用户加密数据的解密示例代码.
+ *
+ * @ClassName WXBizDataCrypt
+ * @Description TODO(这里用一句话描述这个类的作用)
+ * @author tf
+ * @Date 2016年11月19日 下午2:56:36
+ * @version 1.0.0
+ */
+@SuppressWarnings("restriction")
+public class WXBizDataCrypt {
+    /*
+     * 加密用的Key 可以用26个字母和数字组成 此处使用AES-128-CBC加密模式，key需要为16位。
+     */
+    private static WXBizDataCrypt instance = null;
+
+    private WXBizDataCrypt() {
+
+    }
+
+    public static WXBizDataCrypt getInstance() {
+        if (instance == null)
+            instance = new WXBizDataCrypt();
+        return instance;
+    }
+
+    /**
+     * 对于官方加密数据（encryptData）解密说明如下： 加密数据解密算法 接口如果涉及敏感数据（如wx.getUserInfo当中的
+     * openId 和unionId ），接口的明文内容将不包含这些敏感数据。开发者如需要获取敏感数据，需要对接口返回的加密数据(
+     * encryptedData )进行对称解密。 解密算法如下： 对称解密使用的算法为 AES-128-CBC，数据采用PKCS#7填充。
+     * 对称解密的目标密文为 Base64_Decode(encryptedData), 对称解密秘钥 aeskey =
+     * Base64_Decode(session_key), aeskey 是16字节 对称解密算法初始向量 iv 会在数据接口中返回。
+     *
+     * @Description (TODO这里用一句话描述这个方法的作用)
+     * @param encryptedData
+     *            加密内容
+     * @param sessionKey
+     *            小程序登录sessionKey
+     * @param iv
+     *            解密算法初始向量 iv 会在数据接口中返回。
+     * @param encodingFormat
+     *            编码格式默认UTF-8
+     * @return 返回解密后的字符串
+     * @throws Exception
+     */
+    public String decrypt(String encryptedData, String sessionKey, String iv, String encodingFormat) throws Exception {
+        try {
+            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
+            BASE64Decoder base64Decoder = new BASE64Decoder();
+            byte[] _encryptedData = base64Decoder.decodeBuffer(encryptedData);
+            byte[] _sessionKey = base64Decoder.decodeBuffer(sessionKey);
+            byte[] _iv = base64Decoder.decodeBuffer(iv);
+            SecretKeySpec secretKeySpec = new SecretKeySpec(_sessionKey, "AES");
+            IvParameterSpec ivParameterSpec = new IvParameterSpec(_iv);
+            cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);
+            byte[] original = cipher.doFinal(_encryptedData);
+            byte[] bytes = PKCS7Encoder.decode(original);
+            String originalString = new String(bytes, "ISO-8859-1");
+            return originalString;
+        } catch (Exception ex) {
+            return null;
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        // 需要加密的字串
+        // String appid = "wx4f4bc4dec97d474b";
+/*        String sessionKey = "tiihtNczf5v6AKRyjwEUhQ==";
+
+        String encryptedData = "CiyLU1Aw2KjvrjMdj8YKliAjtP4gsMZM" + "QmRzooG2xrDcvSnxIMXFufNstNGTyaGS"
+                + "9uT5geRa0W4oTOb1WT7fJlAC+oNPdbB+" + "3hVbJSRgv+4lGOETKUQz6OYStslQ142d"
+                + "NCuabNPGBzlooOmB231qMM85d2/fV6Ch" + "evvXvQP8Hkue1poOFtnEtpyxVLW1zAo6"
+                + "/1Xx1COxFvrc2d7UL/lmHInNlxuacJXw" + "u0fjpXfz/YqYzBIBzD6WUfTIF9GRHpOn"
+                + "/Hz7saL8xz+W//FRAUid1OksQaQx4CMs" + "8LOddcQhULW4ucetDf96JcR3g0gfRK4P"
+                + "C7E/r7Z6xNrXd2UIeorGj5Ef7b1pJAYB" + "6Y5anaHqZ9J6nKEBvB4DnNLIVWSgARns"
+                + "/8wR2SiRS7MNACwTyrGvt9ts8p12PKFd" + "lqYTopNHR1Vf7XjfhQlVsAJdNiKdYmYV"
+                + "oKlaRv85IfVunYzO0IKXsyl7JCUjCpoG" + "20f0a04COwfneQAGGwd5oa+T8yO5hzuy" + "Db/XcxxmK01EpqOyuxINew==";
+
+        String iv = "r7BXXKkLb8qrSNn05n0qiA==";*/
+
+/*        String encryptedData="+WQuaG5Tr9EU6f+Cx7OR7O8/HbVAUK77P9/BRqhdA4qYKLcw0sbS1R5DfoU+D4HEpoUCXtmRH/gP" +
+                "eJqYFJpauBysbadiYrZ6wYWjp5wP+HgxWnfCOk7jwR8WUdvFFDuQMhAVudnFhhNP3g4iHfCeiU5yfmN4iw" +
+                "gpL4txJpuZDHhyjqBqGGxntyxgxHFonbFi94e+IaPrFqigvqJXI9RGW9eXUVhZEQGeadv+eW72ucPq90KGH" +
+                "wPj0uUMWRWPJC8ZWp+uRUbrENiKfo9QJqiMljq/wcbz4c/u/Wd7PF4o4s02uutMjsrpYdnpw20E7DDpUIBU" +
+                "fIkeDmIFOIEQYPAGbTFtbHwPyyrx/r+fSihmO6PRwAlUrfhCOZ3KNkmtqZPDjqfHGrW+MeiquW5vryXL8FWy++z" +
+                "OVdGzymGvW6E/hSVDoTNL4+zeuxhJAXCnuPjLtYeL0EkGam8ks0KDqhZy3gUwRwrM0HFzQ1IryTMsqeLCcLMm" +
+                "0vWG4PEuPv5j5+V66MTGYvyyM2v67zK7Z2cn2A==";
+        String iv="zI+P8RVxEwMFBXcJDCemHg==";
+        String sessionKey="Piqc8iFe6pN0i5ofq4Y6PA==";*/
+
+        String iv="Y37DfoP3+4ysUBo8YOnfiQ==";
+        String sessionKey="Piqc8iFe6pN0i5ofq4Y6PA==";
+        String encryptedData="V6E2hVgfhatfPt/octP4c6881lJ1GCsYqtzY9MzqlWTpthAw5uWJLpRoXtmO5oM7XSHS6xKqh8YVzhKmrfzbb66574fbfE7n5ADSJYlsJwem1ifm3sypW9Ys3GSBwHaQ/x+Sn3rfs+HKMJgegGn+b3R5X7eXFhrA6lFnd+/xpYB4VWztFMsIyVT85Mlv5G3vp1FryctiGjWTFDDh1kAFXQ31Cso91SuAW2muSUaHh32pJ+WBrpZ7wrEZyyuqMqA0UpZve+gonUpZjnRWXewTTWm6jvc7lMQqFA1PD13pOGKYNKD/WxtaMXPWmvN+5WVwScH7ueEeppA1/aFwsMGnDBUU/+B04WxuQxo+M4b15vIq5GxI5Qvulv1taRdA5oiI10K+9UJAm+dz/2c2ZqEIiu+QTj9gvgbJsrIWMe0Wu5qmNTj/V97furJlcVaVvJvUy0N8zrqb7unAptjL0bQUvIB0ZXVgNbGEZLmAbpQhNgpIJ0ft6LiqvIzkrRYR+sIVr+mJrCoYxhyxB8cqsHJT2w==";
+
+/*        String iv="sAUv8qjwP8j/Ql9KLgA4iQ==";
+        String sessionKey="H5lUk3IPIIENRdLxzLi2Hg==";
+        String encryptedData="QygyXroVw0DNuwO4mlZDBX9wy8XYYE+AA0D738aAKe4icD9UPhtFywJ49UbmT7syv+fb4cn+3ao/w0aQCceh/dEsUhdSWsqAQZtaaXGeCHzi1iGdznIVD06ZYUdgZrJ7rY8Ie9w5/SYVSdSn5pyGovNCohUW4fp2CVowzwrRydsngDDWYjutkSfdvKgT19sCwuOOqZTzDM3gRqIUxwfrjKaDaoCPfa6z+otC0F/BtZYiiqd3MQIMJ0+JSll3ZVrpQKitBhc1EydxN3WSayxhYc4fiEa0YHoXaci0C/6bAfedgGQhejK6hSPLXr/TC++I0lfWnCS/2aidIsifLfyNg2/84yc5mWY5snoc9QeyAoXHczL62n1RwGBetE1Sq7q/sRn9XOFvM0kJ6UOS0n3FvMrH7716hBjUIP/lIf7hAH2IBbnPWyk5iKrMYt/T1Ky5e+RjBwnqJCyYTAxrvEczj2IQPwpGS3B3KWNTGGaK42Sf07w6ID37J3bWsPDAllZUSDhm67vmUjH8AyPTPsGPOg==";
+        */
+
+/*        String iv="amXf/b7Ollz6WV6e9ZCosg==";
+        String sessionKey="H8d5dQnmec8Wtm1Ac1IaxQ==";
+        String encryptedData="/xY631in/VQwauJfAsB9gGH8XpFAzZUprSYBoZzfbDbx60xsBpaikxnn1K+00MMzZ9hAVV4RRKRp+4qaoj+iSuJArgKlZByXaPQa4TxV7JGEuAA2qByTNHK/H2hrFdAxEDERwk7DjYqq1OhMO5n4pTRPxVUZ5ovKm81oOxVw77TjfkkQlgd2Uab/Oe7eM59HkoDQQDC9H2f4q7KmX7sHUuUWmMhEa8+rsJBMy2CWfTvfJpKE9BqNuNOHrXILMpvNm4vKcsc5DB6QzjbwJq8BLCLbmcE3Fa4ZQzcVW2Zi5lT0sOMX/kytgaceo/Rw3VpLkBwwRTsZDB7p+KRUbJYG7f3iSMWYveH09vL8dU+s9ZRO1FCgkyOj5jcpRAKEUAT2njdK4ozXYu+/qMUPeCp00G1NNlDq7gvBnhzYbQzg4+InTmENDYlckAIktBxa3ENWpDjiYWHBSHwbA/gJpAKoZz/oNUrBnPIH91UqRjGQXhdVnBQxeyMcnPuVrk3D51r5Ki3aAuwvB1l6+TWA//RcjTfSQtQnJ/yFctMmk3A7OGo=";
+        */String deString = WXBizDataCrypt.getInstance().decrypt(encryptedData, sessionKey, iv, "utf-8");
+        JSONObject jsonObject = JSONObject.parseObject(deString);
+        System.out.println(jsonObject);
+    }
+}

dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/DqFinancialHrmsAuthApplicationTests.java

@@ -1,13 +1,132 @@
-//package com.daqing.financial.hrauth;
-//
-//import org.junit.Test;
-//import org.springframework.boot.test.context.SpringBootTest;
-//
-//@SpringBootTest
-//class DqFinancialHrmsAuthApplicationTests {
-//
-//    @Test
-//    void contextLoads() {
-//    }
-//
-//}
+package com.daqing.financial.hrauth;
+
+import com.daqing.financial.hrauth.util.AesCbcUtil;
+import io.swagger.models.auth.In;
+
+import java.io.BufferedReader;
+import java.io.FileNotFoundException;
+import java.io.FileReader;
+import java.util.*;
+import java.util.regex.Pattern;
+import java.util.stream.Stream;
+
+class DqFinancialHrmsAuthApplicationTests{
+    public static void main(String[] args) throws Exception {
+        String encryptedData="+WQuaG5Tr9EU6f+Cx7OR7O8/HbVAUK77P9/BRqhdA4qYKLcw0sbS1R5DfoU+D4HEpoUCXtmRH/gPeJqYFJpauBysbadiYrZ6wYWjp5wP+HgxWnfCOk7jwR8WUdvFFDuQMhAVudnFhhNP3g4iHfCeiU5yfmN4iwgpL4txJpuZDHhyjqBqGGxntyxgxHFonbFi94e+IaPrFqigvqJXI9RGW9eXUVhZEQGeadv+eW72ucPq90KGHwPj0uUMWRWPJC8ZWp+uRUbrENiKfo9QJqiMljq/wcbz4c/u/Wd7PF4o4s02uutMjsrpYdnpw20E7DDpUIBUfIkeDmIFOIEQYPAGbTFtbHwPyyrx/r+fSihmO6PRwAlUrfhCOZ3KNkmtqZPDjqfHGrW+MeiquW5vryXL8FWy++zOVdGzymGvW6E/hSVDoTNL4+zeuxhJAXCnuPjLtYeL0EkGam8ks0KDqhZy3gUwRwrM0HFzQ1IryTMsqeLCcLMm0vWG4PEuPv5j5+V66MTGYvyyM2v67zK7Z2cn2A==";
+        String iv="zI+P8RVxEwMFBXcJDCemHg==";
+        String session_key="Piqc8iFe6pN0i5ofq4Y6PA==";
+
+
+/*        String result = AesCbcUtil.decrypt2(session_key,encryptedData,iv);
+        String s2 = new String(result.getBytes("UTF-8"),"GBK");
+        System.out.println(result);
+        System.out.println(s2);*/
+    }
+
+/*    public static void main(String[] args) {
+        //=================================流的常用创建方法=======================================
+        //1,使用Collection下的stream()和parallelStream()操作
+        List<String> list = new ArrayList();
+        Stream<String> stream = list.stream();//获取一个顺序流
+        Stream<String> parallelStream = list.parallelStream();//获取一个并行流
+
+        //2,使用Arrays中的stream()方法，将数组转成流
+        Integer[]num = new Integer[10];
+        Stream<Integer> stream1 = Arrays.stream(num);
+        //System.out.println("stream1==="+stream1);
+
+        //3,使用Stream中的静态方法:如of(),iterate(),generate()
+        Stream<Integer>stream2 = Stream.of(1,2,3,4,5,6);
+        //stream2.forEach(System.out::println);
+        //stream2.forEach((t)->System.out.println(t));每次创建的stream只能使用一次,否则报错stream has already been operated upon or closed
+
+        Stream<Integer>stream3 = Stream.iterate(0,(x)->x+2).limit(8);
+        //stream3.forEach(System.out::println);
+
+        Stream<Double>stream4 = Stream.generate(Math::random).limit(2);
+//        stream4.forEach((t)->System.out.println(t));
+
+        //4,使用BufferedReader.lines()方法，将每行内容转成流
+        BufferedReader reader=null;
+        try {
+            reader = new BufferedReader(new FileReader("D:\\myfile\\工作文档.txt"));
+        } catch (FileNotFoundException e) {
+            e.printStackTrace();
+        }
+        Stream<String>lineStream = reader.lines();
+        //lineStream.forEach(System.out::println);
+
+        //5,使用Pattern.splitAsStream()方法，将字符串分隔成流
+        Pattern pattern = Pattern.compile(",");
+        Stream<String> stream5 = pattern.splitAsStream("漆柒,菜园子");
+//        stream5.forEach(System.out::println);
+
+        //=================================流的中间操作========================================
+        //1,筛选与切片
+        Stream<Integer> stream6 = Stream.of(6, 4, 6, 7, 3, 9, 8, 10, 12, 14, 14, 20, 3);
+        Stream<Integer> newStream = stream6.filter(t -> t>5)//6, 6, 7, 9, 8, 10, 12, 14, 14, 20
+                .distinct()//6, 7, 9, 8, 10, 12, 14, 20
+                .skip(2)//9, 8, 10, 12, 14, 20
+                .limit(5);//9, 8, 10, 12, 14
+        //filter:过滤流中的某些元素，limit(n):获取n个元素，skip(n):跳过n元素，配合limit(n)可做分页，distinct:通过流中元素的hashCode()和equals()去重
+//        newStream.forEach(System.out::println);
+
+        //2,映射
+        List<String> list2 = Arrays.asList("a,b,c", "1,2,3");
+        //将每个元素转成一个新的且不带括号的元素
+        Stream<String> streamMap = list2.stream().map(s->s.replaceAll(",",""));
+//        streamMap.forEach(System.out::println);
+
+        Stream<String> streamFlatMap = list2.stream().flatMap(s->{
+            //将每个元素转换成一个Stream流
+            String[]split = s.split(",");
+            Stream<String>ss = Arrays.stream(split);
+            return ss;
+        });
+//        streamFlatMap.forEach(System.out::println);
+
+        //3,排序
+        List<String>list3=Arrays.asList("az","fb","de");
+        Stream<String>stream7 = list3.stream().sorted();
+//        stream7.forEach(System.out::println);
+
+        Student s1 = new Student("aa",10);
+        Student s2 = new Student("bb",20);
+        Student s3 = new Student("aa",30);
+        Student s4 = new Student("dd",40);
+        List<Student>pojoList = Arrays.asList(s1,s2,s3,s4);
+
+        //自定义排序，先按姓名升序，姓名相同的按年龄升序
+        //jdk8新操作
+        pojoList.stream().sorted(
+           (o1,o2)->{
+               if(o1.getName().equals(o2.getName())){
+                   return o1.getAge()-o2.getAge();
+               }else{
+                   return o1.getName().compareTo(o2.getName());
+               }
+        });
+
+        //jdk7骚操作
+        Collections.sort(pojoList, new Comparator<Student>() {
+            @Override
+            public int compare(Student o1, Student o2) {
+                if(o1.getName().equals(o2.getName())){
+                    return o1.getAge()-o2.getAge();
+                }else{
+                    return o1.getName().compareTo(o2.getName());
+                }
+            }
+        });
+
+        //4,消费 peek
+        List<Student> studentList = Arrays.asList(s1,s2);
+        studentList.stream().peek(s->s.setAge(100));
+
+        //===================================流的终止操作=====================================
+        //1,匹配，聚合操作
+
+
+
+    }*/
+}

dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/Student.java

@@ -0,0 +1,41 @@
+package com.daqing.financial.hrauth;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import java.io.Serializable;
+
+/**
+ * 记录部门信息
+ * 
+ * @author gongsj
+ * @email gongsj@gmail.com
+ * @date 2020-09-07 17:12:14
+ */
+@Data
+public class Student implements Serializable {
+	private static final long serialVersionUID = 1L;
+
+	public Student(String name, Integer age) {
+		this.name = name;
+		this.age = age;
+	}
+
+	/**
+	 * 主键
+	 */
+	@TableId(value = "id", type = IdType.AUTO)
+	private Long id;
+	/**
+	 * 部门名称
+	 */
+	@ApiModelProperty(value = "部门名称")
+	private String name;
+	/**
+	 * 上级部门id
+	 */
+	private Integer age;
+
+}

dq-framework-model/src/main/java/com/daqing/framework/domain/crms/CrmsCompanyPersonal.java

@@ -3,6 +3,7 @@ package com.daqing.framework.domain.crms;
 import com.baomidou.mybatisplus.annotation.IdType;
 import com.baomidou.mybatisplus.annotation.TableId;
 import com.baomidou.mybatisplus.annotation.TableName;
+import com.fasterxml.jackson.annotation.JsonFormat;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
@@ -58,6 +59,7 @@ public class CrmsCompanyPersonal implements Serializable {
      * 注册时间
      */
     @ApiModelProperty(value = "注册时间")
+    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
     private Date registeredTime;
 
     /**

dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgApplyAmountList.java

@@ -81,4 +81,6 @@ public class DgApplyAmountList implements Serializable {
     @ApiModelProperty(value = "更新时间")
     @TableField(fill = FieldFill.INSERT_UPDATE)
     private Date updateTime;
+
+    private Integer ver;
 }

dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgBusinessCompany.java

@@ -3,6 +3,7 @@ package com.daqing.framework.domain.guarantee;
 import com.baomidou.mybatisplus.annotation.IdType;
 import com.baomidou.mybatisplus.annotation.TableId;
 import com.baomidou.mybatisplus.annotation.TableName;
+import com.fasterxml.jackson.annotation.JsonFormat;
 import lombok.Data;
 
 import java.io.Serializable;
@@ -76,6 +77,7 @@ public class DgBusinessCompany implements Serializable {
     /**
      * 注册时间
      */
+    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
     private Date registerTime;
 
     /**
@@ -142,4 +144,9 @@ public class DgBusinessCompany implements Serializable {
      * 联系电话（指个人或企业的）
      */
     private String phone;
+
+    /**
+     * 客户基本信息表id
+     */
+    private Long customerId;
 }

dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/Login.java

@@ -28,4 +28,6 @@ public class Login implements Serializable {
 
 	private String session_key;
 
+	private String unionid;
+
 }

dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java

@@ -79,6 +79,8 @@ public enum HrmsCode implements ResultCode {
     EMP_POSITION_EXSIT(false, 22006, "该职位下已关联员工！"),
     ROLE_EMP_LINK(false,44003,"该角色关联业务管理模块，不能删除！"),
 
+    TOKEN_EXCEPTION(false,401,"TOKEN已过期，请重新登录！"),
+
     EMP_SAME(false, 51001, "A,B角不能选同一个人！"),
     EMP_TO_BE_CHOOSE(false, 51002, "该用户已经被指派！");