Merge remote-tracking branch 'origin/master'

master
river 4 years ago
commit f0e41fbb7b
  1. 5
      dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/model/request/BusinessApplicationRequest.java
  2. 13
      dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgApplyAmountInfoServiceImpl.java
  3. 5
      dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/service/impl/DgCopyUserServiceImpl.java
  4. 2
      dq-financial-guarantee/src/main/java/com/daqing/financial/guarantee/util/MyBatisPlusCodeGenerator.java
  5. 6
      dq-financial-guarantee/src/main/resources/bootstrap.properties
  6. 5
      dq-financial-guarantee/src/main/resources/mapper/guarantee/DgApplyAmountListMapper.xml
  7. 5
      dq-financial-guarantee/src/main/resources/mapper/guarantee/DgAssetsInvestigationMapper.xml
  8. 1
      dq-financial-guarantee/src/main/resources/mapper/guarantee/DgBusinessCompanyMapper.xml
  9. 9
      dq-financial-guarantee/src/main/resources/mapper/guarantee/DgComplianceInvestigationMapper.xml
  10. 5
      dq-financial-guarantee/src/main/resources/mapper/guarantee/DgGuaranteeAssignUserMapper.xml
  11. 5
      dq-financial-guarantee/src/main/resources/mapper/guarantee/DgGuaranteeLetterAssignUserMapper.xml
  12. 9
      dq-financial-guarantee/src/main/resources/mapper/guarantee/DgLoanCommitteeConsiderMapper.xml
  13. 5
      dq-financial-guarantee/src/main/resources/mapper/guarantee/DgLoanNoticeMapper.xml
  14. 5
      dq-financial-guarantee/src/main/resources/mapper/guarantee/DgMessageInvestigationMapper.xml
  15. 5
      dq-financial-guarantee/src/main/resources/mapper/guarantee/DgPaymentConfirmationConsiderMapper.xml
  16. 9
      dq-financial-guarantee/src/main/resources/mapper/guarantee/DgWorkConferenceConsiderMapper.xml
  17. 29
      dq-financial-hrms-auth/pom.xml
  18. 21
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java
  19. 12
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java
  20. 66
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/CustomAccessDeniedHandler.java
  21. 25
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/model/XccLoginReq.java
  22. 4
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/UserLoginService.java
  23. 264
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java
  24. 6
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java
  25. 73
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AES.java
  26. 171
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/AesCbcUtil.java
  27. 137
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/HttpRequest.java
  28. 65
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/PKCS7Encoder.java
  29. 198
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/TestUtil.java
  30. 115
      dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/WXBizDataCrypt.java
  31. 145
      dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/DqFinancialHrmsAuthApplicationTests.java
  32. 41
      dq-financial-hrms-auth/src/test/java/com/daqing/financial/hrauth/Student.java
  33. 2
      dq-framework-model/src/main/java/com/daqing/framework/domain/crms/CrmsCompanyPersonal.java
  34. 2
      dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgApplyAmountList.java
  35. 7
      dq-framework-model/src/main/java/com/daqing/framework/domain/guarantee/DgBusinessCompany.java
  36. 2
      dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/Login.java
  37. 2
      dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java

@ -261,7 +261,7 @@ public class BusinessApplicationRequest implements Serializable {
* 注册时间
*/
@ApiModelProperty(value = "注册时间")
private Date registerTime;
private String registerTime;
/**
* 注册地址
@ -335,4 +335,7 @@ public class BusinessApplicationRequest implements Serializable {
@ApiModelProperty(value = "联系电话(指个人或企业的)")
private String phone;
@ApiModelProperty(value = "客户基本信息表id")
private Long customerId;
}

@ -247,6 +247,7 @@ public class DgApplyAmountInfoServiceImpl extends ServiceImpl<DgApplyAmountInfoM
applyAmountList.setType(2);//设置类型
applyAmountList.setStatus(StatusCode.SP_IN_REVIEW);//状态设置为审核中
applyAmountList.setOperatingStatus(StatusCode.CZ_ON_HAND);//操作状态设置为待处理
applyAmountList.setVer(1);//设置担保部经理的初始版本号
dgApplyAmountListMapper.insert(applyAmountList);
//同时往业务流程状态表新增一条记录
@ -400,6 +401,7 @@ public class DgApplyAmountInfoServiceImpl extends ServiceImpl<DgApplyAmountInfoM
applyAmountList.setType(2);//设置类型
applyAmountList.setStatus(StatusCode.SP_IN_REVIEW);//状态设置为审核中
applyAmountList.setOperatingStatus(StatusCode.CZ_ON_HAND);//操作状态设置为待处理
applyAmountList.setVer(1);//设置担保部经理的初始版本号
dgApplyAmountListMapper.insert(applyAmountList);
}
@ -563,16 +565,21 @@ public class DgApplyAmountInfoServiceImpl extends ServiceImpl<DgApplyAmountInfoM
} catch (Exception e) {
e.printStackTrace();
}
//根据id查询业务id
DgApplyAmountList dgApplyAmountList1 = dgApplyAmountListMapper.selectById(id);
//根据dg_apply_amount_list表的id修改当前业务状态
DgApplyAmountList dgApplyAmountList = new DgApplyAmountList();
dgApplyAmountList.setStatus(status);
dgApplyAmountList.setOperatingStatus(StatusCode.CZ_PROCESSED);//操作状态改为已处理
dgApplyAmountList.setApplyContent(remark);
dgApplyAmountList.setEmpId(Integer.parseInt(userId));
dgApplyAmountListMapper.update(dgApplyAmountList,new QueryWrapper<DgApplyAmountList>().eq("id",id));
dgApplyAmountList.setVer(dgApplyAmountList1.getVer()+1);//设置担保部经理的版本号+1
int update = dgApplyAmountListMapper.update(dgApplyAmountList, new QueryWrapper<DgApplyAmountList>()
.eq("id", id).eq("ver", dgApplyAmountList1.getVer()));
if(update<=0)
return 0;
//根据id查询业务id
DgApplyAmountList dgApplyAmountList1 = dgApplyAmountListMapper.selectById(id);
//修改专员那一条记录审核状态
DgApplyAmountList applyAmountList = new DgApplyAmountList();
applyAmountList.setStatus(status);

@ -95,9 +95,10 @@ public class DgCopyUserServiceImpl extends ServiceImpl<DgCopyUserMapper, DgCopyU
employeeMessage = (List<LinkedHashMap>) responseResult.getData();
}
if(employeeMessage != null){
for (CopyForMeResponse response : copyForMeResponseList) {
for (LinkedHashMap res : employeeMessage) {
if (response.getApplicantId().equals(res.get("id"))) {//如果提单人id相同情况下,就往对象里面赋值
if (response.getApplicantId()!=null && response.getApplicantId().equals(res.get("id"))) {//如果提单人id相同情况下,就往对象里面赋值
response.setApplicant(JSONObject.toJSONString(res.get("account")).replace("\"", ""));
}
if (response.getApproveId()!=null){
@ -109,6 +110,8 @@ public class DgCopyUserServiceImpl extends ServiceImpl<DgCopyUserMapper, DgCopyU
}
}
}
return copyForMeResponseList;
}

@ -25,7 +25,7 @@ public class MyBatisPlusCodeGenerator {
public static final String PACKAGE_NAME = "com.daqing.financial.guarantee";
public static void main(String[] args) {
String[] tables = new String[] {"dg_business_company"};//表名数组
String[] tables = new String[] {"dg_customer_related"};//表名数组
String[] tablePrefixs = new String[] {""};//去掉前缀
executeCode(PACKAGE_NAME,tables,tablePrefixs);
}

@ -30,9 +30,9 @@ ribbon.ConnectTimeout: 120000
# 上传文件总的最大值
#spring.servlet.multipart.max-request-size=10MB
## 单个文件的最大值
#spring.servlet.multipart.max-file-size=10MB
spring.servlet.multipart.max-request-size=10MB
# 单个文件的最大值
spring.servlet.multipart.max-file-size=10MB
#
##正式环境(prod)
##服务名称

@ -21,8 +21,9 @@
au.status,au.operating_status,cc.name,cc.phone,ps.business_status
from dg_apply_amount_list au
left join dg_apply_amount_info ai on au.business_id = ai.id
left join crms_company_customer ccl on ai.company_id = ccl.id
left join crms_customer cc on cc.id = ccl.customer_id
left join dg_business_company cc on cc.business_id = ai.id
/* left join crms_company_customer ccl on ai.company_id = ccl.id
left join crms_customer cc on cc.id = ccl.customer_id*/
left JOIN dg_business_process_status ps ON ps.business_id = au.business_id
<where>
au.role_id in

@ -37,8 +37,9 @@
au.status,au.operating_status,cc.name,cc.phone,ps.business_status
from dg_assets_investigation au
left join dg_apply_amount_info ai on au.business_id = ai.id
left join crms_company_customer ccl on ai.company_id = ccl.id
left join crms_customer cc on cc.id = ccl.customer_id
left join dg_business_company cc on cc.business_id = ai.id
/* left join crms_company_customer ccl on ai.company_id = ccl.id
left join crms_customer cc on cc.id = ccl.customer_id*/
left JOIN dg_business_process_status ps ON ps.business_id = au.business_id
<where>
au.role_id in

@ -28,6 +28,7 @@
<result column="name" property="name" />
<result column="addr" property="addr" />
<result column="phone" property="phone" />
<result column="customer_id" property="customerId" />
</resultMap>
</mapper>

@ -23,14 +23,15 @@
FROM dg_compliance_investigation AS i
LEFT JOIN dg_apply_amount_info AS a
ON a.id = i.business_id
LEFT JOIN crms_company_customer AS cc
left join dg_business_company c on c.business_id = a.id
/* LEFT JOIN crms_company_customer AS cc
ON a.company_id = cc.id
LEFT JOIN crms_customer AS c
ON c.id = cc.customer_id
ON c.id = cc.customer_id*/
LEFT JOIN dg_business_process_status AS b
ON b.business_id = a.id
WHERE c.del_or_not = 0
AND (i.user_id = #{userId} OR i.user_id IS NULL)
WHERE /*c.del_or_not = 0*/
/*AND */(i.user_id = #{userId} OR i.user_id IS NULL)
AND i.role_id IN
<foreach collection="roleIds" open="(" separator="," close=")" item="roleId">
#{roleId}

@ -24,8 +24,9 @@
au.status,au.operating_status,cc.name,cc.phone,ps.business_status
from dg_guarantee_assign_user au
left join dg_apply_amount_info ai on au.business_id = ai.id
left join crms_company_customer ccl on ai.company_id = ccl.id
left join crms_customer cc on cc.id = ccl.customer_id
left join dg_business_company cc on cc.business_id = ai.id
/* left join crms_company_customer ccl on ai.company_id = ccl.id
left join crms_customer cc on cc.id = ccl.customer_id*/
left JOIN dg_business_process_status ps ON ps.business_id = au.business_id
<where>
au.role_id in

@ -38,8 +38,9 @@
aai.bank,lcc.passing_time,lcc.file,lau.audit_opinion,lau.operating_status,bps.business_status,lau.business_id,lau.role_id
from dg_guarantee_letter_assign_user lau
left join dg_apply_amount_info aai on lau.business_id = aai.id
left join crms_company_customer ccc on lau.company_id = ccc.id
left join crms_customer cc on ccc.customer_id = cc.id
left join dg_business_company cc on cc.business_id = aai.id
/* left join crms_company_customer ccc on lau.company_id = ccc.id
left join crms_customer cc on ccc.customer_id = cc.id*/
left join dg_loan_committee_consider lcc on lau.business_id = lcc.business_id
left join dg_business_process_status bps on lau.business_id = bps.business_id
<where>

@ -26,14 +26,15 @@
FROM dg_loan_committee_consider AS l
LEFT JOIN dg_apply_amount_info AS a
ON a.id = l.business_id
LEFT JOIN crms_company_customer AS cc
left join dg_business_company c on c.business_id = a.id
/* LEFT JOIN crms_company_customer AS cc
ON a.company_id = cc.id
LEFT JOIN crms_customer AS c
ON cc.customer_id = c.id
ON cc.customer_id = c.id*/
LEFT JOIN dg_business_process_status AS b
ON b.business_id = a.id
WHERE c.del_or_not = 0
AND (l.consider_id = #{userId} OR l.consider_id IS NULL)
WHERE /*c.del_or_not = 0*/
/*AND*/ (l.consider_id = #{userId} OR l.consider_id IS NULL)
AND l.role_id IN
<foreach collection="roleIds" open="(" separator="," close=")" item="roleId">
#{roleId}

@ -37,8 +37,9 @@
aai.create_time,ln.status,aai.bank,ln.audit_opinion,ln.operating_status,bps.business_status,ln.business_id,lcc.passing_time
from dg_loan_notice ln
left join dg_apply_amount_info aai on ln.business_id = aai.id
left join crms_company_customer ccc on ln.company_id = ccc.id
left join crms_customer cc on ccc.customer_id = cc.id
left join dg_business_company cc on cc.business_id = aai.id
/* left join crms_company_customer ccc on ln.company_id = ccc.id
left join crms_customer cc on ccc.customer_id = cc.id*/
left join dg_loan_committee_consider lcc on ln.business_id = lcc.business_id
left join dg_business_process_status bps on ln.business_id = bps.business_id
<where>

@ -23,8 +23,9 @@
au.status,au.operating_status,cc.name,cc.phone,ps.business_status
from dg_message_investigation au
left join dg_apply_amount_info ai on au.business_id = ai.id
left join crms_company_customer ccl on ai.company_id = ccl.id
left join crms_customer cc on cc.id = ccl.customer_id
left join dg_business_company cc on cc.business_id = ai.id
/* left join crms_company_customer ccl on ai.company_id = ccl.id
left join crms_customer cc on cc.id = ccl.customer_id*/
left JOIN dg_business_process_status ps ON ps.business_id = au.business_id
<where>
au.role_id in

@ -40,8 +40,9 @@
aai.bank,lcc.passing_time,lcc.file,pcc.audit_opinion,pcc.operating_status,bps.business_status,pcc.business_id,pcc.img_file,pcc.role_id
from dg_payment_confirmation_consider pcc
left join dg_apply_amount_info aai on pcc.business_id = aai.id
left join crms_company_customer ccc on pcc.company_id = ccc.id
left join crms_customer cc on ccc.customer_id = cc.id
left join dg_business_company cc on cc.business_id = aai.id
/* left join crms_company_customer ccc on pcc.company_id = ccc.id
left join crms_customer cc on ccc.customer_id = cc.id*/
left join dg_loan_committee_consider lcc on pcc.business_id = lcc.business_id
left join dg_business_process_status bps on pcc.business_id = bps.business_id
<where>

@ -22,10 +22,11 @@
FROM dg_work_conference_consider AS w
LEFT JOIN dg_apply_amount_info AS a
ON a.id = w.business_id
LEFT JOIN crms_company_customer AS cc
left join dg_business_company c on c.business_id = a.id
/* LEFT JOIN crms_company_customer AS cc
ON a.company_id = cc.id
LEFT JOIN crms_customer AS c
ON cc.customer_id = c.id
ON cc.customer_id = c.id*/
LEFT JOIN dg_business_process_status AS b
ON b.business_id = a.id
LEFT JOIN (SELECT business_id,SUM(CASE role_id WHEN 59 THEN emp_id ELSE 0 END) AS A,
@ -38,8 +39,8 @@
ON a.id = ass.business_id
LEFT JOIN dg_message_investigation AS m
ON a.id = m.business_id
WHERE c.del_or_not = 0
AND (w.user_id = #{userId} OR w.user_id IS NULL)
WHERE /*c.del_or_not = 0*/
/*AND*/ (w.user_id = #{userId} OR w.user_id IS NULL)
AND w.role_id IN
<foreach collection="roleIds" open="(" separator="," close=")" item="roleId">
#{roleId}

@ -82,6 +82,35 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.3.8</version>
</dependency>
<dependency>
<groupId>org.codehaus.xfire</groupId>
<artifactId>xfire-core</artifactId>
<version>1.2.6</version>
</dependency>
<dependency>
<groupId>com.vaadin.external.google</groupId>
<artifactId>android-json</artifactId>
<version>0.0.20131108.vaadin1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk16</artifactId>
<version>1.46</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-test</artifactId>
<version>2.3.5.RELEASE</version>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>

@ -2,12 +2,8 @@ package com.daqing.financial.hrauth.config;
import com.daqing.financial.hrauth.filter.AdminAuthenticationProcessingFilter;
import com.daqing.financial.hrauth.filter.MyAuthenticationFilter;
import com.daqing.financial.hrauth.handle.AdminAuthenticationEntryPoint;
import com.daqing.financial.hrauth.handle.UrlAccessDecisionManager;
import com.daqing.financial.hrauth.handle.UrlAccessDeniedHandler;
import com.daqing.financial.hrauth.handle.UrlFilterInvocationSecurityMetadataSource;
import com.daqing.financial.hrauth.handle.*;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@ -60,13 +56,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
*/
private final UrlAccessDeniedHandler urlAccessDeniedHandler;
public SecurityConfig(MyAuthenticationFilter myAuthenticationFilter, AdminAuthenticationEntryPoint adminAuthenticationEntryPoint, AdminAuthenticationProcessingFilter adminAuthenticationProcessingFilter, UrlFilterInvocationSecurityMetadataSource urlFilterInvocationSecurityMetadataSource, UrlAccessDeniedHandler urlAccessDeniedHandler, UrlAccessDecisionManager urlAccessDecisionManager) {
/**
* Token异常处理
*/
private final CustomAccessDeniedHandler customAccessDeniedHandler;
public SecurityConfig(MyAuthenticationFilter myAuthenticationFilter, AdminAuthenticationEntryPoint adminAuthenticationEntryPoint, AdminAuthenticationProcessingFilter adminAuthenticationProcessingFilter, UrlFilterInvocationSecurityMetadataSource urlFilterInvocationSecurityMetadataSource, UrlAccessDeniedHandler urlAccessDeniedHandler, UrlAccessDecisionManager urlAccessDecisionManager, CustomAccessDeniedHandler customAccessDeniedHandler) {
this.myAuthenticationFilter = myAuthenticationFilter;
this.adminAuthenticationEntryPoint = adminAuthenticationEntryPoint;
this.adminAuthenticationProcessingFilter = adminAuthenticationProcessingFilter;
this.urlFilterInvocationSecurityMetadataSource = urlFilterInvocationSecurityMetadataSource;
this.urlAccessDeniedHandler = urlAccessDeniedHandler;
this.urlAccessDecisionManager = urlAccessDecisionManager;
this.customAccessDeniedHandler = customAccessDeniedHandler;
}
@ -87,6 +89,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
// 登录过后访问无权限的接口时自定义403响应内容
http.exceptionHandling().accessDeniedHandler(urlAccessDeniedHandler);
//Token异常
http.exceptionHandling().accessDeniedHandler(customAccessDeniedHandler);
// url权限认证处理
registry.withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
@Override
@ -115,7 +120,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
//registry.antMatchers("/api-guarantee/dg-apply-amount-info/getRoles").hasIpAddress("127.0.0.1");
// 允许匿名的url - 可理解为放行接口 - 多个接口使用,分割
registry.antMatchers("/**").permitAll();
//registry.antMatchers("/api-guarantee/dg-apply-amount-info/getRoles").permitAll();
// registry.antMatchers("/api-guarantee/dg-apply-amount-info/getRoles").permitAll();
// registry.antMatchers("/**").access("hasAuthority('admin')");
// OPTIONS(选项):查找适用于一个特定网址资源的通讯选择。 在不需执行具体的涉及数据传输的动作情况下, 允许客户端来确定与资源相关的选项以及 / 或者要求, 或是一个服务器的性能
//registry.antMatchers(HttpMethod.OPTIONS, "/**").denyAll();
@ -141,7 +146,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/**");
//web.ignoring().antMatchers("/dg-apply-amount-info/getRoles","/api-guarantee/dg-apply-amount-info/getRoles");
// web.ignoring().antMatchers("/dg-apply-amount-info/getRoles","/api-guarantee/dg-apply-amount-info/getRoles");
}
}

@ -5,6 +5,7 @@ import com.alibaba.fastjson.JSONObject;
import com.daqing.financial.hrauth.UserLoginControllerApi;
import com.daqing.financial.hrauth.config.WeChatConfig;
import com.daqing.financial.hrauth.feign.HrmsFeignService;
import com.daqing.financial.hrauth.model.XccLoginReq;
import com.daqing.financial.hrauth.service.UserLoginService;
import com.daqing.financial.hrauth.service.UserService;
import com.daqing.framework.domain.hrms.EmployeeEntity;
@ -33,6 +34,7 @@ import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.Map;
/**
@ -217,14 +219,16 @@ public class UserLoginController implements UserLoginControllerApi {
/**
* 微信小程序获取openid和session_key授权登录
* @param code
* @param
* @return
*/
@PostMapping(value = "/wxAuthLogin")
public ResponseResult wxAuthLogin(@RequestBody String code){
public ResponseResult wxAuthLogin(@RequestBody XccLoginReq xccLoginReq){
String openid = userLoginService.wxAuthLogin(code);
String encryptedData = xccLoginReq.getEncryptedData();
String code = xccLoginReq.getCode();
String iv = xccLoginReq.getIv();
Map openid = userLoginService.wxAuthLogin(encryptedData,iv,code);
return ResponseResult.SUCCESS(openid);
}
}

@ -0,0 +1,66 @@
package com.daqing.financial.hrauth.handle;
import com.daqing.financial.hrauth.model.ApiResult;
import com.daqing.financial.hrauth.service.impl.UserDetailsServiceImpl;
import com.daqing.financial.hrauth.util.ResponseUtils;
import com.fasterxml.jackson.databind.ObjectMapper;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Service;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Map;
/**
* Security自定义异常处理类
* @Author: jialing xu
* @Description: xvjialing@outlook.com
* @Date: 17:24 2018/8/7
*/
@Slf4j
@Component
public class CustomAccessDeniedHandler implements AccessDeniedHandler {
@Autowired
private ObjectMapper objectMapper;
private final UserDetailsServiceImpl userDetailsService;
protected CustomAccessDeniedHandler(UserDetailsServiceImpl userDetailsService) {
this.userDetailsService = userDetailsService;
}
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException {
/* log.error("Token异常处理来了~~~~"+accessDeniedException.getMessage());
response.setContentType("application/json;charset=UTF-8");
Map map = new HashMap();
map.put("code", "403");
map.put("msg", accessDeniedException.getMessage());
map.put("data","");
response.setContentType("application/json");
response.setStatus(HttpServletResponse.SC_OK);
response.getWriter().write(objectMapper.writeValueAsString(map));*/
// ResponseUtils.out(response, ApiResult.fail(401, e.getMessage()));
String token = request.getHeader("token");
if (StringUtils.isNotBlank(token)) {
// 检查token
SecurityUser securityUser = userDetailsService.getUserByToken(token);
if (securityUser == null || securityUser.getCurrentUserInfo() == null) {
//ExceptionCast.cast(HrmsCode.TOKEN_EXCEPTION);
throw new AccessDeniedException("TOKEN已过期,请重新登录~~~");
}
}
}
}

@ -0,0 +1,25 @@
package com.daqing.financial.hrauth.model;
import com.baomidou.mybatisplus.annotation.TableName;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
import java.io.Serializable;
/**
* <p>
* 访问记录表
* </p>
*
* @author Qyq
* @since 2021-01-12
*/
@Data
public class XccLoginReq implements Serializable {
private String encryptedData;//明文,加密数据
private String iv;//加密算法的初始向量
private String code;//用户允许登录后,回调内容会带上 code(有效期五分钟),开发者需要将 code 发送到开发者服务器后台
// ,使用code 换取 session_key api,将 code 换成 openid 和 session_key
}

@ -6,6 +6,8 @@ import com.daqing.framework.domain.hrms.UserEntity;
import com.daqing.framework.domain.hrms.request.*;
import com.daqing.framework.model.response.ResponseResult;
import java.util.Map;
/**
* @auther River
* @date 2020/9/22 15:00
@ -23,5 +25,5 @@ public interface UserLoginService extends IService<UserEntity> {
int isPhoneExist(String mobile);
String wxAuthLogin(String code);
Map wxAuthLogin(String encryptedData, String iv, String code);
}

@ -1,5 +1,6 @@
package com.daqing.financial.hrauth.service.impl;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
@ -13,34 +14,27 @@ import com.daqing.financial.hrauth.model.HrmsAccessRecordsLog;
import com.daqing.financial.hrauth.service.LoginLogService;
import com.daqing.financial.hrauth.service.TokenService;
import com.daqing.financial.hrauth.service.UserLoginService;
import com.daqing.framework.domain.guarantee.response.EmployeeMessageResponse;
import com.daqing.financial.hrauth.util.*;
import com.daqing.framework.domain.hrms.*;
import com.daqing.framework.domain.hrms.request.*;
import com.daqing.framework.domain.hrms.response.HrmsCode;
import com.daqing.framework.domain.hrms.response.LoginResponse;
import com.daqing.framework.exception.ExceptionCast;
import com.daqing.framework.model.response.CommonCode;
import com.daqing.framework.model.response.ResponseResult;
import com.daqing.framework.util.JwtUtils;
import com.daqing.framework.util.Md5Util;
import com.daqing.framework.util.RedisUtil;
import com.daqing.framework.util.SendUtil;
import lombok.extern.java.Log;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import javax.annotation.Resource;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import javax.servlet.http.HttpServletRequest;
import java.util.*;
/**
@ -170,7 +164,8 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
}
//登录成功,token生成
long times = 86400;
long times = 86400;//24h
//long times =60;//1min
if(loginRequest.getTenDayEffective() == 1){
times = 864000;
}
@ -317,13 +312,86 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
}
@Override
public String wxAuthLogin(String code) {
System.out.println(code);
public Map wxAuthLogin(String encryptedData, String iv,String code) {
System.out.println("code****"+code+"encryptedData**************"+encryptedData+"iv**********"+iv);
System.out.println("来了小程序登录------------------------------------");
//微信那边的接口,grant_type=authorization_code是固定的
/* String url="https://api.weixin.qq.com/sns/jscode2session?appid="+APPID+
"&secret="+SECRET+"&js_code="+ code +"&grant_type=authorization_code";*/
String url = String.format(weChatConfig.getWX_AUTH_URL(),weChatConfig.getXcxAppid(),weChatConfig.getXcxAppsecret(),code);
System.out.println("url==============="+url);
//向微信服务器 使用登录凭证 code 获取 session_key 和 openid
// 请求参数
String params = "appid=" + weChatConfig.getXcxAppid() + "&secret=" + weChatConfig.getXcxAppsecret() + "&js_code=" + code + "&grant_type="
+ "authorization_code";
// 发送请求
String sr = HttpRequest.sendGet("https://api.weixin.qq.com/sns/jscode2session", params);
System.out.println("sr==================="+sr);
// 解析相应内容(转换成json对象)
//JSONObject json = JSON.parseObject(url);
cn.hutool.json.JSONObject json = new cn.hutool.json.JSONObject(sr);
// 获取会话密钥(session_key)
String session_key = json.get("session_key").toString();
// 用户的唯一标识(openid)
String openid = (String) json.get("openid");
System.out.println("session_key======"+session_key+"openid===="+openid);
Map map = new HashMap();
//======================此处为死数据============================
encryptedData="V6E2hVgfhatfPt/octP4c6881lJ1GCsYqtzY9MzqlWTpthAw5uWJLpRoXtmO5oM7XSHS6xKqh8YVzhKmrfzbb66574fbfE7n5ADSJYlsJwem1ifm3sypW9Ys3GSBwHaQ/x+Sn3rfs+HKMJgegGn+b3R5X7eXFhrA6lFnd+/xpYB4VWztFMsIyVT85Mlv5G3vp1FryctiGjWTFDDh1kAFXQ31Cso91SuAW2muSUaHh32pJ+WBrpZ7wrEZyyuqMqA0UpZve+gonUpZjnRWXewTTWm6jvc7lMQqFA1PD13pOGKYNKD/WxtaMXPWmvN+5WVwScH7ueEeppA1/aFwsMGnDBUU/+B04WxuQxo+M4b15vIq5GxI5Qvulv1taRdA5oiI10K+9UJAm+dz/2c2ZqEIiu+QTj9gvgbJsrIWMe0Wu5qmNTj/V97furJlcVaVvJvUy0N8zrqb7unAptjL0bQUvIB0ZXVgNbGEZLmAbpQhNgpIJ0ft6LiqvIzkrRYR+sIVr+mJrCoYxhyxB8cqsHJT2w==";
session_key="Piqc8iFe6pN0i5ofq4Y6PA==";
iv="Y37DfoP3+4ysUBo8YOnfiQ==";
System.out.println("session_key======"+session_key+"openid===="+openid);
System.out.println("code****"+code+"encryptedData**************"+encryptedData+"iv**********"+iv);
//对encryptedData加密数据进行AES解密
try {
String result = WXBizDataCrypt.getInstance().decrypt(encryptedData, session_key, iv, "utf-8");
System.out.println("AES解密值==="+result);
//String result = AesCbcUtil.decrypt2(session_key,encryptedData, iv);
//String result = AesCbcUtil.decrypt(encryptedData, session_key, iv, "UTF-8");
if (null != result && result.length() > 0) {
map.put("status", 1);
map.put("msg", "解密成功");
JSONObject userInfoJSON = JSONObject.parseObject(result);
//JSONObject userInfoJSON = JSON.parseObject(result);
//cn.hutool.json.JSONObject userInfoJSON = new cn.hutool.json.JSONObject(result);
System.out.println("userInfoJSON===="+userInfoJSON);
Map userInfo = new HashMap();
userInfo.put("openId", userInfoJSON.get("openId"));
userInfo.put("nickName", userInfoJSON.get("nickName"));
userInfo.put("gender", userInfoJSON.get("gender"));
userInfo.put("city", userInfoJSON.get("city"));
userInfo.put("province", userInfoJSON.get("province"));
userInfo.put("country", userInfoJSON.get("country"));
userInfo.put("avatarUrl", userInfoJSON.get("avatarUrl"));
// 解密unionId & openId;
System.out.println("userInfoJSON==============="+userInfoJSON);
System.out.println("unionId============"+userInfoJSON.get("unionId"));
userInfo.put("unionId", userInfoJSON.get("unionId"));
map.put("userInfo", userInfo);
} else {
map.put("status", 0);
map.put("msg", "解密失败");
}
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("map===================="+map.get("userInfo"));
return map;
}
/* @Override
public String wxAuthLogin(String encryptedData, String iv,String code) {
System.out.println(code);
System.out.println("来了小程序登录------------------------------------");
//微信那边的接口,grant_type=authorization_code是固定的
String url = String.format(weChatConfig.getWX_AUTH_URL(),weChatConfig.getXcxAppid(),weChatConfig.getXcxAppsecret(),code);
System.out.println("url==============="+url);
@ -343,9 +411,12 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
System.out.println(line); //这里需要使用fastjson来提取一下内容
JSONObject jsonObject= JSON.parseObject(line);
Login login=new Login();
System.out.println("jsonObject====================="+jsonObject);
System.out.println("unionId==================="+jsonObject.getString("unionid"));
login.setOpenid(jsonObject.getString("openid"));
login.setSession_key(jsonObject.getString("session_key"));
result.append(login.getOpenid());
login.setUnionid(jsonObject.getString("unionid"));
result.append(login.getUnionid());
System.out.println(result.toString());
}
} catch (IOException e) {
@ -353,6 +424,161 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
}
return result.toString();
}*/
/* @Override
public String wxAuthLogin(String encryptedData, String iv,String code) {
System.out.println(code);
System.out.println("来了小程序登录------------------------------------");
//微信那边的接口,grant_type=authorization_code是固定的
String url = String.format(weChatConfig.getWX_AUTH_URL(),weChatConfig.getXcxAppid(),weChatConfig.getXcxAppsecret(),code);
System.out.println("url==============="+url);
Map<String ,Object> baseMap = HttpUtils.doGet(url);
if(baseMap == null || baseMap.isEmpty()){ return null; }
String accessToken = (String)baseMap.get("access_token");
String openId = (String) baseMap.get("openid");
String unionId = (String) baseMap.get("unionid");
System.out.println("小程序登录openId============="+openId+"unionId=============="+unionId+"baseMap============"+baseMap);
return unionId;
}*/
/*
*//**
* 1 先按照loginInfo信息查询有无有unionID
* 2 如果有,直接返回 ,程序结束
* 3 如果没有,将用于解密的session_key获取
* 4 根据userInfo拿取encryptedData等加密数据
* 5 对加密数据进行逆解密
* 6 拿到unionID 返回,程序结
*
* userInfo TODO 注意一下通过user.getInfo获取的和通过button授权获取的格式不一样
*
*//*
@Override
public ResponseResult getUnionID(Long platformId, String userInfo, String loginInfo, HttpServletRequest request) {
Map<String, String> resLogign = null;
JSONObject resUserInfo = null;
System.out.println("--------------->>>>>进入WeChatServiceImpl");
resLogign = getUnionIDByLoginInfo(loginInfo, request);
// 加密session_key 解密需要
String session_key = resLogign.get("session_key");
if (StringUtils.isNotBlank(resLogign.get("unionid"))) {
System.out.println("返回数据,获取unionid,程序结束<<<------unionid={}"+resLogign.get("unionid"));
return ResponseResult.SUCCESS("获取unionid成功,返回数据!"+resLogign);
} else {
System.out.println("没有获取到unionid,userinfo进行对称解密操作start----->");
resUserInfo = decipherByUserInfo(session_key, userInfo, request);
if (resUserInfo != null && StringUtils.isNotEmpty(resUserInfo.toJSONString())) {
System.out.println("解密后的信息为resUserInfo:{}"+resUserInfo.toJSONString());
// 解密信息由 data.get("unionid") 获取
return ResponseResult.SUCCESS("获取解密信息成功"+resUserInfo);
}
}
return null;
}
*//**
*
* @param session_key
* @param userInfo
* @param request
* @return
*//*
private JSONObject decipherByUserInfo(String session_key, String userInfo, HttpServletRequest request) {
System.out.println("--------------->>>>>进入 decipherByUserInfo");
Map<String, String> resUserInfo = new HashMap<>();
if (!userInfo.contains("login:ok")&&!userInfo.contains("getUserInfo:ok")) {
return null;
}
JSONObject jsonUserInfo = JSONObject.parseObject(userInfo);
System.out.println("将userInfo转换成JSON,userInfo:{}"+jsonUserInfo.toJSONString());
String encryptedData = "";
String iv = "";
if (jsonUserInfo.get("detail") != null && StringUtils.isNotBlank(jsonUserInfo.get("detail").toString())) {
String detail = jsonUserInfo.get("detail").toString();
JSONObject parseObject = JSONObject.parseObject(detail);
encryptedData = (String) parseObject.get("encryptedData");
iv = (String) parseObject.get("iv");
} else {
encryptedData = (String) jsonUserInfo.get("encryptedData");
iv = (String) jsonUserInfo.get("iv");
}
System.out.println("获取解密数据解密start------------>>>解密需要的数据为:encryptedData:{},iv:{},session_key:{}"+"encryptedData===="+encryptedData+"iv===="+iv+"session_key===="+session_key);
// 被加密的数据
byte[] dataByte = Base64.decodeBase64(encryptedData);
// 加密秘钥
byte[] aeskey = Base64.decodeBase64(session_key);
// 偏移量
byte[] ivByte = Base64.decodeBase64(iv);
System.out.println("对加密数据进行Base64编码完毕------------>>>dataByte:{},aeskey:{},ivByte:{}"+dataByte.toString()+aeskey.toString()+ivByte.toString());
String newuserInfo = "";
try {
AES aes = new AES();
byte[] resultByte = aes.decrypt(dataByte, aeskey, ivByte);
if (null != resultByte && resultByte.length > 0) {
newuserInfo = new String(resultByte, "UTF-8");
System.out.println("解密完毕,解密结果为newuserInfo:{}"+newuserInfo);
return JSONObject.parseObject(newuserInfo);
}
} catch (Exception e) {
System.out.println("解密异常!检查解密数据 {}"+newuserInfo+e);
e.printStackTrace();
}
return null;
}
*//**
* 根据logininfo 的code尝试获取unionID
*
* @param loginInfo
* @param request
* @return
*//*
private Map<String, String> getUnionIDByLoginInfo(String loginInfo, HttpServletRequest request) {
JSONObject loginRes = null;
Map<String, Object> loginReq = new HashMap<>();
Map<String, String> loginResMap = new HashMap<>();
System.out.println("--------------->>>>>进入 getUnionIDByLoginInfo");
JSONObject loginMap = JSONObject.parseObject(loginInfo);
System.out.println("转换JSON完毕");
System.out.println("组装请求数据----start:");
String resCode = (String) loginMap.get("code");
loginReq.put("js_code", resCode);
loginReq.put("appid", weChatConfig.getXcxAppid()); // 这几个变量是自己去获取的 我做成了配置文件中
loginReq.put("secret", weChatConfig.getXcxAppsecret()); // 去这个网址看参数说明: https://developers.weixin.qq.com/miniprogram/dev/api/api-login.html#wxloginobject
loginReq.put("grant_type", "authorization_code");
System.out.println("组装请求参数完毕loginReq={}"+loginReq);
try {
System.out.println("开始发送请求到微信...url={}"+weChatConfig.getWX_AUTH_URL());
loginRes = HttpClientUtils.doGet(SysConstants.WEICHAT_UNIONID_URL, loginReq);
} catch (Exception e) {
System.out.println("调用httpClient异常!异常信息={}"+e);
throw new RuntimeException(e);
}
String openid = (String) loginRes.get("openid");
String session_key = (String) loginRes.get("session_key");
String unionid = (String) loginRes.get("unionid");
loginResMap.put("openid", openid);
loginResMap.put("unionid", unionid);
loginResMap.put("session_key", session_key);
System.out.println("https返回数据loginRes={}"+loginRes.toJSONString());
// 微信建议不要在传输中有session_key,我们在这里做一个缓存数据key=session_key_safe,value="真实的session_key+真实的openid"
// TODO
// 时间问题,这里暂不处理
// loginResMap.put("session_key", "session_key_safe");
return loginResMap;
}*/
}
}

@ -58,7 +58,8 @@ public class UserServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> imple
if(baseMap == null || baseMap.isEmpty()){ return null; }
String accessToken = (String)baseMap.get("access_token");
String openId = (String) baseMap.get("openid");
System.out.println("微信扫码加密前openId============="+openId);
String unionId = (String) baseMap.get("unionid");
System.out.println("微信扫码加密前openId============="+openId+"unionId=============="+unionId+"baseMap============"+baseMap);
//对code(回调过来的openid)加密
String md5OpenId = Md5Util.md5(openId);
log.info("accessToken========> "+accessToken+"openId========> "+openId+"code=======> "+code+"md5OpenId============>"+md5OpenId);
@ -145,7 +146,8 @@ public class UserServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> imple
return false;
}
String openId = (String) baseMap.get("openid");
log.info(openId+"--------------------------------------------------------------------------------------------------");
String unionId = (String) baseMap.get("unionid");
log.info("openId========="+openId+"unionId===="+unionId);
String md5OpenId = Md5Util.md5(openId);
Integer countWeChatId = this.getBaseMapper().countWeChatId(md5OpenId);
String token = this.getBaseMapper().getTokenByUserId(Long.parseLong(state));

@ -0,0 +1,73 @@
package com.daqing.financial.hrauth.util;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class AES {
public static boolean initialized = false;
/**
* AES对称解密工具类
*
* @param content
* 密文
* @return
* @throws InvalidAlgorithmParameterException
* @throws NoSuchProviderException
*/
public byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException {
initialize();
try {
// java是没有
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
Key sKeySpec = new SecretKeySpec(keyByte, "AES");
cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化
byte[] result = cipher.doFinal(content);
return result;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (NoSuchProviderException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static void initialize() {
if (initialized)
return;
Security.addProvider(new BouncyCastleProvider());
initialized = true;
}
// 生成iv
public static AlgorithmParameters generateIV(byte[] iv) throws Exception {
AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
params.init(new IvParameterSpec(iv));
return params;
}
}

@ -0,0 +1,171 @@
package com.daqing.financial.hrauth.util;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.*;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.*;
import java.security.spec.InvalidParameterSpecException;
import java.util.Arrays;
/**
* Created by yfs on 2018/3/25.
* <p>
* AES-128-CBC 加密方式
*
* AES-128-CBC可以自己定义密钥偏移量
* AES-128是jdk自动生成的密钥
*/
public class AesCbcUtil {
static {
//BouncyCastle是一个开源的加解密解决方案,主页在http://www.bouncycastle.org/
Security.addProvider(new BouncyCastleProvider());
}
/**
* AES解密
*
* @param data //密文,被加密的数据
* @param key //秘钥
* @param iv //偏移量
* @param encodingFormat //解密后的结果需要进行的编码
* @return
* @throws Exception
*/
public static String decrypt(String data, String key, String iv, String encodingFormat) throws Exception {
// initialize();
//被加密的数据
byte[] dataByte = Base64.decodeBase64(data);
//加密秘钥
byte[] keyByte = Base64.decodeBase64(key);
//偏移量
byte[] ivByte = Base64.decodeBase64(iv);
try {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
parameters.init(new IvParameterSpec(ivByte));
cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
byte[] resultByte = cipher.doFinal(dataByte);
if (null != resultByte && resultByte.length > 0) {
String result = new String(resultByte, encodingFormat);
return result;
}
return null;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidParameterSpecException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return null;
}
/**
* AES解密
*
* @param encryptedData 消息密文
* @param ivStr iv字符串
*/
public static byte[] decrypt2(String sessionKey, String encryptedData, String ivStr) {
try {
AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
params.init(new IvParameterSpec(Base64.decodeBase64(ivStr)));
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(Base64.decodeBase64(sessionKey), "AES"), params);
String encodingFormat = "UTF-8";
byte[] resultByte = cipher.doFinal(Base64.decodeBase64(encryptedData));
return resultByte;
/* System.out.println("resultByte===="+resultByte);
if (null != resultByte && resultByte.length > 0) {
String result = new String(resultByte, encodingFormat);
return result;
}
return null;*/
//return new String(PKCS7Encoder.decode(cipher.doFinal(Base64.decodeBase64(encryptedData))), StandardCharsets.UTF_8);
} catch (Exception e) {
throw new RuntimeException("AES解密失败", e);
}
}
public static String decryptNew(String encryptedData, String sessionKey, String iv) throws Exception {
String result = "";
// 被加密的数据
byte[] dataByte = Base64.decodeBase64(encryptedData);
// 加密秘钥
byte[] keyByte = Base64.decodeBase64(sessionKey);
// 偏移量
byte[] ivByte = Base64.decodeBase64(iv);
try {
// 如果密钥不足16位,那么就补足. 这个if 中的内容很重要
int base = 16;
if (keyByte.length % base != 0) {
int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
byte[] temp = new byte[groups * base];
Arrays.fill(temp, (byte) 0);
System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
keyByte = temp;
}
// 初始化
Security.addProvider(new BouncyCastleProvider());
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
parameters.init(new IvParameterSpec(ivByte));
// 初始化
cipher.init(Cipher.DECRYPT_MODE, spec, parameters);
byte[] resultByte = cipher.doFinal(dataByte);
if (null != resultByte && resultByte.length > 0) {
result = new String(resultByte, "UTF-8");
}
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidParameterSpecException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
} catch (NoSuchProviderException e) {
e.printStackTrace();
}
return result;
}
}

@ -0,0 +1,137 @@
package com.daqing.financial.hrauth.util;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.URL;
import java.net.URLConnection;
import java.util.List;
import java.util.Map;
public class HttpRequest {
public static void main(String[] args) {
//发送 GET 请求
String s=HttpRequest.sendGet("http://v.qq.com/x/cover/kvehb7okfxqstmc.html?vid=e01957zem6o", "");
System.out.println(s);
// //发送 POST 请求
// String sr=HttpRequest.sendPost("http://www.toutiao.com/stream/widget/local_weather/data/?city=%E4%B8%8A%E6%B5%B7", "");
// JSONObject json = JSONObject.fromObject(sr);
// System.out.println(json.get("data"));
}
/**
* 向指定URL发送GET方法的请求
*
* @param url
* 发送请求的URL
* @param param
* 请求参数请求参数应该是 name1=value1&name2=value2 的形式
* @return URL 所代表远程资源的响应结果
*/
public static String sendGet(String url, String param) {
String result = "";
BufferedReader in = null;
try {
String urlNameString = url + "?" + param;
URL realUrl = new URL(urlNameString);
// 打开和URL之间的连接
URLConnection connection = realUrl.openConnection();
// 设置通用的请求属性
connection.setRequestProperty("accept", "*/*");
connection.setRequestProperty("connection", "Keep-Alive");
connection.setRequestProperty("user-agent",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
// 建立实际的连接
connection.connect();
// 获取所有响应头字段
Map<String, List<String>> map = connection.getHeaderFields();
// 遍历所有的响应头字段
for (String key : map.keySet()) {
System.out.println(key + "--->" + map.get(key));
}
// 定义 BufferedReader输入流来读取URL的响应
in = new BufferedReader(new InputStreamReader(
connection.getInputStream()));
String line;
while ((line = in.readLine()) != null) {
result += line;
}
} catch (Exception e) {
System.out.println("发送GET请求出现异常!" + e);
e.printStackTrace();
}
// 使用finally块来关闭输入流
finally {
try {
if (in != null) {
in.close();
}
} catch (Exception e2) {
e2.printStackTrace();
}
}
return result;
}
/**
* 向指定 URL 发送POST方法的请求
*
* @param url
* 发送请求的 URL
* @param param
* 请求参数请求参数应该是 name1=value1&name2=value2 的形式
* @return 所代表远程资源的响应结果
*/
public static String sendPost(String url, String param) {
PrintWriter out = null;
BufferedReader in = null;
String result = "";
try {
URL realUrl = new URL(url);
// 打开和URL之间的连接
URLConnection conn = realUrl.openConnection();
// 设置通用的请求属性
conn.setRequestProperty("accept", "*/*");
conn.setRequestProperty("connection", "Keep-Alive");
conn.setRequestProperty("user-agent",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
// 发送POST请求必须设置如下两行
conn.setDoOutput(true);
conn.setDoInput(true);
// 获取URLConnection对象对应的输出流
out = new PrintWriter(conn.getOutputStream());
// 发送请求参数
out.print(param);
// flush输出流的缓冲
out.flush();
// 定义BufferedReader输入流来读取URL的响应
in = new BufferedReader(
new InputStreamReader(conn.getInputStream()));
String line;
while ((line = in.readLine()) != null) {
result += line;
}
} catch (Exception e) {
System.out.println("发送 POST 请求出现异常!"+e);
e.printStackTrace();
}
//使用finally块来关闭输出流、输入流
finally{
try{
if(out!=null){
out.close();
}
if(in!=null){
in.close();
}
}
catch(IOException ex){
ex.printStackTrace();
}
}
return result;
}
}

@ -0,0 +1,65 @@
package com.daqing.financial.hrauth.util;
/**
* 对公众平台发送给公众账号的消息加解密示例代码.
*
* @copyright Copyright (c) 1998-2014 Tencent Inc.
*/
import java.nio.charset.Charset;
import java.util.Arrays;
/**
* 提供基于PKCS7算法的加解
*/
public class PKCS7Encoder {
private static final Charset CHARSET = Charset.forName("utf-8");
private static final int BLOCK_SIZE = 32;
/**
* 获得对明文进行补位填充的字节.
*
* @param count 需要进行填充补位操作的明文字节个数
* @return 补齐用的字节数组
*/
public static byte[] encode(int count) {
// 计算需要填充的位数
int amountToPad = BLOCK_SIZE - (count % BLOCK_SIZE);
if (amountToPad == 0) {
amountToPad = BLOCK_SIZE;
}
// 获得补位所用的字符
char padChr = chr(amountToPad);
String tmp = new String();
for (int index = 0; index < amountToPad; index++) {
tmp += padChr;
}
return tmp.getBytes(CHARSET);
}
/**
* 删除解密后明文的补位字符
*
* @param decrypted 解密后的明文
* @return 删除补位字符后的明文
*/
public static byte[] decode(byte[] decrypted) {
int pad = decrypted[decrypted.length - 1];
if (pad < 1 || pad > 32) {
pad = 0;
}
return Arrays.copyOfRange(decrypted, 0, decrypted.length - pad);
}
/**
* 将数字转化成ASCII码对应的字符用于对明文进行补码
*
* @param a 需要转化的数字
* @return 转化得到的字符
*/
public static char chr(int a) {
byte target = (byte) (a & 0xFF);
return (char) target;
}
}

@ -0,0 +1,198 @@
package com.daqing.financial.hrauth.util;
import com.google.common.primitives.Bytes;
import org.apache.commons.codec.binary.Base64;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
public class TestUtil {
/**
* 加密
*
* @param content
* 需要加密的内容
* @param password
* 加密密码
* @return
*/
public static byte[] encrypt(String content, String password) {
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128, new SecureRandom(password.getBytes()));
SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");// 创建密码器
byte[] byteContent = content.getBytes("utf-8");
cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化
byte[] result = cipher.doFinal(byteContent);
return result; // 加密
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
/**
* 解密
*
* @param content
* 待解密内容
* @param password
* 解密密钥
* @return
*/
public static byte[] decrypt(byte[] content, String password) {
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128, new SecureRandom(password.getBytes()));
SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");// 创建密码器
cipher.init(Cipher.DECRYPT_MODE, key);// 初始化
byte[] result = cipher.doFinal(content);
return result; // 加密
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
/**
* 将二进制转换成16进制
*
* @param buf
* @return
*/
public static String parseByte2HexStr(byte buf[]) {
StringBuffer sb = new StringBuffer();
for (int i = 0; i < buf.length; i++) {
String hex = Integer.toHexString(buf[i] & 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
sb.append(hex.toUpperCase());
}
return sb.toString();
}
/**
* 将16进制转换为二进制
*
* @param hexStr
* @return
*/
public static byte[] parseHexStr2Byte(String hexStr) {
if (hexStr.length() < 1)
return null;
byte[] result = new byte[hexStr.length() / 2];
for (int i = 0; i < hexStr.length() / 2; i++) {
int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16);
int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16);
result[i] = (byte) (high * 16 + low);
}
return result;
}
/**
* 加密
*
* @param content
* 需要加密的内容
* @param password
* 加密密码
* @return
*/
public static byte[] encrypt2(String content, String password) {
try {
SecretKeySpec key = new SecretKeySpec(password.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
byte[] byteContent = content.getBytes("utf-8");
cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化
byte[] result = cipher.doFinal(byteContent);
return result; // 加密
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
}
return null;
}
public static void main(String[] args) throws UnsupportedEncodingException, InvalidAlgorithmParameterException {
String encryptedData="+WQuaG5Tr9EU6f+Cx7OR7O8/HbVAUK77P9/BRqhdA4qYKLcw0sbS1R5DfoU+D4HEpoUCXtmRH/gP" +
"eJqYFJpauBysbadiYrZ6wYWjp5wP+HgxWnfCOk7jwR8WUdvFFDuQMhAVudnFhhNP3g4iHfCeiU5yfmN4iw" +
"gpL4txJpuZDHhyjqBqGGxntyxgxHFonbFi94e+IaPrFqigvqJXI9RGW9eXUVhZEQGeadv+eW72ucPq90KGH" +
"wPj0uUMWRWPJC8ZWp+uRUbrENiKfo9QJqiMljq/wcbz4c/u/Wd7PF4o4s02uutMjsrpYdnpw20E7DDpUIBU" +
"fIkeDmIFOIEQYPAGbTFtbHwPyyrx/r+fSihmO6PRwAlUrfhCOZ3KNkmtqZPDjqfHGrW+MeiquW5vryXL8FWy++z" +
"OVdGzymGvW6E/hSVDoTNL4+zeuxhJAXCnuPjLtYeL0EkGam8ks0KDqhZy3gUwRwrM0HFzQ1IryTMsqeLCcLMm" +
"0vWG4PEuPv5j5+V66MTGYvyyM2v67zK7Z2cn2A==";
String iv="zI+P8RVxEwMFBXcJDCemHg==";
String session_key="Piqc8iFe6pN0i5ofq4Y6PA==";
String content = encryptedData;
String password = "";
// 加密
System.out.println("加密前:" + content);
byte[] encode = encrypt(content, password);
//传输过程,不转成16进制的字符串,就等着程序崩溃掉吧
String code = parseByte2HexStr(encode);
System.out.println("密文字符串:" + code);
byte[] decode = parseHexStr2Byte(code);
// 解密
byte[] decryptResult = decrypt(decode, password);
System.out.println("decryptResult==="+decryptResult);
System.out.println("解密后:" + new String(decryptResult, "UTF-8")); //不转码会乱码
System.out.println("=========================================================");
byte[] dataByte = Base64.decodeBase64(session_key);
//byte[] d = TestUtil.parseHexStr2Byte(encryptedData);
byte[] dr = decrypt(dataByte, "");
//String re = new String(dr, "UTF-8");
//System.out.println("result====="+re);
}
}

@ -0,0 +1,115 @@
package com.daqing.financial.hrauth.util;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import sun.misc.BASE64Decoder;
import com.alibaba.fastjson.JSONObject;
/**
* 对微信小程序用户加密数据的解密示例代码.
*
* @ClassName WXBizDataCrypt
* @Description TODO(这里用一句话描述这个类的作用)
* @author tf
* @Date 2016年11月19日 下午2:56:36
* @version 1.0.0
*/
@SuppressWarnings("restriction")
public class WXBizDataCrypt {
/*
* 加密用的Key 可以用26个字母和数字组成 此处使用AES-128-CBC加密模式key需要为16位
*/
private static WXBizDataCrypt instance = null;
private WXBizDataCrypt() {
}
public static WXBizDataCrypt getInstance() {
if (instance == null)
instance = new WXBizDataCrypt();
return instance;
}
/**
* 对于官方加密数据encryptData解密说明如下 加密数据解密算法 接口如果涉及敏感数据如wx.getUserInfo当中的
* openId 和unionId 接口的明文内容将不包含这些敏感数据开发者如需要获取敏感数据需要对接口返回的加密数据(
* encryptedData )进行对称解密 解密算法如下 对称解密使用的算法为 AES-128-CBC数据采用PKCS#7填充
* 对称解密的目标密文为 Base64_Decode(encryptedData), 对称解密秘钥 aeskey =
* Base64_Decode(session_key), aeskey 是16字节 对称解密算法初始向量 iv 会在数据接口中返回
*
* @Description (TODO这里用一句话描述这个方法的作用)
* @param encryptedData
* 加密内容
* @param sessionKey
* 小程序登录sessionKey
* @param iv
* 解密算法初始向量 iv 会在数据接口中返回
* @param encodingFormat
* 编码格式默认UTF-8
* @return 返回解密后的字符串
* @throws Exception
*/
public String decrypt(String encryptedData, String sessionKey, String iv, String encodingFormat) throws Exception {
try {
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
BASE64Decoder base64Decoder = new BASE64Decoder();
byte[] _encryptedData = base64Decoder.decodeBuffer(encryptedData);
byte[] _sessionKey = base64Decoder.decodeBuffer(sessionKey);
byte[] _iv = base64Decoder.decodeBuffer(iv);
SecretKeySpec secretKeySpec = new SecretKeySpec(_sessionKey, "AES");
IvParameterSpec ivParameterSpec = new IvParameterSpec(_iv);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);
byte[] original = cipher.doFinal(_encryptedData);
byte[] bytes = PKCS7Encoder.decode(original);
String originalString = new String(bytes, "ISO-8859-1");
return originalString;
} catch (Exception ex) {
return null;
}
}
public static void main(String[] args) throws Exception {
// 需要加密的字串
// String appid = "wx4f4bc4dec97d474b";
/* String sessionKey = "tiihtNczf5v6AKRyjwEUhQ==";
String encryptedData = "CiyLU1Aw2KjvrjMdj8YKliAjtP4gsMZM" + "QmRzooG2xrDcvSnxIMXFufNstNGTyaGS"
+ "9uT5geRa0W4oTOb1WT7fJlAC+oNPdbB+" + "3hVbJSRgv+4lGOETKUQz6OYStslQ142d"
+ "NCuabNPGBzlooOmB231qMM85d2/fV6Ch" + "evvXvQP8Hkue1poOFtnEtpyxVLW1zAo6"
+ "/1Xx1COxFvrc2d7UL/lmHInNlxuacJXw" + "u0fjpXfz/YqYzBIBzD6WUfTIF9GRHpOn"
+ "/Hz7saL8xz+W//FRAUid1OksQaQx4CMs" + "8LOddcQhULW4ucetDf96JcR3g0gfRK4P"
+ "C7E/r7Z6xNrXd2UIeorGj5Ef7b1pJAYB" + "6Y5anaHqZ9J6nKEBvB4DnNLIVWSgARns"
+ "/8wR2SiRS7MNACwTyrGvt9ts8p12PKFd" + "lqYTopNHR1Vf7XjfhQlVsAJdNiKdYmYV"
+ "oKlaRv85IfVunYzO0IKXsyl7JCUjCpoG" + "20f0a04COwfneQAGGwd5oa+T8yO5hzuy" + "Db/XcxxmK01EpqOyuxINew==";
String iv = "r7BXXKkLb8qrSNn05n0qiA==";*/
/* String encryptedData="+WQuaG5Tr9EU6f+Cx7OR7O8/HbVAUK77P9/BRqhdA4qYKLcw0sbS1R5DfoU+D4HEpoUCXtmRH/gP" +
"eJqYFJpauBysbadiYrZ6wYWjp5wP+HgxWnfCOk7jwR8WUdvFFDuQMhAVudnFhhNP3g4iHfCeiU5yfmN4iw" +
"gpL4txJpuZDHhyjqBqGGxntyxgxHFonbFi94e+IaPrFqigvqJXI9RGW9eXUVhZEQGeadv+eW72ucPq90KGH" +
"wPj0uUMWRWPJC8ZWp+uRUbrENiKfo9QJqiMljq/wcbz4c/u/Wd7PF4o4s02uutMjsrpYdnpw20E7DDpUIBU" +
"fIkeDmIFOIEQYPAGbTFtbHwPyyrx/r+fSihmO6PRwAlUrfhCOZ3KNkmtqZPDjqfHGrW+MeiquW5vryXL8FWy++z" +
"OVdGzymGvW6E/hSVDoTNL4+zeuxhJAXCnuPjLtYeL0EkGam8ks0KDqhZy3gUwRwrM0HFzQ1IryTMsqeLCcLMm" +
"0vWG4PEuPv5j5+V66MTGYvyyM2v67zK7Z2cn2A==";
String iv="zI+P8RVxEwMFBXcJDCemHg==";
String sessionKey="Piqc8iFe6pN0i5ofq4Y6PA==";*/
String iv="Y37DfoP3+4ysUBo8YOnfiQ==";
String sessionKey="Piqc8iFe6pN0i5ofq4Y6PA==";
String encryptedData="V6E2hVgfhatfPt/octP4c6881lJ1GCsYqtzY9MzqlWTpthAw5uWJLpRoXtmO5oM7XSHS6xKqh8YVzhKmrfzbb66574fbfE7n5ADSJYlsJwem1ifm3sypW9Ys3GSBwHaQ/x+Sn3rfs+HKMJgegGn+b3R5X7eXFhrA6lFnd+/xpYB4VWztFMsIyVT85Mlv5G3vp1FryctiGjWTFDDh1kAFXQ31Cso91SuAW2muSUaHh32pJ+WBrpZ7wrEZyyuqMqA0UpZve+gonUpZjnRWXewTTWm6jvc7lMQqFA1PD13pOGKYNKD/WxtaMXPWmvN+5WVwScH7ueEeppA1/aFwsMGnDBUU/+B04WxuQxo+M4b15vIq5GxI5Qvulv1taRdA5oiI10K+9UJAm+dz/2c2ZqEIiu+QTj9gvgbJsrIWMe0Wu5qmNTj/V97furJlcVaVvJvUy0N8zrqb7unAptjL0bQUvIB0ZXVgNbGEZLmAbpQhNgpIJ0ft6LiqvIzkrRYR+sIVr+mJrCoYxhyxB8cqsHJT2w==";
/* String iv="sAUv8qjwP8j/Ql9KLgA4iQ==";
String sessionKey="H5lUk3IPIIENRdLxzLi2Hg==";
String encryptedData="QygyXroVw0DNuwO4mlZDBX9wy8XYYE+AA0D738aAKe4icD9UPhtFywJ49UbmT7syv+fb4cn+3ao/w0aQCceh/dEsUhdSWsqAQZtaaXGeCHzi1iGdznIVD06ZYUdgZrJ7rY8Ie9w5/SYVSdSn5pyGovNCohUW4fp2CVowzwrRydsngDDWYjutkSfdvKgT19sCwuOOqZTzDM3gRqIUxwfrjKaDaoCPfa6z+otC0F/BtZYiiqd3MQIMJ0+JSll3ZVrpQKitBhc1EydxN3WSayxhYc4fiEa0YHoXaci0C/6bAfedgGQhejK6hSPLXr/TC++I0lfWnCS/2aidIsifLfyNg2/84yc5mWY5snoc9QeyAoXHczL62n1RwGBetE1Sq7q/sRn9XOFvM0kJ6UOS0n3FvMrH7716hBjUIP/lIf7hAH2IBbnPWyk5iKrMYt/T1Ky5e+RjBwnqJCyYTAxrvEczj2IQPwpGS3B3KWNTGGaK42Sf07w6ID37J3bWsPDAllZUSDhm67vmUjH8AyPTPsGPOg==";
*/
/* String iv="amXf/b7Ollz6WV6e9ZCosg==";
String sessionKey="H8d5dQnmec8Wtm1Ac1IaxQ==";
String encryptedData="/xY631in/VQwauJfAsB9gGH8XpFAzZUprSYBoZzfbDbx60xsBpaikxnn1K+00MMzZ9hAVV4RRKRp+4qaoj+iSuJArgKlZByXaPQa4TxV7JGEuAA2qByTNHK/H2hrFdAxEDERwk7DjYqq1OhMO5n4pTRPxVUZ5ovKm81oOxVw77TjfkkQlgd2Uab/Oe7eM59HkoDQQDC9H2f4q7KmX7sHUuUWmMhEa8+rsJBMy2CWfTvfJpKE9BqNuNOHrXILMpvNm4vKcsc5DB6QzjbwJq8BLCLbmcE3Fa4ZQzcVW2Zi5lT0sOMX/kytgaceo/Rw3VpLkBwwRTsZDB7p+KRUbJYG7f3iSMWYveH09vL8dU+s9ZRO1FCgkyOj5jcpRAKEUAT2njdK4ozXYu+/qMUPeCp00G1NNlDq7gvBnhzYbQzg4+InTmENDYlckAIktBxa3ENWpDjiYWHBSHwbA/gJpAKoZz/oNUrBnPIH91UqRjGQXhdVnBQxeyMcnPuVrk3D51r5Ki3aAuwvB1l6+TWA//RcjTfSQtQnJ/yFctMmk3A7OGo=";
*/String deString = WXBizDataCrypt.getInstance().decrypt(encryptedData, sessionKey, iv, "utf-8");
JSONObject jsonObject = JSONObject.parseObject(deString);
System.out.println(jsonObject);
}
}

@ -1,13 +1,132 @@
//package com.daqing.financial.hrauth;
//
//import org.junit.Test;
//import org.springframework.boot.test.context.SpringBootTest;
//
//@SpringBootTest
//class DqFinancialHrmsAuthApplicationTests {
//
// @Test
// void contextLoads() {
// }
//
//}
package com.daqing.financial.hrauth;
import com.daqing.financial.hrauth.util.AesCbcUtil;
import io.swagger.models.auth.In;
import java.io.BufferedReader;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.util.*;
import java.util.regex.Pattern;
import java.util.stream.Stream;
class DqFinancialHrmsAuthApplicationTests{
public static void main(String[] args) throws Exception {
String encryptedData="+WQuaG5Tr9EU6f+Cx7OR7O8/HbVAUK77P9/BRqhdA4qYKLcw0sbS1R5DfoU+D4HEpoUCXtmRH/gPeJqYFJpauBysbadiYrZ6wYWjp5wP+HgxWnfCOk7jwR8WUdvFFDuQMhAVudnFhhNP3g4iHfCeiU5yfmN4iwgpL4txJpuZDHhyjqBqGGxntyxgxHFonbFi94e+IaPrFqigvqJXI9RGW9eXUVhZEQGeadv+eW72ucPq90KGHwPj0uUMWRWPJC8ZWp+uRUbrENiKfo9QJqiMljq/wcbz4c/u/Wd7PF4o4s02uutMjsrpYdnpw20E7DDpUIBUfIkeDmIFOIEQYPAGbTFtbHwPyyrx/r+fSihmO6PRwAlUrfhCOZ3KNkmtqZPDjqfHGrW+MeiquW5vryXL8FWy++zOVdGzymGvW6E/hSVDoTNL4+zeuxhJAXCnuPjLtYeL0EkGam8ks0KDqhZy3gUwRwrM0HFzQ1IryTMsqeLCcLMm0vWG4PEuPv5j5+V66MTGYvyyM2v67zK7Z2cn2A==";
String iv="zI+P8RVxEwMFBXcJDCemHg==";
String session_key="Piqc8iFe6pN0i5ofq4Y6PA==";
/* String result = AesCbcUtil.decrypt2(session_key,encryptedData,iv);
String s2 = new String(result.getBytes("UTF-8"),"GBK");
System.out.println(result);
System.out.println(s2);*/
}
/* public static void main(String[] args) {
//=================================流的常用创建方法=======================================
//1,使用Collection下的stream()和parallelStream()操作
List<String> list = new ArrayList();
Stream<String> stream = list.stream();//获取一个顺序流
Stream<String> parallelStream = list.parallelStream();//获取一个并行流
//2,使用Arrays中的stream()方法,将数组转成流
Integer[]num = new Integer[10];
Stream<Integer> stream1 = Arrays.stream(num);
//System.out.println("stream1==="+stream1);
//3,使用Stream中的静态方法:如of(),iterate(),generate()
Stream<Integer>stream2 = Stream.of(1,2,3,4,5,6);
//stream2.forEach(System.out::println);
//stream2.forEach((t)->System.out.println(t));每次创建的stream只能使用一次,否则报错stream has already been operated upon or closed
Stream<Integer>stream3 = Stream.iterate(0,(x)->x+2).limit(8);
//stream3.forEach(System.out::println);
Stream<Double>stream4 = Stream.generate(Math::random).limit(2);
// stream4.forEach((t)->System.out.println(t));
//4,使用BufferedReader.lines()方法,将每行内容转成流
BufferedReader reader=null;
try {
reader = new BufferedReader(new FileReader("D:\\myfile\\工作文档.txt"));
} catch (FileNotFoundException e) {
e.printStackTrace();
}
Stream<String>lineStream = reader.lines();
//lineStream.forEach(System.out::println);
//5,使用Pattern.splitAsStream()方法,将字符串分隔成流
Pattern pattern = Pattern.compile(",");
Stream<String> stream5 = pattern.splitAsStream("漆柒,菜园子");
// stream5.forEach(System.out::println);
//=================================流的中间操作========================================
//1,筛选与切片
Stream<Integer> stream6 = Stream.of(6, 4, 6, 7, 3, 9, 8, 10, 12, 14, 14, 20, 3);
Stream<Integer> newStream = stream6.filter(t -> t>5)//6, 6, 7, 9, 8, 10, 12, 14, 14, 20
.distinct()//6, 7, 9, 8, 10, 12, 14, 20
.skip(2)//9, 8, 10, 12, 14, 20
.limit(5);//9, 8, 10, 12, 14
//filter:过滤流中的某些元素,limit(n):获取n个元素,skip(n):跳过n元素,配合limit(n)可做分页,distinct:通过流中元素的hashCode()和equals()去重
// newStream.forEach(System.out::println);
//2,映射
List<String> list2 = Arrays.asList("a,b,c", "1,2,3");
//将每个元素转成一个新的且不带括号的元素
Stream<String> streamMap = list2.stream().map(s->s.replaceAll(",",""));
// streamMap.forEach(System.out::println);
Stream<String> streamFlatMap = list2.stream().flatMap(s->{
//将每个元素转换成一个Stream流
String[]split = s.split(",");
Stream<String>ss = Arrays.stream(split);
return ss;
});
// streamFlatMap.forEach(System.out::println);
//3,排序
List<String>list3=Arrays.asList("az","fb","de");
Stream<String>stream7 = list3.stream().sorted();
// stream7.forEach(System.out::println);
Student s1 = new Student("aa",10);
Student s2 = new Student("bb",20);
Student s3 = new Student("aa",30);
Student s4 = new Student("dd",40);
List<Student>pojoList = Arrays.asList(s1,s2,s3,s4);
//自定义排序,先按姓名升序,姓名相同的按年龄升序
//jdk8新操作
pojoList.stream().sorted(
(o1,o2)->{
if(o1.getName().equals(o2.getName())){
return o1.getAge()-o2.getAge();
}else{
return o1.getName().compareTo(o2.getName());
}
});
//jdk7骚操作
Collections.sort(pojoList, new Comparator<Student>() {
@Override
public int compare(Student o1, Student o2) {
if(o1.getName().equals(o2.getName())){
return o1.getAge()-o2.getAge();
}else{
return o1.getName().compareTo(o2.getName());
}
}
});
//4,消费 peek
List<Student> studentList = Arrays.asList(s1,s2);
studentList.stream().peek(s->s.setAge(100));
//===================================流的终止操作=====================================
//1,匹配,聚合操作
}*/
}

@ -0,0 +1,41 @@
package com.daqing.financial.hrauth;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
import java.io.Serializable;
/**
* 记录部门信息
*
* @author gongsj
* @email gongsj@gmail.com
* @date 2020-09-07 17:12:14
*/
@Data
public class Student implements Serializable {
private static final long serialVersionUID = 1L;
public Student(String name, Integer age) {
this.name = name;
this.age = age;
}
/**
* 主键
*/
@TableId(value = "id", type = IdType.AUTO)
private Long id;
/**
* 部门名称
*/
@ApiModelProperty(value = "部门名称")
private String name;
/**
* 上级部门id
*/
private Integer age;
}

@ -3,6 +3,7 @@ package com.daqing.framework.domain.crms;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import com.fasterxml.jackson.annotation.JsonFormat;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
@ -58,6 +59,7 @@ public class CrmsCompanyPersonal implements Serializable {
* 注册时间
*/
@ApiModelProperty(value = "注册时间")
@JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
private Date registeredTime;
/**

@ -81,4 +81,6 @@ public class DgApplyAmountList implements Serializable {
@ApiModelProperty(value = "更新时间")
@TableField(fill = FieldFill.INSERT_UPDATE)
private Date updateTime;
private Integer ver;
}

@ -3,6 +3,7 @@ package com.daqing.framework.domain.guarantee;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import com.fasterxml.jackson.annotation.JsonFormat;
import lombok.Data;
import java.io.Serializable;
@ -76,6 +77,7 @@ public class DgBusinessCompany implements Serializable {
/**
* 注册时间
*/
@JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
private Date registerTime;
/**
@ -142,4 +144,9 @@ public class DgBusinessCompany implements Serializable {
* 联系电话指个人或企业的
*/
private String phone;
/**
* 客户基本信息表id
*/
private Long customerId;
}

@ -28,4 +28,6 @@ public class Login implements Serializable {
private String session_key;
private String unionid;
}

@ -79,6 +79,8 @@ public enum HrmsCode implements ResultCode {
EMP_POSITION_EXSIT(false, 22006, "该职位下已关联员工!"),
ROLE_EMP_LINK(false,44003,"该角色关联业务管理模块,不能删除!"),
TOKEN_EXCEPTION(false,401,"TOKEN已过期,请重新登录!"),
EMP_SAME(false, 51001, "A,B角不能选同一个人!"),
EMP_TO_BE_CHOOSE(false, 51002, "该用户已经被指派!");

Loading…
Cancel
Save