diff --git a/jnpf-java-boot/jnpf-admin/src/main/resources/application-dev.yml b/jnpf-java-boot/jnpf-admin/src/main/resources/application-dev.yml index 6e3b639..85c2b8e 100644 --- a/jnpf-java-boot/jnpf-admin/src/main/resources/application-dev.yml +++ b/jnpf-java-boot/jnpf-admin/src/main/resources/application-dev.yml @@ -230,3 +230,12 @@ xxl: task-update-address: ${xxl.job.admin.addresses}api/ScheduleTask task-remove-address: ${xxl.job.admin.addresses}api/ScheduleTask/remove task-start-or-remove-address: ${xxl.job.admin.addresses}api/ScheduleTask/updateTask + +# ===================== 微信小程序配置 ===================== +wx: + code2Session: https://api.weixin.qq.com/sns/jscode2session + # 回收员端 + huishouyuan: + appid: wxf82bcc798891a29d + appsecret: f37fb0ab2b5f691d8507acced60a58fb + diff --git a/jnpf-java-boot/jnpf-admin/src/main/resources/application.yml b/jnpf-java-boot/jnpf-admin/src/main/resources/application.yml index 1e7047a..674a441 100644 --- a/jnpf-java-boot/jnpf-admin/src/main/resources/application.yml +++ b/jnpf-java-boot/jnpf-admin/src/main/resources/application.yml @@ -102,6 +102,8 @@ gateway: #- /api/message/Notice #- /api/permission/Users/* # 放行接口(不记录日志) + - /api/scm/wx/hsyLogin + - /api/scm/wx/hsyGetPhone exclude-url: # # 配置示例 #- /api/message/Notice diff --git a/jnpf-java-boot/jnpf-scm/jnpf-scm-controller/src/main/java/jnpf/controller/WxController.java b/jnpf-java-boot/jnpf-scm/jnpf-scm-controller/src/main/java/jnpf/controller/WxController.java new file mode 100644 index 0000000..eaad459 --- /dev/null +++ b/jnpf-java-boot/jnpf-scm/jnpf-scm-controller/src/main/java/jnpf/controller/WxController.java @@ -0,0 +1,113 @@ +package jnpf.controller; + +import com.alibaba.fastjson.JSONObject; +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.tags.Tag; +import jnpf.base.ActionResult; +import jnpf.model.wx.WxLoginParam; +import jnpf.util.wxutil.HttpUtil; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.web.bind.annotation.*; + +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; +import java.security.AlgorithmParameters; +import java.security.Key; +import java.security.Security; +import java.util.Base64; + +@Slf4j +@RestController +@Tag(name = "Wexin" , description = "scm") +@RequestMapping("/api/scm/wx") +public class WxController { + + @Value("${wx.huishouyuan.appid}") + private String appid; + @Value("${wx.huishouyuan.appsecret}") + private String appsecret; + @Value("${wx.code2Session}") + private String code2Session; + + @Operation(summary = "小程序登录-回收员端") + @GetMapping("/hsyLogin") + public String login(@RequestParam("code") String code) { +// System.out.println("===========小程序登录-回收员端============="); +// System.out.println(appid); +// System.out.println(appsecret); +// System.out.println(code2Session); + String url = code2Session+"?appid="+appid+"&secret="+appsecret+"&js_code="+code+"&grant_type=authorization_code"; + return HttpUtil.sendHttpGet(url); + } + + @Operation(summary = "小程序获取绑定的手机号-回收员端") + @PostMapping("/hsyGetPhone") + public String hsyGetPhone(@RequestBody WxLoginParam wxLoginParam) { + String url = code2Session+"?appid="+appid+"&secret="+appsecret+"&js_code="+wxLoginParam.getCode()+"&grant_type=authorization_code"; + String loginResult = HttpUtil.sendHttpGet(url); + JSONObject loginResultObject = JSONObject.parseObject(loginResult); + if(null != loginResultObject.get("errcode")){ + return loginResult; + } + String sessionKey = (String) loginResultObject.get("session_key"); + JSONObject decrypt = decrypt(sessionKey,wxLoginParam.getEncryptedData(), wxLoginParam.getIv()); + decrypt.put("sessionKey",sessionKey); + return decrypt.toString(); + } + + + /** + * 解密成json + * + * @param encryptedData + * @param iv + * @return + */ + public JSONObject decrypt(String sessionKey, String encryptedData, String iv) { + byte[] encryptedDataDecode = Base64.getDecoder().decode(encryptedData); + byte[] sessionKeyDecode = Base64.getDecoder().decode(sessionKey); + byte[] ivDecode = Base64.getDecoder().decode(iv); + Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); + byte[] decodeData = decode(encryptedDataDecode, sessionKeyDecode, ivDecode); + String stringData = new String(decodeData); + JSONObject jsonObject = JSONObject.parseObject(stringData); + return jsonObject; + } + + + /** + * 解密算法 AES-128-CBC + * 填充模式 PKCS#7 + * + * @param encryptedDataDecode 目标密文 + * @return + * @throws Exception + */ + private byte[] decode(byte[] encryptedDataDecode, byte[] sessionKeyDecode, byte[] iv) { + try { + Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding"); + Key sKeySpec = new SecretKeySpec(sessionKeyDecode, "AES"); + cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(iv));// 初始化 + byte[] result = cipher.doFinal(encryptedDataDecode); + return result; + } catch (Exception e) { + throw new RuntimeException(e); + } + } + + /** + * 处理iv + * + * @param iv + * @return + * @throws Exception + */ + private AlgorithmParameters generateIV(byte[] iv) throws Exception { + AlgorithmParameters params = AlgorithmParameters.getInstance("AES"); + params.init(new IvParameterSpec(iv)); + return params; + } + +} diff --git a/jnpf-java-boot/jnpf-scm/jnpf-scm-entity/src/main/java/jnpf/model/wx/WxLoginParam.java b/jnpf-java-boot/jnpf-scm/jnpf-scm-entity/src/main/java/jnpf/model/wx/WxLoginParam.java new file mode 100644 index 0000000..3a39859 --- /dev/null +++ b/jnpf-java-boot/jnpf-scm/jnpf-scm-entity/src/main/java/jnpf/model/wx/WxLoginParam.java @@ -0,0 +1,10 @@ +package jnpf.model.wx; + +import lombok.Data; + +@Data +public class WxLoginParam { + private String code; + private String encryptedData; + private String iv; +}