--no commit message

240c1f15 · yucaiwei · ad86b21b · 240c1f15 · 240c1f15 · 240c1f15
--- a/com.zrqx.third/src/main/java/com/zrqx/third/wechatlogin/WeChatLoginXcxController.java
+++ b/com.zrqx.third/src/main/java/com/zrqx/third/wechatlogin/WeChatLoginXcxController.java
@@ -9,7 +9,10 @@ import io.swagger.annotations.ApiOperation;
 import javax.servlet.http.HttpServletRequest;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -17,10 +20,12 @@ import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.zrqx.core.enums.ResponseCodeEnum;
 import com.zrqx.core.exception.BaseException;
+import com.zrqx.core.form.third.wecharlogin.WecharXcxGetPhoneForm;
 import com.zrqx.core.model.third.wechartlogin.WeChartThirdReturn;
 import com.zrqx.core.util.response.CallBack;
 import com.zrqx.third.constant.RequestPath;
 import com.zrqx.third.util.HttpsUtils;
+import com.zrqx.third.wechatlogin.config.WXCore;
 import com.zrqx.third.wechatlogin.config.WeChatLoginXcxConfig;
 /** 微信登录
@@ -38,7 +43,7 @@ public class WeChatLoginXcxController {
 	public CallBack<WeChartThirdReturn> query(String code,HttpServletRequest request) throws Exception{
 		String appid="appid="+WeChatLoginXcxConfig.APPID;
 		String secret="&secret="+WeChatLoginXcxConfig.SECRET;
-		String code1="&code="+code;
+		String code1="&js_code="+code;
 		String grant_type="&grant_type="+WeChatLoginXcxConfig.GRANT_TYPE;
 		//调用微信接口获得openid和access_token
 		String param=appid+secret+code1+grant_type;
@@ -50,16 +55,29 @@ public class WeChatLoginXcxController {
 		}
 		//唯一标识用户的 openId
 		String openId=object.get("openid").toString();
-		//用户昵称
+		String session_key=object.get("session_key").toString();
-		String nickname=object.get("nickname").toString();
-		//用户头像
-		String headimgurl=object.get("headimgurl").toString();
 		WeChartThirdReturn user=new WeChartThirdReturn();
 		user.setOpenid(openId);
-		user.setNickname(nickname);
+		user.setSession_key(session_key);
-		user.setHeadImgUrl(headimgurl);
 		return CallBack.success(user);
 	}
+	//获取手机号,解密
+	@ApiOperation(value = "获取手机号", notes = "获取手机号")
+	@PostMapping(RequestPath.GET+RequestPath.PHONE)
+	private CallBack<String> getPhoneNumber(@RequestBody WecharXcxGetPhoneForm form){
+		String appId=WeChatLoginXcxConfig.APPID;
+		String sessionKey = form.getSession_key();
+		String encryptedData = form.getEncryptedData();
+		String iv = form.getIv();
+		String str = WXCore.decrypt(appId, encryptedData, sessionKey, iv);
+		JSONObject jsonObject = JSONObject.parseObject(str);
+    	String phone = jsonObject.getString("phoneNumber");
+    	if(StringUtils.isBlank(phone)){
+    		return CallBack.fail("获取失败");
+    	}
+	    return CallBack.success(phone);
+	}
 }
--- a/com.zrqx.third/src/main/java/com/zrqx/third/wechatlogin/config/AES.java
+++ b/com.zrqx.third/src/main/java/com/zrqx/third/wechatlogin/config/AES.java
+package com.zrqx.third.wechatlogin.config;
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Security;
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+/**
+ * AES加密
+ *
+ */
+public class AES {
+	public static boolean initialized = false;
+	/**
+	 * AES解密
+	 * 
+	 * @param content
+	 *            密文
+	 * @return
+	 * @throws InvalidAlgorithmParameterException
+	 * @throws NoSuchProviderException
+	 */
+	public byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException {
+		initialize();
+		try {
+			Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
+			Key sKeySpec = new SecretKeySpec(keyByte, "AES");
+			cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化
+			byte[] result = cipher.doFinal(content);
+			return result;
+		} catch (NoSuchAlgorithmException e) {
+			e.printStackTrace();
+		} catch (NoSuchPaddingException e) {
+			e.printStackTrace();
+		} catch (InvalidKeyException e) {
+			e.printStackTrace();
+		} catch (IllegalBlockSizeException e) {
+			e.printStackTrace();
+		} catch (BadPaddingException e) {
+			e.printStackTrace();
+		} catch (NoSuchProviderException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		} catch (Exception e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		}
+		return null;
+	}
+	public static void initialize() {
+		if (initialized)
+			return;
+		Security.addProvider(new BouncyCastleProvider());
+		initialized = true;
+	}
+	// 生成iv
+	public static AlgorithmParameters generateIV(byte[] iv) throws Exception {
+		AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
+		params.init(new IvParameterSpec(iv));
+		return params;
+	}
+}
--- a/com.zrqx.third/src/main/java/com/zrqx/third/wechatlogin/config/WXCore.java
+++ b/com.zrqx.third/src/main/java/com/zrqx/third/wechatlogin/config/WXCore.java
+package com.zrqx.third.wechatlogin.config;
+import org.apache.commons.codec.binary.Base64;
+import com.alibaba.fastjson.JSONObject;
+/**
+ * 封装对外访问方法
+ *
+ */
+public class WXCore {
+	private static final String WATERMARK = "watermark";
+	private static final String APPID = "appid";
+	/**
+	 * 解密数据
+	 * @return
+	 * @throws Exception
+	 */
+	public static String decrypt(String appId, String encryptedData, String sessionKey, String iv){
+		String result = "";
+		try {
+			AES aes = new AES();  
+		    byte[] resultByte = aes.decrypt(Base64.decodeBase64(encryptedData), Base64.decodeBase64(sessionKey), Base64.decodeBase64(iv));  
+		    if(null != resultByte && resultByte.length > 0){  
+		        result = new String(WxPKCS7Encoder.decode(resultByte));  
+		    	JSONObject jsonObject = JSONObject.parseObject(result);
+		    	String decryptAppid = jsonObject.getJSONObject(WATERMARK).getString(APPID);
+		    	if(!appId.equals(decryptAppid)){
+		    		result = "";
+		    	}
+	        }  
+		} catch (Exception e) {
+			result = "";
+			e.printStackTrace();
+		}
+	    return result;
+	}
+	public static void main(String[] args) throws Exception{
+	   String appId = "wx8be2cb2a503c6bad";
+	   String encryptedData = "rxOMA/+mOM+O1TL4ami24Ek4oh1HVKaDWhrLdHRHKqldw0M8HK46VD1YcOGJPBedH2D8zyKR4dx5gmNmcF1W42tHwhd+Q7jFxZ0HuIPdZcKaQ8LVl1ADLemoqHVeErheoICBySxiEHEuwVwV4BfiBpzDnprDrXfqJAUsRpN6TqdCqzmBJyZhO5sV13wRCGXXe8QuFbPomMuj75OqY5NC/w==";
+	   String sessionKey = "G/VGyQV+yt7kE8fCtuBsMA==";
+	   String iv = "OZ8lmwEyzueW92osjXGJgA==";
+	   String str = decrypt(appId, encryptedData, sessionKey, iv);
+	   System.out.println(str);
+	   JSONObject jsonObject = JSONObject.parseObject(str);
+	   String phoneNumber = jsonObject.getString("phoneNumber");
+       System.out.println(phoneNumber);
+    }
+}
--- a/com.zrqx.third/src/main/java/com/zrqx/third/wechatlogin/config/WeChatLoginXcxConfig.java
+++ b/com.zrqx.third/src/main/java/com/zrqx/third/wechatlogin/config/WeChatLoginXcxConfig.java
@@ -5,7 +5,7 @@ public class WeChatLoginXcxConfig {
 	public final static String APPID = "wx8be2cb2a503c6bad";
 	//密钥AppSecret
-	public final static String SECRET = "ea31181b8ee6714a3fc9f2462eef7bb8";
+	public final static String SECRET = "0688f11dcf73931de7354cddefd78894";
 	//固定值 填写  authorization_code
 	public final static String GRANT_TYPE = "authorization_code";
@@ -23,4 +23,5 @@ public class WeChatLoginXcxConfig {
 		String param=appid+secret+code1+grant_type;
 		return param;
 	}
 }
--- a/com.zrqx.third/src/main/java/com/zrqx/third/wechatlogin/config/WxPKCS7Encoder.java
+++ b/com.zrqx.third/src/main/java/com/zrqx/third/wechatlogin/config/WxPKCS7Encoder.java
+package com.zrqx.third.wechatlogin.config;
+import java.nio.charset.Charset;
+import java.util.Arrays;
+/**
+ * 微信小程序加解密
+ *
+ */
+public class WxPKCS7Encoder {
+	private static final Charset CHARSET = Charset.forName("utf-8");
+	private static final int BLOCK_SIZE = 32;
+	/**
+	 * 获得对明文进行补位填充的字节.
+	 *
+	 * @param count
+	 *            需要进行填充补位操作的明文字节个数
+	 * @return 补齐用的字节数组
+	 */
+	public static byte[] encode(int count) {
+		// 计算需要填充的位数
+		int amountToPad = BLOCK_SIZE - (count % BLOCK_SIZE);
+		if (amountToPad == 0) {
+			amountToPad = BLOCK_SIZE;
+		}
+		// 获得补位所用的字符
+		char padChr = chr(amountToPad);
+		String tmp = new String();
+		for (int index = 0; index < amountToPad; index++) {
+			tmp += padChr;
+		}
+		return tmp.getBytes(CHARSET);
+	}
+	/**
+	 * 删除解密后明文的补位字符
+	 *
+	 * @param decrypted
+	 *            解密后的明文
+	 * @return 删除补位字符后的明文
+	 */
+	public static byte[] decode(byte[] decrypted) {
+		int pad = decrypted[decrypted.length - 1];
+		if (pad < 1 || pad > 32) {
+			pad = 0;
+		}
+		return Arrays.copyOfRange(decrypted, 0, decrypted.length - pad);
+	}
+	/**
+	 * 将数字转化成ASCII码对应的字符，用于对明文进行补码
+	 *
+	 * @param a
+	 *            需要转化的数字
+	 * @return 转化得到的字符
+	 */
+	public static char chr(int a) {
+		byte target = (byte) (a & 0xFF);
+		return (char) target;
+	}
+}