czg_team/cashier_server
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

微信获取手机号加解密修改

Browse Source
This commit is contained in:
张松
2025-03-11 11:06:02 +08:00
parent 1e43db1908
commit 420a305e6e
3 changed files with 66 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cash-api/account-server/src/main/java/com/czg/controller/admin/ShopInfoController.java
View File

@@ -33,7 +33,7 @@ public class ShopInfoController {
* 权限标识: shopInfo:list
*/
@SaAdminCheckRole("管理员")
@SaAdminCheckPermission("shopInfo:list")
@SaAdminCheckPermission(value = "shopInfo:list", name = "店铺列表")
@GetMapping
public CzgResult<Page<ShopInfo>> get(PageDTO pageDTO, String shopName, Integer status) {
return CzgResult.success(shopInfoService.get(pageDTO, shopName, status));
@@ -57,7 +57,7 @@ public class ShopInfoController {
* 权限标识: shopInfo:add
*/
@SaAdminCheckRole("管理员")
@SaAdminCheckPermission("shopInfo:add")
@SaAdminCheckPermission(value = "shopInfo:add", name = "店铺添加")
@PostMapping
public CzgResult<?> add(@RequestBody @Validated ShopInfoAddDTO shopInfoAddDTO) {
return CzgResult.success(shopInfoService.add(shopInfoAddDTO));
@@ -68,7 +68,7 @@ public class ShopInfoController {
* 权限标识: shopInfo:edit
*/
@SaAdminCheckRole("管理员")
@SaAdminCheckPermission("shopInfo:edit")
@SaAdminCheckPermission(value = "shopInfo:edit", name = "店铺编辑")
@PutMapping
public CzgResult<?> edit(@RequestBody @Validated ShopInfoEditDTO shopInfoEditDTO) {
return CzgResult.success(shopInfoService.edit(shopInfoEditDTO));
@@ -79,7 +79,7 @@ public class ShopInfoController {
* 权限标识: shopInfo:del
*/
@SaAdminCheckRole("管理员")
@SaAdminCheckPermission("shopInfo:del")
@SaAdminCheckPermission(value = "shopInfo:del", name = "店铺删除")
@DeleteMapping
public CzgResult<?> delete(@RequestParam Integer shopId) {
return CzgResult.success(shopInfoService.remove(new QueryWrapper().eq(ShopInfo::getId, shopId)));

63
cash-service/account-service/src/main/java/com/czg/service/account/service/impl/UserAuthorizationServiceImpl.java
View File

@@ -1,8 +1,10 @@
package com.czg.service.account.service.impl;
//import cn.binarywang.wx.miniapp.util.crypt.WxMaCryptUtils;
import cn.hutool.core.codec.Base64;
import cn.hutool.core.date.DateUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.symmetric.AES;
import com.alibaba.fastjson2.JSONObject;
import com.czg.account.dto.auth.GetPhoneDTO;
import com.czg.account.dto.auth.LoginTokenDTO;
@@ -51,37 +53,36 @@ public class UserAuthorizationServiceImpl implements UserAuthorizationService {
@Override
public String getPhone(GetPhoneDTO phoneDTO) {
// String mobile;
// String openId;
// UserInfo userInfo = null;
// if (UserAuthSourceEnum.ALIPAY.getValue().equals(phoneDTO.getSource())) {
// openId = alipayUtil.getOpenId(phoneDTO.getCode(), true);
// mobile = alipayUtil.getMobile(phoneDTO.getEncryptedData());
// if (StrUtil.isNotBlank(openId)) {
// userInfo = userInfoService.queryChain().eq(UserInfo::getWechatOpenId, openId).one();
// }
// } else {
// JSONObject session = wechatAuthUtil.getSession(phoneDTO.getCode());
// String sessionKey = session.getString("session_key");
// openId = session.getString("openid");
// if (StrUtil.isNotBlank(openId)) {
// userInfo = userInfoService.queryChain().eq(UserInfo::getAlipayOpenId, openId).one();
// }
// String data = WxMaCryptUtils.decrypt(sessionKey, phoneDTO.getEncryptedData(), phoneDTO.getIv());
// JSONObject jsonObject = JSONObject.parseObject(data);
// if (jsonObject.containsKey("phoneNumber")) {
// mobile = jsonObject.getString("phoneNumber");
// }else {
// throw new ApiNotPrintException("手机号获取失败");
// }
// }
//
// if (userInfo != null) {
// userInfo.setPhone(mobile);
// userInfoService.updateById(userInfo);
// }
// return mobile;
return "123";
String mobile;
String openId;
UserInfo userInfo = null;
if (UserAuthSourceEnum.ALIPAY.getValue().equals(phoneDTO.getSource())) {
openId = alipayUtil.getOpenId(phoneDTO.getCode(), true);
mobile = alipayUtil.getMobile(phoneDTO.getEncryptedData());
if (StrUtil.isNotBlank(openId)) {
userInfo = userInfoService.queryChain().eq(UserInfo::getWechatOpenId, openId).one();
}
} else {
JSONObject session = wechatAuthUtil.getSession(phoneDTO.getCode());
String sessionKey = session.getString("session_key");
openId = session.getString("openid");
if (StrUtil.isNotBlank(openId)) {
userInfo = userInfoService.queryChain().eq(UserInfo::getAlipayOpenId, openId).one();
}
String data = WechatAuthUtil.decrypt(sessionKey, phoneDTO.getEncryptedData(), phoneDTO.getIv());
JSONObject jsonObject = JSONObject.parseObject(data);
if (jsonObject.containsKey("phoneNumber")) {
mobile = jsonObject.getString("phoneNumber");
}else {
throw new ApiNotPrintException("手机号获取失败");
}
}
if (userInfo != null) {
userInfo.setPhone(mobile);
userInfoService.updateById(userInfo);
}
return mobile;
}
@Override

45
cash-service/account-service/src/main/java/com/czg/service/account/util/WechatAuthUtil.java
View File

@@ -1,6 +1,8 @@
package com.czg.service.account.util;
import cn.hutool.core.codec.Base64;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.symmetric.AES;
import cn.hutool.http.HttpUtil;
import com.alibaba.fastjson2.JSON;
import com.alibaba.fastjson2.JSONObject;
@@ -8,6 +10,7 @@ import com.czg.resp.CzgResult;
import com.czg.system.dto.SysParamsDTO;
import com.czg.system.service.SysParamsService;
import jakarta.annotation.PostConstruct;
import jakarta.validation.constraints.NotBlank;
import lombok.extern.slf4j.Slf4j;
import org.apache.dubbo.config.annotation.DubboReference;
import org.springframework.stereotype.Component;
@@ -25,31 +28,30 @@ public class WechatAuthUtil {
@DubboReference(check = false)
private SysParamsService sysParamsService;
// @Value("${wx.appId}")
// @Value("${wx.appId}")
private String appId;
// @Value("${wx.secrete}")
// @Value("${wx.secrete}")
private String secrete;
// @Value("${wx.account.appId}")
// @Value("${wx.account.appId}")
private String accountAppId;
// @Value("${wx.account.secrete}")
// @Value("${wx.account.secrete}")
private String accountSecrete;
static LinkedHashMap<String,String> linkedHashMap=new LinkedHashMap<>();
static LinkedHashMap<String, String> linkedHashMap = new LinkedHashMap<>();
static {
linkedHashMap.put("40001","获取 access_token 时 AppSecret 错误,或者 access_token 无效。请开发者认真比对 AppSecret 的正确性,或查看是否正在为恰当的公众号调用接口");
linkedHashMap.put("40003","不合法的 OpenID ,请开发者确认 OpenID (该用户)是否已关注公众号,或是否是其他公众号的 OpenID");
linkedHashMap.put("40014","不合法的 access_token ,请开发者认真比对 access_token 的有效性(如是否过期),或查看是否正在为恰当的公众号调用接口");
linkedHashMap.put("40037","不合法的 template_id");
linkedHashMap.put("43101","用户未订阅消息");
linkedHashMap.put("43107","订阅消息能力封禁");
linkedHashMap.put("43108","并发下发消息给同一个粉丝");
linkedHashMap.put("45168","命中敏感词");
linkedHashMap.put("47003","参数错误");
linkedHashMap.put("40001", "获取 access_token 时 AppSecret 错误,或者 access_token 无效。请开发者认真比对 AppSecret 的正确性,或查看是否正在为恰当的公众号调用接口");
linkedHashMap.put("40003", "不合法的 OpenID ,请开发者确认 OpenID (该用户)是否已关注公众号,或是否是其他公众号的 OpenID");
linkedHashMap.put("40014", "不合法的 access_token ,请开发者认真比对 access_token 的有效性(如是否过期),或查看是否正在为恰当的公众号调用接口");
linkedHashMap.put("40037", "不合法的 template_id");
linkedHashMap.put("43101", "用户未订阅消息");
linkedHashMap.put("43107", "订阅消息能力封禁");
linkedHashMap.put("43108", "并发下发消息给同一个粉丝");
linkedHashMap.put("45168", "命中敏感词");
linkedHashMap.put("47003", "参数错误");
}
@@ -116,4 +118,17 @@ public class WechatAuthUtil {
public String getSessionKeyOrOpenId(String code, boolean isAccount) {
return getSessionKey(code, "openid");
}
public static String decrypt(String sessionKey, @NotBlank(message = "数据不能为空") String encryptedData, String iv) {
// Base64 解码
byte[] keyBytes = Base64.decode(sessionKey);
byte[] encryptedBytes = Base64.decode(encryptedData);
byte[] ivBytes = Base64.decode(iv);
// 使用 Hutool 进行 AES-CBC 解密
AES aes = new AES("CBC", "PKCS5Padding", keyBytes, ivBytes);
byte[] decryptedBytes = aes.decrypt(encryptedBytes);
return new String(decryptedBytes, java.nio.charset.StandardCharsets.UTF_8);
}
}