blame | history | raw
jyy
2021-03-16 2511686fa3bcc154dad551a4bc8ef6839037a8c7 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150

package com.matrix.component.dingding;


 


import com.alibaba.fastjson.JSONObject;


import com.dingtalk.api.DefaultDingTalkClient;


import com.dingtalk.api.request.OapiGetJsapiTicketRequest;


import com.dingtalk.api.request.OapiGettokenRequest;


import com.dingtalk.api.response.OapiGetJsapiTicketResponse;


import com.dingtalk.api.response.OapiGettokenResponse;


import com.matrix.core.tools.StringUtils;


import com.taobao.api.ApiException;


 


import java.io.UnsupportedEncodingException;


import java.security.MessageDigest;


import java.security.NoSuchAlgorithmException;


import java.text.SimpleDateFormat;


import java.util.Formatter;


import java.util.HashMap;


import java.util.Map;


 


 


/**


 * @author jiangyouyao


 * @description 钉钉授权凭证工具


 */


public class AuthHelper {


 


    public static SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");


 


    /**


     * 在此方法中,为了避免频繁获取access_token,


     * 在距离上一次获取access_token时间在两个小时之内的情况,


     * 将直接从持久化存储中读取access_token


     * 


     * 因为access_token和jsapi_ticket的过期时间都是7200秒


     * 所以在获取access_token的同时也去获取了jsapi_ticket


     * 注:jsapi_ticket是在前端页面JSAPI做权限验证配置的时候需要使用的


     * 具体信息请查看开发者文档--权限验证配置


     */


    public static String getAccessToken() throws OApiException {


        DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/gettoken");


        OapiGettokenRequest request = new OapiGettokenRequest();


        request.setAppkey(DDEnvConfig.APPKEY);


        request.setAppsecret(DDEnvConfig.APPSECRET);


        request.setHttpMethod("GET");


        OapiGettokenResponse response=null;


        try {


             response =    client.execute(request);


        } catch (ApiException e) {


            e.printStackTrace();


        }


        return response.getAccessToken();


    }


 


    /**


     *正常的情况下,jsapi_ticket的有效期为7200秒,所以开发者需要在某个地方设计一个定时器,定期去更新jsapi_ticket


      */


    public static String getJsapiTicket(String accessToken) throws OApiException {


        


        String jsTicket = "";


        DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/get_jsapi_ticket");


        OapiGetJsapiTicketRequest req = new OapiGetJsapiTicketRequest();


        req.setTopHttpMethod("GET");


        OapiGetJsapiTicketResponse execute=null;


        try {


            execute = client.execute(req, accessToken);


        } catch (ApiException e) {


            e.printStackTrace();


        }


        jsTicket= execute.getTicket();


        return jsTicket;


        


    }


 


    public static String sign(String ticket, String nonceStr, long timeStamp, String url) throws OApiException {


        String plain = "jsapi_ticket=" + ticket + "&noncestr=" + nonceStr + "&timestamp=" + String.valueOf(timeStamp)


                + "&url=" + url;


        try {


            MessageDigest sha1 = MessageDigest.getInstance("SHA-1");


            sha1.reset();


            sha1.update(plain.getBytes("UTF-8"));


            return bytesToHex(sha1.digest());


        } catch (NoSuchAlgorithmException e) {


            throw new OApiResultException(e.getMessage());


        } catch (UnsupportedEncodingException e) {


            throw new OApiResultException(e.getMessage());


        }


    }


 


    private static String bytesToHex(byte[] hash) {


        Formatter formatter = new Formatter();


        for (byte b : hash) {


            formatter.format("%02x", b);


        }


        String result = formatter.toString();


        formatter.close();


        return result;


    }


    


    /**


     * @Description: 得到页面验证参数


     * @author:dingchuan


     * @return


     * 返回类型 String


     * @date 2016年11月27日


     */


    public static Map getConfig() {


        String url= DDEnvConfig.URL;


        String nonceStr = StringUtils.getRandomString(10);


        long timeStamp = System.currentTimeMillis();


        String signedUrl = url;


        String accessToken = null;


        String ticket = null;


        String signature = null;


        Long agentid = null;


        try {


            accessToken = AuthHelper.getAccessToken();           


            ticket = AuthHelper.getJsapiTicket(accessToken);


            signature = AuthHelper.sign(ticket, nonceStr, timeStamp, signedUrl);


            agentid = DDEnvConfig.AGENT_ID;


        } catch (OApiException  e) {


            e.printStackTrace();


        }


        Map<String,String> map= new HashMap<>();


 


        map.put("jsticket",ticket);


        map.put("signature",signature);


        map.put("nonceStr",nonceStr);


        map.put("timeStamp",timeStamp+"");


        map.put("corpId", DDEnvConfig.CORP_ID);


        map.put("agentid",agentid+"");


 


        return map;


    }


 


 


 


    public static String getSsoToken() throws OApiException {


        String url = "https://oapi.dingtalk.com/sso/gettoken?corpid=" + DDEnvConfig.CORP_ID + "&corpsecret=" + DDEnvConfig.SSO_SECRET;


        JSONObject response = HttpHelper.httpGet(url);


        String ssoToken;


        if (response.containsKey("access_token")) {


            ssoToken = response.getString("access_token");


        } else {


            throw new OApiResultException("Sso_token");


        }


        return ssoToken;


 


    }


 


}