From 0123a8451ee6cec9cee398919e0e68ad58974293 Mon Sep 17 00:00:00 2001
From: xiaoyong931011 <15274802129@163.com>
Date: Wed, 26 Jul 2023 15:24:33 +0800
Subject: [PATCH] 短信认证
---
src/main/java/cc/mrbird/febs/pay/util/WechatEventUtil.java | 176 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 171 insertions(+), 5 deletions(-)
diff --git a/src/main/java/cc/mrbird/febs/pay/util/WechatEventUtil.java b/src/main/java/cc/mrbird/febs/pay/util/WechatEventUtil.java
index b2b3b52..d13639a 100644
--- a/src/main/java/cc/mrbird/febs/pay/util/WechatEventUtil.java
+++ b/src/main/java/cc/mrbird/febs/pay/util/WechatEventUtil.java
@@ -15,9 +15,7 @@
import org.dom4j.io.SAXReader;
import javax.servlet.http.HttpServletRequest;
-import java.io.BufferedInputStream;
-import java.io.File;
-import java.io.FileOutputStream;
+import java.io.*;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
@@ -28,10 +26,11 @@
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
+import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.client.RestTemplate;
-import java.io.InputStream;
import java.util.*;
+import java.util.concurrent.TimeUnit;
/**
* <pre>
@@ -46,6 +45,10 @@
@Autowired
private AgentProducer agentProducer;
+
+
+ @Autowired
+ RestTemplate restTemplate;
private static Logger log = LoggerFactory.getLogger(WechatEventUtil.class);
@@ -251,7 +254,7 @@
* @return
*/
public String getTicket(String qrCodeParam) {
- RestTemplate restTemplate = new RestTemplate();
+// RestTemplate restTemplate = new RestTemplate();
String ticket = null;
// 拼接请求地址
String CREATE_QRCODE_URL = "https://api.weixin.qq.com/cgi-bin/qrcode/create?access_token=TOKEN";
@@ -323,7 +326,170 @@
return urlPrefix+"/"+imgName;
}
+//
+// String timestamp = String.format("%010d", System.currentTimeMillis() / 1000);
+//
+// public static String createSignature(String nocestr, String ticket, String timestamp, String url) {
+// // 这里参数的顺序要按照 key 值 ASCII 码升序排序
+// String s = "jsapi_ticket=" + ticket + "&noncestr=" + nocestr
+// + "×tamp=" + timestamp + "&url=" + url;
+// return SHA1(s);
+// }
+//
+// public static String SHA1(String decript) {
+// try {
+// MessageDigest digest = java.security.MessageDigest.getInstance("SHA-1");
+// digest.update(decript.getBytes());
+// byte messageDigest[] = digest.digest();
+// // Create Hex String
+// StringBuffer hexString = new StringBuffer();
+// // 字节数组转换为 十六进制 数
+// for (int i = 0; i < messageDigest.length; i++) {
+// String shaHex = Integer.toHexString(messageDigest[i] & 0xFF);
+// if (shaHex.length() < 2) {
+// hexString.append(0);
+// }
+// hexString.append(shaHex);
+// }
+// return hexString.toString();
+//
+// } catch (NoSuchAlgorithmException e) {
+// e.printStackTrace();
+// }
+// return "";
+// }
public static void main(String[] args) {
}
+
+ //代码示例
+ public Map<String, Object> ticket(String url) {
+ String ticket = null;
+ //从redis内获取 如果空说明第一次获取或已过期
+ if(ObjectUtil.isEmpty(redisUtils.get("ticket"))){
+ ticket = getTicket();
+ }
+ Map<String, String> data = new HashMap<>();
+ //生成10位时间戳
+ String timestamp = String.format("%010d", System.currentTimeMillis() / 1000);
+ data.put("timestamp", timestamp );
+ //生成随机字符串
+ String nonceStr = createNonceStr();
+ data.put("noncestr", nonceStr );
+ data.put("url", url);
+ data.put("jsapi_ticket", ticket);
+ String signature = null;
+ try {
+ signature = generateSignature(data);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+
+ //签名算法
+ String sha1 = SHA1(signature);
+ Map<String, Object> map = new HashMap<>(16);
+ map.put("timestamp", timestamp);
+ map.put("nonceStr", nonceStr);
+ map.put("signature", sha1);
+ return map;
+ }
+
+
+
+ private static final String str = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+
+ public static String createNonceStr() {
+ String nonceStr = "";
+ for (int i = 0; i < 16; i++) {
+ int beginIndex = (int) Math.round(Math.random() * 10);
+ nonceStr += str.substring(beginIndex, beginIndex + 1);
+ }
+ return nonceStr;
+ }
+
+
+ /**
+ *
+ */
+ private String getTicket() {
+ //从redis 获取access_token
+ String accessToken = redisUtils.get(WechatConfigure.WX_ACCESS_TOKEN_REDIS_KEY).toString();
+ if (StrUtil.isBlank(accessToken)) {
+ //获取access_token 自行实现
+ return null;
+ }
+ //请求接口
+ String url = "https://api.weixin.qq.com/cgi-bin/ticket/getticket";
+ Map<String, String> param = new HashMap<>(16);
+ param.put("access_token", accessToken);
+ param.put("type", "jsapi");
+ String getAccessTokenUrl = url
+ + "?access_token=" + accessToken
+ + "&type=jsapi";
+ JSONObject jsonObject = restTemplate.getForObject(getAccessTokenUrl, JSONObject.class);
+
+ int errcode = jsonObject.getInteger("errcode");
+ String errmsg = jsonObject.getString("errmsg");
+ if (errcode == 0 && "ok".equals(errmsg)) {
+ String ticket = jsonObject.getString("ticket");
+ Integer expiresIn = jsonObject.getInteger("expires_in");
+ redisUtils.set("ticket", ticket, expiresIn);
+ return ticket;
+ }
+ return null;
+ }
+
+
+
+ /**
+ *SHA1签名算法
+ */
+ public static String SHA1(String decript) {
+ try {
+ MessageDigest digest = java.security.MessageDigest.getInstance("SHA-1");
+ digest.update(decript.getBytes());
+ byte messageDigest[] = digest.digest();
+ // Create Hex String
+ StringBuffer hexString = new StringBuffer();
+ // 字节数组转换为 十六进制 数
+ for (int i = 0; i < messageDigest.length; i++) {
+ String shaHex = Integer.toHexString(messageDigest[i] & 0xFF);
+ if (shaHex.length() < 2) {
+ hexString.append(0);
+ }
+ hexString.append(shaHex);
+ }
+ return hexString.toString();
+
+ } catch (NoSuchAlgorithmException e) {
+ e.printStackTrace();
+ }
+ return "";
+ }
+
+
+ /**
+ * 生成签名
+ *
+ * @param data 待签名数据
+ * @return 签名
+ */
+ public static String generateSignature(final Map<String, String> data) throws Exception {
+ Set<String> keySet = data.keySet();
+ String[] keyArray = keySet.toArray(new String[keySet.size()]);
+ Arrays.sort(keyArray);
+ StringBuilder sb = new StringBuilder();
+ for (String k : keyArray) {
+ String value = data.get(k).toString();
+ if (k.equals("sign")) {
+ continue;
+ }
+ if (value.trim().length() > 0) // 参数值为空,则不参与签名
+ {
+ sb.append(k).append("=").append(value.trim()).append("&");
+ }
+ }
+ return sb.toString();
+ }
+
}
--
Gitblit v1.9.1