1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
/** * 获取微信小程序 session_key 和 openid * * @param code 调用微信登陆返回的Code * @return */ public static JSONObject getSessionKeyOropenid(String code) { //微信端登录code值 String wxCode = code; Locale locale = new Locale( "en" , "US" ); ResourceBundle resource = ResourceBundle.getBundle( "config/wx-config" ,locale); //读取属性文件 String requestUrl = resource.getString( "url" ); //请求地址 https://api.weixin.qq.com/sns/jscode2session Map<String, String> requestUrlParam = new HashMap<String, String>(); requestUrlParam.put( "appid" , resource.getString( "appId" )); //开发者设置中的appId requestUrlParam.put( "secret" , resource.getString( "appSecret" )); //开发者设置中的appSecret requestUrlParam.put( "js_code" , wxCode); //小程序调用wx.login返回的code requestUrlParam.put( "grant_type" , resource.getString( "grantType" )); //默认参数 authorization_code //发送post请求读取调用微信 https://api.weixin.qq.com/sns/jscode2session 接口获取openid用户唯一标识 JSONObject jsonObject = JSON.parseObject(sendPost(requestUrl, requestUrlParam)); return jsonObject; } /** * 向指定 URL 发送POST方法的请求 * * @param url 发送请求的 URL * @return 所代表远程资源的响应结果 */ public static String sendPost(String url, Map<String, ?> paramMap) { PrintWriter out = null ; BufferedReader in = null ; String result = "" ; String param = "" ; Iterator<String> it = paramMap.keySet().iterator(); while (it.hasNext()) { String key = it.next(); param += key + "=" + paramMap.get(key) + "&" ; } try { URL realUrl = new URL(url); // 打开和URL之间的连接 URLConnection conn = realUrl.openConnection(); // 设置通用的请求属性 conn.setRequestProperty( "accept" , "*/*" ); conn.setRequestProperty( "connection" , "Keep-Alive" ); conn.setRequestProperty( "Accept-Charset" , "utf-8" ); conn.setRequestProperty( "user-agent" , "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)" ); // 发送POST请求必须设置如下两行 conn.setDoOutput( true ); conn.setDoInput( true ); // 获取URLConnection对象对应的输出流 out = new PrintWriter(conn.getOutputStream()); // 发送请求参数 out.print(param); // flush输出流的缓冲 out.flush(); // 定义BufferedReader输入流来读取URL的响应 in = new BufferedReader( new InputStreamReader(conn.getInputStream(), "UTF-8" )); String line; while ((line = in.readLine()) != null ) { result += line; } } catch (Exception e) { log.error(e.getMessage(), e); } //使用finally块来关闭输出流、输入流 finally { try { if (out != null ) { out.close(); } if (in != null ) { in.close(); } } catch (IOException ex) { ex.printStackTrace(); } } return result; } /** * 解密用户敏感数据获取用户信息 * * @param sessionKey 数据进行加密签名的密钥 * @param encryptedData 包括敏感数据在内的完整用户信息的加密数据 * @param iv 加密算法的初始向量 * @return * */ public static JSONObject getUserInfo(String encryptedData, String sessionKey, String iv) { // 被加密的数据 byte [] dataByte = Base64Util.decodeByte(encryptedData); // 加密秘钥 byte [] keyByte = Base64Util.decodeByte(sessionKey); // 偏移量 byte [] ivByte = Base64Util.decodeByte(iv); try { // 如果密钥不足16位,那么就补足. 这个if 中的内容很重要 int base = 16 ; if (keyByte.length % base != 0 ) { int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0 ); byte [] temp = new byte [groups * base]; Arrays.fill(temp, ( byte ) 0 ); System.arraycopy(keyByte, 0 , temp, 0 , keyByte.length); keyByte = temp; } // 初始化 Security.addProvider( new BouncyCastleProvider()); Cipher cipher = Cipher.getInstance( "AES/CBC/PKCS7Padding" , "BC" ); SecretKeySpec spec = new SecretKeySpec(keyByte, "AES" ); AlgorithmParameters parameters = AlgorithmParameters.getInstance( "AES" ); parameters.init( new IvParameterSpec(ivByte)); cipher.init(Cipher.DECRYPT_MODE, spec, parameters); // 初始化 byte [] resultByte = cipher.doFinal(dataByte); if ( null != resultByte && resultByte.length > 0 ) { String result = new String(resultByte, "UTF-8" ); return JSON.parseObject(result); } } catch (NoSuchAlgorithmException e) { log.error(e.getMessage(), e); } catch (NoSuchPaddingException e) { log.error(e.getMessage(), e); } catch (InvalidParameterSpecException e) { log.error(e.getMessage(), e); } catch (IllegalBlockSizeException e) { log.error(e.getMessage(), e); } catch (BadPaddingException e) { log.error(e.getMessage(), e); } catch (UnsupportedEncodingException e) { log.error(e.getMessage(), e); } catch (InvalidKeyException e) { log.error(e.getMessage(), e); } catch (InvalidAlgorithmParameterException e) { log.error(e.getMessage(), e); } catch (NoSuchProviderException e) { log.error(e.getMessage(), e); } return null ; } |