依赖:
<dependency>
<groupId>org.codehaus.xfire</groupId>
<artifactId>xfire-core</artifactId>
<version>1.2.6</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk16</artifactId>
<version>1.46</version>
</dependency>前台
// 登录
wx.login({
success: function (res_login) {
if (res_login.code) {
wx.getUserInfo({
success: function (res) {
console.log('appid ====> ' + res.encryptedData)
console.log('res_login ====> ' + res_login.code)
var jsonData = {
code: res_login.code,
encryptedData: res.encryptedData,
iv: res.iv
};
wx.request({
// 路径 http://localhost:8080 + 项目名 + 接口名
url: 'http://localhost:8080/freeter-admin/user/user/decodeUserInfo',
header: { 'Content-Type': 'application/x-www-form-urlencoded' },//
POST ==> application/x-www-form-urlencoded ; GET ==> application/json
// 注意 POST请求
method: 'POST',
data: jsonData,
success: res => {
wx.hideLoading()
this.setData({
projectlist: res.data.content
})
}
})
}
})
}
}
})有错误 ==》 更改
getUserInfo: function (e) {
app.globalData.userInfo = e.detail.userInfo
this.setData({
userInfo: e.detail.userInfo,
hasUserInfo: true
})
console.log(app.globalData.sessionKey)
wx.login({
success: function (res_login) {
if (res_login.code) {
wx.request({
url: 'http://localhost:8080/freeter-admin/user/user/decodeUserInfo',
method: 'POST',
header: { 'content-type': 'application/x-www-form-urlencoded'},
data: {
code: res_login.code,
encryptedData: e.detail.encryptedData,
iv: e.detail.iv,
test : 111
},
success: function (res) {
console.log(res)
}
})
}
}
})后台:
@ResponseBody
@RequestMapping(value = "/decodeUserInfo",method = RequestMethod.POST)
public R login(@RequestParam("encryptedData") String encryptedData,@RequestParam("iv") String iv,@RequestParam("code") String code) {
if(!StringUtils.isNotBlank(code)){
return R.ok().put("未获取到用户凭证code",202);
}
String appid = "wxxxxxx723"; // ==> 去微信公众号平台获取申请
String appSecret = "c1ddxxxxxxxfa798"; // ==> 去微信公众号平台获取申请
// String grantType = "authorization_code"; //固定写法 ==》 此处拿到的数据需要解码
String apiUrl="https://api.weixin.qq.com/sns/jscode2session?appid="+appid+"&secret="+appSecret+"&js_code="+code+"&grant_type=authorization_code";
String responseBody = HttpClientUtil.doGet(apiUrl);
JSONObject jsonObject = JSON.parseObject(responseBody);
if(StringUtils.isNotBlank(jsonObject.getString("openid")) && StringUtils.isNotBlank(jsonObject.getString("session_key"))){
System.out.println("jsonObject.getString(\'session_key\') ==> " + jsonObject.getString("session_key"));
//解密获取用户信息
JSONObject userInfoJSON = new WechatGetUserInfoUtil().getUserInfo(encryptedData,jsonObject.getString("session_key"),iv);
if(userInfoJSON!=null){
//这步应该set进实体类
Map userInfo = new HashMap();
userInfo.put("openId", userInfoJSON.get("openId"));
userInfo.put("nickName", userInfoJSON.get("nickName"));
userInfo.put("gender", userInfoJSON.get("gender"));
userInfo.put("city", userInfoJSON.get("city"));
userInfo.put("province", userInfoJSON.get("province"));
userInfo.put("country", userInfoJSON.get("country"));
userInfo.put("avatarUrl", userInfoJSON.get("avatarUrl"));
// 解密unionId & openId;
if (userInfoJSON.get("unionId")!=null) {
userInfo.put("unionId", userInfoJSON.get("unionId"));
}
//然后根据openid去数据库判断有没有该用户信息,若没有则存入数据库,有则返回用户数据
Map<String,Object> dataMap = new HashMap<>();
dataMap.put("userInfo", userInfo);
String uuid= UUID.randomUUID().toString();
dataMap.put("WXTOKEN", uuid);
System.out.println("3333");
// redisTemplate.opsForValue().set(uuid,userInfo);
// redisTemplate.expire(uuid,appTimeOut, TimeUnit.SECONDS);
return R.ok().put("登陆成功",200).put("data",dataMap);
}else{
return R.ok().put("解密失败",202);
}
}else{
return R.ok().put("未获取到用户openid 或 session ==> ",202);
}
}工具类
package com.freeter.modules.user.controller;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.Base64Utils;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.security.*;
import java.security.spec.InvalidParameterSpecException;
import java.util.Arrays;
/**
* @create 2018-08-07 8:30
*/
public class WechatGetUserInfoUtil {
//日志记录器
private static final Logger log= LoggerFactory.getLogger(WechatGetUserInfoUtil.class);
/**
* 解密用户敏感数据获取用户信息
*
* @param sessionKey 数据进行加密签名的密钥
* @param encryptedData 包括敏感数据在内的完整用户信息的加密数据
* @param iv 加密算法的初始向量
* @return
* */
public JSONObject getUserInfo(String encryptedData, String sessionKey, String iv) {
// 注意: 从前台拿到的数据 到 后台的时候 里面的所有“+”被解析成了“ ”(空格), 此处替换下
String encryptedData2 = encryptedData.replaceAll(" ","+");
String sessionKey2 = sessionKey.replaceAll(" ","+");
String iv2 = iv.replaceAll(" ","+");
// 被加密的数据
byte[] dataByte = Base64Utils.decode(encryptedData2.getBytes());
// 加密秘钥
byte[] keyByte = Base64Utils.decode(sessionKey2.getBytes());
// 偏移量
byte[] ivByte = Base64Utils.decode(iv2.getBytes());
try {
// 如果密钥不足16位,那么就补足. 这个if 中的内容很重要
int base = 16;
if (keyByte.length % base != 0) {
int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
byte[] temp = new byte[groups * base];
Arrays.fill(temp, (byte) 0);
System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
keyByte = temp;
}
// 初始化
Security.addProvider(new BouncyCastleProvider());
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
parameters.init(new IvParameterSpec(ivByte));
cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
byte[] resultByte = cipher.doFinal(dataByte);
if (null != resultByte && resultByte.length > 0) {
String result = new String(resultByte, "UTF-8");
return JSON.parseObject(result);
}
} catch (NoSuchAlgorithmException e) {
log.error(e.getMessage(), e);
} catch (NoSuchPaddingException e) {
log.error(e.getMessage(), e);
} catch (InvalidParameterSpecException e) {
log.error(e.getMessage(), e);
} catch (IllegalBlockSizeException e) {
log.error(e.getMessage(), e);
} catch (BadPaddingException e) {
log.error(e.getMessage(), e);
} catch (UnsupportedEncodingException e) {
log.error(e.getMessage(), e);
} catch (InvalidKeyException e) {
log.error(e.getMessage(), e);
} catch (InvalidAlgorithmParameterException e) {
log.error(e.getMessage(), e);
} catch (NoSuchProviderException e) {
log.error(e.getMessage(), e);
}catch (IllegalArgumentException e){
log.error(e.getMessage(), e);
}
return null;
}
}
/**
* Copyright 2018 人人开源 http://www.renren.io
* <p>
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package com.freeter.common.utils;
import java.util.HashMap;
import java.util.Map;
/**
* 返回数据
*
* @author chenshun
* @email [email protected]
* @date 2016年10月27日 下午9:59:27
*/
public class R extends HashMap<String, Object> {
private static final long serialVersionUID = 1L;
public R() {
put("code", 0);
put("msg", "success");
}
public static R error() {
return error(500, "未知异常,请联系管理员");
}
public static R error(String msg) {
return error(500, msg);
}
public static R error(int code, String msg) {
R r = new R();
r.put("code", code);
r.put("msg", msg);
return r;
}
public static R ok(String msg) {
R r = new R();
r.put("msg", msg);
return r;
}
public static R ok(Map<String, Object> map) {
R r = new R();
r.putAll(map);
return r;
}
public static R ok() {
return new R();
}
@Override
public R put(String key, Object value) {
super.put(key, value);
return this;
}
public static R toMap(String key, Object value) {
R r = new R();
r.clear();
r.put(key, value);
return r;
}
}
postMan测试:
