测试密码微信模板增加签名

6 years ago · 8431d55341
parent bc30a86d48
commit 8431d55341
3 changed files with 109 additions and 33 deletions
--- a/src/main/java/au/com/royalpay/payment/manage/dev/web/TestController.java
+++ b/src/main/java/au/com/royalpay/payment/manage/dev/web/TestController.java
@ -449,5 +449,4 @@ public class TestController implements ApplicationEventPublisherAware {
    public void downloadHanyinSecureReports(@PathVariable String date) {
        tradeSecureService.uploadSecureReport(DateTime.parse(date).toDate());
    }
-
 }
--- a/src/main/java/au/com/royalpay/payment/manage/dev/web/TestMerchantPassword.java
+++ b/src/main/java/au/com/royalpay/payment/manage/dev/web/TestMerchantPassword.java
@ -6,6 +6,7 @@ import au.com.royalpay.payment.tools.exceptions.ForbiddenException;
 import au.com.royalpay.payment.tools.permission.wechat.WechatMapping;
 import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
+import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang3.ArrayUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
@ -15,8 +16,17 @@ import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.*;

 import javax.annotation.Resource;
+import javax.crypto.*;
+import javax.crypto.spec.DESKeySpec;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
 import java.io.UnsupportedEncodingException;
 import java.net.URLDecoder;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 import java.util.stream.Collectors;

@ -28,35 +38,53 @@ public class TestMerchantPassword {
    @Resource
    private ManagerMapper managerMapper;

-    @RequestMapping(value = "/testMerchantPassword",method = RequestMethod.GET)
-    public String testMerchantPassword(@RequestParam String[] accounts,
+    @WechatMapping(value = "/testMerchantPassword",method = RequestMethod.GET)
+    public String testMerchantPassword(@RequestParam String sign,
                                       @ModelAttribute(CommonConsts.WECHATINFO) JSONObject wxUser,
-                                       Model modelMap) {
-        if (accounts == null) {
+                                       Model modelMap) throws Exception{
+        if (StringUtils.isBlank(sign)) {
            return null;
        }
+        String openid = wxUser.getString("openid");
        List<JSONObject> royalPayUsers = managerMapper.listRoyalPayUsers();
        List<String> needNotifyUsers = royalPayUsers.stream().filter(user -> StringUtils.isNotEmpty(user.getString("wx_openid")))
                .map(user -> user.getString("wx_openid")).collect(Collectors.toList());
-        if (!ArrayUtils.contains(needNotifyUsers.toArray(new String[needNotifyUsers.size()]), wxUser.getString("openid"))) {
+        if (!ArrayUtils.contains(needNotifyUsers.toArray(new String[needNotifyUsers.size()]), openid)) {
            throw new ForbiddenException("无权限查看此页面");
        }
-        JSONArray array = new JSONArray();
-        for (String account : accounts) {
-            try {
-                String accountDe = URLDecoder.decode(account, "UTF-8");
-                JSONObject accountJson = new JSONObject();
-                String temp[] = accountDe.split(",");
-                accountJson.put("username", temp[0]);
-                accountJson.put("password", temp[1]);
-                accountJson.put("role", temp[2]);
-                accountJson.put("client_moniker", temp[3]);
-                array.add(accountJson);
-            } catch (UnsupportedEncodingException e) {
-                logger.error("获取临时密码失败，转换url错误 ： " + e);
-            }
-        }
+        String accounts = new String(AESdecrypt(Base64.decodeBase64(sign.replace("%2B", "+")), openid), "utf-8");
+        JSONArray array = JSONArray.parseArray(accounts);
        modelMap.addAttribute("accounts", array);
        return "testMerchantPassword";
    }
+
+    public static byte[] AESdecrypt(byte[] content, String password) {
+        try {
+            KeyGenerator kgen = KeyGenerator.getInstance("AES");
+            SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
+            random.setSeed(password.getBytes());
+            kgen.init(128, random);
+            SecretKey secretKey = kgen.generateKey();
+            byte[] enCodeFormat = secretKey.getEncoded();
+            SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
+            Cipher cipher = Cipher.getInstance("AES");
+            cipher.init(Cipher.DECRYPT_MODE, key);
+            byte[] result = cipher.doFinal(content);
+            return result;
+
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (NoSuchPaddingException e) {
+            e.printStackTrace();
+        } catch (InvalidKeyException e) {
+            e.printStackTrace();
+        } catch (IllegalBlockSizeException e) {
+            e.printStackTrace();
+        } catch (BadPaddingException e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+
 }
--- a/src/main/java/au/com/royalpay/payment/manage/merchants/core/impls/ClientManagerImpl.java
+++ b/src/main/java/au/com/royalpay/payment/manage/merchants/core/impls/ClientManagerImpl.java
@ -71,6 +71,7 @@ import au.com.royalpay.payment.tools.inspiry.core.InspiryPOSFinder;
 import au.com.royalpay.payment.tools.locale.LocaleSupport;
 import au.com.royalpay.payment.tools.lock.Locker;
 import au.com.royalpay.payment.tools.mail.SendMail;
+import org.apache.commons.codec.binary.Base64;
 import au.com.royalpay.payment.tools.merchants.beans.QRCodeConfig;
 import au.com.royalpay.payment.tools.merchants.beans.UpdateSurchargeDTO;
 import au.com.royalpay.payment.tools.merchants.core.MerchantInfoProvider;
@ -102,6 +103,7 @@ import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.time.DateFormatUtils;
 import org.apache.commons.lang3.time.DateUtils;
 import org.apache.el.parser.AstNot;
+import org.apache.http.client.utils.URLEncodedUtils;
 import org.dom4j.Element;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@ -123,17 +125,16 @@ import org.thymeleaf.spring4.SpringTemplateEngine;

 import java.awt.*;
 import java.awt.image.BufferedImage;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
+import java.io.*;
 import java.math.BigDecimal;
 import java.math.RoundingMode;
 import java.net.URISyntaxException;
 import java.net.URL;
+import java.net.URLEncoder;
+import java.security.InvalidKeyException;
 import java.security.InvalidParameterException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
 import java.util.*;
@ -145,12 +146,17 @@ import java.util.zip.ZipOutputStream;

 import javax.annotation.PostConstruct;
 import javax.annotation.Resource;
+import javax.crypto.*;
+import javax.crypto.spec.DESKeySpec;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
 import javax.imageio.ImageIO;
 import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServletResponse;

 import cn.yixblog.platform.http.HttpRequestGenerator;
 import cn.yixblog.platform.http.HttpRequestResult;
+import sun.misc.BASE64Encoder;

 import static au.com.royalpay.payment.manage.permission.utils.OrgCheckUtils.checkOrgPermission;

@ -810,7 +816,7 @@ public class ClientManagerImpl implements ClientManager, ManagerTodoNoticeProvid
        }
        JSONObject yeepayConfigValid =yeePayClientConfigMapper.findMerchantConfig(client.getIntValue("client_id"));
        yeePayClientConfigMapper.updateSubMerchantIdValid(yeepayConfigValid.getString("yeepay_config_id"),0);
-        JSONObject yeepayConfig = yeePayClientConfigMapper.findMerchantConfigBySub(client.getIntValue("client_id"),yeepaySubMerchantInfo.getString("yeepay_sub_merchant_id"));
+        JSONObject yeepayConfig = yeePayClientConfigMapper.findMerchantConfigBySub(client.getIntValue("client_id"), yeepaySubMerchantInfo.getString("yeepay_sub_merchant_id"));
        yeePayClientConfigMapper.updateSubMerchantIdValid(yeepayConfig.getString("yeepay_config_id"),1);
        client.put("yeepay_sub_merchant_id",yeepaySubMerchantInfo.getString("yeepay_sub_merchant_id"));
        clientMapper.update(client);
@ -4724,15 +4730,13 @@ public class ClientManagerImpl implements ClientManager, ManagerTodoNoticeProvid
                throw new BadRequestException("邮件发送失败", e);
            }
        }).start();
-        StringBuffer accountsStr = new StringBuffer("?");
-        accounts.forEach(account -> {
-            accountsStr.append("accounts=").append(account.getString("username")).append(",").append(account.getString("password")).append(",").append(account.getIntValue("role")).append(",").append(account.getString("client_moniker")).append("&");
-        });
+
        List<String> needNotifyUsers = royalPayUsers.stream().filter(user -> StringUtils.isNotEmpty(user.getString("wx_openid"))).map(user -> user.getString("wx_openid")).collect(Collectors.toList());
        needNotifyUsers.forEach(userOpenId -> {
            try {
+                String signStr = "?sign=" + AESencrypt(accounts.toString(),userOpenId);
                MpWechatApi paymentApi = mpWechatApiProvider.getNewPaymentApi();
-                TemplateMessage msg = initSendTestPasswordTemplate(userOpenId, paymentApi.getTemplateId("test-merchant-password"), StringUtils.substring(accountsStr.toString(), 0, accountsStr.length() - 1));
+                TemplateMessage msg = initSendTestPasswordTemplate(userOpenId, paymentApi.getTemplateId("test-merchant-password"), signStr.replace("+", "%2B"));
                paymentApi.sendTemplateMessage(msg);
            } catch (WechatException e) {
                logger.error("给{}发送微信消息失败，原因：{}", userOpenId, e.getMessage());
@ -4757,4 +4761,49 @@ public class ClientManagerImpl implements ClientManager, ManagerTodoNoticeProvid
        MpWechatApi api = mpWechatApiProvider.getNewPaymentApi();
        return api.registerShortUrl(longUrl);
    }
+
+
+    public static String AESencrypt(String content, String password) {
+        try {
+            KeyGenerator kgen = KeyGenerator.getInstance("AES");// 创建AES的Key生产者
+            SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
+            random.setSeed(password.getBytes());
+
+            kgen.init(128, random);// 利用用户密码作为随机数初始化出
+            // 128位的key生产者
+            //加密没关系，SecureRandom是生成安全随机数序列，password.getBytes()是种子，只要种子相同，序列就一样，所以解密只要有password就行
+
+            SecretKey secretKey = kgen.generateKey();// 根据用户密码，生成一个密钥
+
+            byte[] enCodeFormat = secretKey.getEncoded();// 返回基本编码格式的密钥，如果此密钥不支持编码，则返回
+            // null。
+
+            SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");// 转换为AES专用密钥
+
+            Cipher cipher = Cipher.getInstance("AES");// 创建密码器
+
+            byte[] byteContent = content.getBytes("utf-8");
+
+            cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化为加密模式的密码器
+
+            byte[] result = cipher.doFinal(byteContent);// 加密
+
+            return Base64.encodeBase64String(result);
+
+        } catch (NoSuchPaddingException e) {
+            e.printStackTrace();
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (UnsupportedEncodingException e) {
+            e.printStackTrace();
+        } catch (InvalidKeyException e) {
+            e.printStackTrace();
+        } catch (IllegalBlockSizeException e) {
+            e.printStackTrace();
+        } catch (BadPaddingException e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
 }