1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 | /** * 获取微信小程序 session_key 和 openid * * @param code 调用微信登陆返回的Code * @return */ public static JSONObject getSessionKeyOropenid(String code) { //微信端登录code值 String wxCode = code; Locale locale = new Locale( "en" , "US" ); ResourceBundle resource = ResourceBundle.getBundle( "config/wx-config" ,locale); //读取属性文件 String requestUrl = resource.getString( "url" ); //请求地址 https://api.weixin.qq.com/sns/jscode2session Map<String, String> requestUrlParam = new HashMap<String, String>(); requestUrlParam.put( "appid" , resource.getString( "appId" )); //开发者设置中的appId requestUrlParam.put( "secret" , resource.getString( "appSecret" )); //开发者设置中的appSecret requestUrlParam.put( "js_code" , wxCode); //小程序调用wx.login返回的code requestUrlParam.put( "grant_type" , resource.getString( "grantType" )); //默认参数 authorization_code //发送post请求读取调用微信 https://api.weixin.qq.com/sns/jscode2session 接口获取openid用户唯一标识 JSONObject jsonObject = JSON.parseObject(sendPost(requestUrl, requestUrlParam)); return jsonObject; } /** * 向指定 URL 发送POST方法的请求 * * @param url 发送请求的 URL * @return 所代表远程资源的响应结果 */ public static String sendPost(String url, Map<String, ?> paramMap) { PrintWriter out = null ; BufferedReader in = null ; String result = "" ; String param = "" ; Iterator<String> it = paramMap.keySet().iterator(); while (it.hasNext()) { String key = it.next(); param += key + "=" + paramMap.get(key) + "&" ; } try { URL realUrl = new URL(url); // 打开和URL之间的连接 URLConnection conn = realUrl.openConnection(); // 设置通用的请求属性 conn.setRequestProperty( "accept" , "*/*" ); conn.setRequestProperty( "connection" , "Keep-Alive" ); conn.setRequestProperty( "Accept-Charset" , "utf-8" ); conn.setRequestProperty( "user-agent" , "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)" ); // 发送POST请求必须设置如下两行 conn.setDoOutput( true ); conn.setDoInput( true ); // 获取URLConnection对象对应的输出流 out = new PrintWriter(conn.getOutputStream()); // 发送请求参数 out.print(param); // flush输出流的缓冲 out.flush(); // 定义BufferedReader输入流来读取URL的响应 in = new BufferedReader( new InputStreamReader(conn.getInputStream(), "UTF-8" )); String line; while ((line = in.readLine()) != null ) { result += line; } } catch (Exception e) { log.error(e.getMessage(), e); } //使用finally块来关闭输出流、输入流 finally { try { if (out != null ) { out.close(); } if (in != null ) { in.close(); } } catch (IOException ex) { ex.printStackTrace(); } } return result; } /** * 解密用户敏感数据获取用户信息 * * @param sessionKey 数据进行加密签名的密钥 * @param encryptedData 包括敏感数据在内的完整用户信息的加密数据 * @param iv 加密算法的初始向量 * @return * */ public static JSONObject getUserInfo(String encryptedData, String sessionKey, String iv) { // 被加密的数据 byte [] dataByte = Base64Util.decodeByte(encryptedData); // 加密秘钥 byte [] keyByte = Base64Util.decodeByte(sessionKey); // 偏移量 byte [] ivByte = Base64Util.decodeByte(iv); try { // 如果密钥不足16位,那么就补足. 这个if 中的内容很重要 int base = 16 ; if (keyByte.length % base != 0 ) { int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0 ); byte [] temp = new byte [groups * base]; Arrays.fill(temp, ( byte ) 0 ); System.arraycopy(keyByte, 0 , temp, 0 , keyByte.length); keyByte = temp; } // 初始化 Security.addProvider( new BouncyCastleProvider()); Cipher cipher = Cipher.getInstance( "AES/CBC/PKCS7Padding" , "BC" ); SecretKeySpec spec = new SecretKeySpec(keyByte, "AES" ); AlgorithmParameters parameters = AlgorithmParameters.getInstance( "AES" ); parameters.init( new IvParameterSpec(ivByte)); cipher.init(Cipher.DECRYPT_MODE, spec, parameters); // 初始化 byte [] resultByte = cipher.doFinal(dataByte); if ( null != resultByte && resultByte.length > 0 ) { String result = new String(resultByte, "UTF-8" ); return JSON.parseObject(result); } } catch (NoSuchAlgorithmException e) { log.error(e.getMessage(), e); } catch (NoSuchPaddingException e) { log.error(e.getMessage(), e); } catch (InvalidParameterSpecException e) { log.error(e.getMessage(), e); } catch (IllegalBlockSizeException e) { log.error(e.getMessage(), e); } catch (BadPaddingException e) { log.error(e.getMessage(), e); } catch (UnsupportedEncodingException e) { log.error(e.getMessage(), e); } catch (InvalidKeyException e) { log.error(e.getMessage(), e); } catch (InvalidAlgorithmParameterException e) { log.error(e.getMessage(), e); } catch (NoSuchProviderException e) { log.error(e.getMessage(), e); } return null ; } |