云燕2次提供最新代码

pom.xml

@@ -10,7 +10,7 @@
     </parent>
     <groupId>info.aspirecn.cloud.yysj</groupId>
     <artifactId>cloud-yysj-login-authentication</artifactId>
-    <version>1.0.0</version>
+    <version>1.0.1</version>
     <name>cloud-yysj-login-authentication</name>
     <description>Demo project for Spring Boot</description>
 

src/main/java/info/aspirecn/cloud/yysj/cloudyysjlogin/service/CreatUserService.java

@@ -28,10 +28,10 @@ public interface CreatUserService  {
      * @return 客户名称列表
      */
      @RequestMapping(value = "getCustomerName.do", method = {RequestMethod.POST})
-     Result getCustomerName(@RequestParam(value = "customerName",required = false) String customerName,
-                                  @RequestParam(value = "customerId",required = false) String customerId,
-                                  @RequestParam(value = "pageNum", required = true) Integer pageNum,
-                                  @RequestParam(value = "pageSize", required = true) Integer pageSize);
+     Result getCustomerName(@RequestParam(value = "customerName", required = false) String customerName,
+                            @RequestParam(value = "customerId", required = false) String customerId,
+                            @RequestParam(value = "pageNum", required = true) Integer pageNum,
+                            @RequestParam(value = "pageSize", required = true) Integer pageSize);
 
     /**
      * 获取客户信息  appId以及secret
@@ -47,11 +47,11 @@ public interface CreatUserService  {
      * @return Map 客户信息
      */
     @RequestMapping(value = "queryAppByCustomName.do", method = {RequestMethod.POST})
-    Map<String,String> queryAppByCustomName(@RequestParam(name = "customName", required = true) String  customName);
+    Map<String,String> queryAppByCustomName(@RequestParam(name = "customName", required = true) String customName);
 
     @RequestMapping(value = "queryUser.do", method = {RequestMethod.POST})
     User getUserInfo(@RequestParam(name = "appId", required = true) String appId, @RequestParam(name = "appsecret", required = true) String appsecret);
 
 
 
-}
+}

src/main/java/info/aspirecn/cloud/yysj/cloudyysjlogin/service/impl/LoginTokenServiceImpl.java

@@ -16,6 +16,7 @@ import info.aspirecn.cloud.yysj.cloudyysjlogin.mapper.YysjUserMapper;
 import info.aspirecn.cloud.yysj.cloudyysjlogin.service.CreatUserService;
 import info.aspirecn.cloud.yysj.cloudyysjlogin.service.LoginTokenService;
 import info.aspirecn.cloud.yysj.cloudyysjlogin.utils.JwtUtils;
+import lombok.extern.slf4j.Slf4j;
 import net.sf.json.JSONObject;
 import net.sf.json.xml.XMLSerializer;
 import org.apache.commons.lang.StringUtils;
@@ -39,7 +40,7 @@ import java.util.concurrent.TimeUnit;
  * return 加密的token
  */
 @Service
-
+@Slf4j
 public class LoginTokenServiceImpl implements LoginTokenService {
     public static final String NO_VALUE = "null";
     @Autowired
@@ -82,6 +83,9 @@ public class LoginTokenServiceImpl implements LoginTokenService {
 
     @Value(("${yysj.redis.prefix}"))
     private String prefix;
+    
+    @Value(("${yysj.rsaKey}"))
+    private String rsaKey;
 
 
     /**
@@ -93,23 +97,28 @@ public class LoginTokenServiceImpl implements LoginTokenService {
      */
     @Override
     public String getLoginToken(GetTokenRequest getTokenRequest) throws Exception {
+
+        //解密用户名和密码 add by minmin 2020-09-16
+        String userId = JwtUtils.rsaDecrypt(getTokenRequest.getUserId(), rsaKey);
+        String password = JwtUtils.rsaDecrypt(getTokenRequest.getPassword(), rsaKey);
+
         //国家物流平台验证用户是否存在
-        String token = getTokenFromPlatform(getTokenRequest.getUserId(), getTokenRequest.getPassword());
+        String token = getTokenFromPlatform(userId, password);
         //判断token是否有值，没值代表用户名密码远端验证不通过
         if (NO_VALUE.equals(token)) {
             throw new UserNotExistException("用户不存在");
         }
         //查询本地库是否有用户信息
-        int count = yysjUserMapper.selectCount((new QueryWrapper<YysjUser>().eq("userId", getTokenRequest.getUserId())));
+        int count = yysjUserMapper.selectCount((new QueryWrapper<YysjUser>().eq("userId", userId)));
         //如果本地库不存在
         if (count == 0) {
             //去出数据交互创建用户,并获取appId和secret放在map中
-            Map<String, Object> sjjhUserInfoLists = userInfoFromSjjh(getTokenRequest.getUserId());
+            Map<String, Object> sjjhUserInfoLists = userInfoFromSjjh(userId);
             //去国家物流平台获取用户信息得到username
-            String username = userInfoFromLogisticsPlatform(getTokenRequest.getUserId(), token);
+            String username = userInfoFromLogisticsPlatform(userId, token);
             //将数据加载到本地库实体类中
             YysjUser user = new YysjUser();
-            user.setUserId(getTokenRequest.getUserId());
+            user.setUserId(userId);
             user.setAppId(String.valueOf(sjjhUserInfoLists.get("appId")));
             user.setSecret(String.valueOf(sjjhUserInfoLists.get("secret")));
             user.setSjjhUserId(Integer.parseInt(String.valueOf(sjjhUserInfoLists.get("sjjhUserId"))));
@@ -117,8 +126,7 @@ public class LoginTokenServiceImpl implements LoginTokenService {
             //将数据存到到本地库
             yysjUserMapper.insert(user);
         }
-        //将userid通过jwt加密成token
-        String userId = getTokenRequest.getUserId();
+
         String tokens;
         tokens = encipherUserId(userId);
         //将用户名存在redis中
@@ -140,12 +148,16 @@ public class LoginTokenServiceImpl implements LoginTokenService {
         SslUtils.ignoreSsl();
         /* 从国家物流平台获取token的请求参数列表 */
         Map<String, String> params = new HashMap<>();
+
+
+
         //添加参数
         params.put("userid", userId);
         params.put("password", password);
         params.put("resource", resource);
         //调接口获取数据
         String remoteResult = restTemplate.getForEntity(logisticsPlatformTokenUrl, String.class, params).getBody();
+        log.info("remoteResult:{}",remoteResult);
         if (StringUtils.isEmpty(remoteResult)) {
             throw new SystemBusyException("国家物流平台验证token失败");
         }
@@ -247,6 +259,7 @@ public class LoginTokenServiceImpl implements LoginTokenService {
         ResponseEntity<String> responseEntity = restTemplate.postForEntity(userInfoUrl, requestEntity, String.class);
         /* 获取返回的xml格式body的字符串 */
         String xmlbody = responseEntity.getBody();
+        log.info("xmlbody:{}",xmlbody);
         return convert(xmlbody);
     }
 
@@ -257,6 +270,7 @@ public class LoginTokenServiceImpl implements LoginTokenService {
      * @return String
      */
     private static String convert(String xmlbody) {
+
         //将xml字符串转换为json格式
         XMLSerializer xmlSerializer = new XMLSerializer();
         String resutStr = xmlSerializer.read(xmlbody).toString();
@@ -277,4 +291,19 @@ public class LoginTokenServiceImpl implements LoginTokenService {
         return searchResultList.get("cn").toString();
     }
 
+    public static void main(String[] args) {
+        StringBuffer xmlString = new StringBuffer();
+        xmlString.append("<?xml version=\"1.0\" encoding=\"utf-16\"?>")
+                .append("<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">")
+                .append("<soap:Body>")
+                .append("<userGeneralQuery xmlns=\"http://client.ws.logink.org/SearchService\">")
+                .append("<applicantToken xmlns=\"\">" + "1111" + "</applicantToken>")
+                .append(" <username xmlns=\"\"></username>")
+                .append("  <userid xmlns=\"\">" + "11" + "</userid>\"")
+                .append(" </userGeneralQuery>")
+                .append(" </soap:Body>")
+                .append("</soap:Envelope>");
+        System.out.println(xmlString.toString());
+    }
+
 }

src/main/java/info/aspirecn/cloud/yysj/cloudyysjlogin/utils/JwtUtils.java

@@ -7,12 +7,19 @@ import com.auth0.jwt.interfaces.Claim;
 import com.auth0.jwt.interfaces.DecodedJWT;
 import com.auth0.jwt.interfaces.JWTVerifier;
 import info.aspirecn.cloud.yysj.cloudyysjlogin.exceptions.SystemBusyException;
+
+import org.apache.commons.codec.binary.Base64;
 import org.omg.CORBA.SystemException;
 
+import java.security.KeyFactory;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.spec.PKCS8EncodedKeySpec;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
 
+import javax.crypto.Cipher;
+
 public class JwtUtils {
 
     private JwtUtils() {
@@ -26,6 +33,10 @@ public class JwtUtils {
      * 签发人
      */
     private static final String ISSUER = "SYS_USER";
+    /**RSA*/
+    private static final String RSA = "RSA";
+    /**utf-8*/
+    private static final String ENCODING_UTF8 = "UTF-8";
 
     /**
      * 生成token
@@ -72,5 +83,29 @@ public class JwtUtils {
         map.forEach((k, v) -> resultMap.put(k, v.asString()));
         return resultMap;
     }
+    
+    /** 
+	 * RSA私钥解密
+	 *  
+	 * @param str 
+	 *            加密字符串
+	 * @param privateKey 
+	 *            私钥 
+	 * @return 铭文
+	 * @throws Exception 
+	 *             解密过程中的异常信息 
+	 */  
+	public static String rsaDecrypt(String str, String privateKey) throws Exception{
+		//64位解码加密后的字符串
+		byte[] inputByte = Base64.decodeBase64(str.getBytes(ENCODING_UTF8));
+		//base64编码的私钥
+		byte[] decoded = Base64.decodeBase64(privateKey);  
+        RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance(RSA).generatePrivate(new PKCS8EncodedKeySpec(decoded));  
+		//RSA解密
+		Cipher cipher = Cipher.getInstance(RSA);
+		cipher.init(Cipher.DECRYPT_MODE, priKey);
+		String outStr = new String(cipher.doFinal(inputByte));
+		return outStr;
+	}
 
 }