From e338601bbce0a861d97cc66f98924d0daad44105 Mon Sep 17 00:00:00 2001 From: jianjun Date: Thu, 20 Oct 2022 14:11:44 +0800 Subject: [PATCH] =?UTF-8?q?=E7=AC=AC=E4=B8=89=E6=96=B9=E6=8E=A5=E5=8F=A3?= =?UTF-8?q?=E6=9A=B4=E9=9C=B2=203?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/ThirdLoginController.java | 2 +- .../commons/tools/utils/api/yt/TestMs4.java | 184 ++++++++++++++++++ .../commons/tools/utils/api/yt/YantaiApi.java | 123 ++++++++++-- .../tools/utils/api/yt/YantaiSSOUser.java | 5 + .../impl/IcFollowUpRecordServiceImpl.java | 3 +- 5 files changed, 294 insertions(+), 23 deletions(-) create mode 100644 epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/TestMs4.java diff --git a/epmet-auth/src/main/java/com/epmet/controller/ThirdLoginController.java b/epmet-auth/src/main/java/com/epmet/controller/ThirdLoginController.java index f5c8da7ad4..3f23ee88c8 100644 --- a/epmet-auth/src/main/java/com/epmet/controller/ThirdLoginController.java +++ b/epmet-auth/src/main/java/com/epmet/controller/ThirdLoginController.java @@ -224,7 +224,7 @@ public class ThirdLoginController { * @return */ @PostMapping("sso-govlogin-yantai/{authCode}") - public Result yantaiSSOLogin(@RequestParam(value = "authCode") String authCode) { + public Result yantaiSSOLogin(@PathVariable(value = "authCode") String authCode) { return new Result().ok(thirdLoginService.yanTaiSSOLogin(authCode)); } diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/TestMs4.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/TestMs4.java new file mode 100644 index 0000000000..1a9853705d --- /dev/null +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/TestMs4.java @@ -0,0 +1,184 @@ +package com.epmet.commons.tools.utils.api.yt; + + +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.pqc.math.linearalgebra.ByteUtils; + +import javax.crypto.Cipher; +import javax.crypto.KeyGenerator; +import javax.crypto.spec.SecretKeySpec; +import java.security.*; +import java.util.Arrays; + +/** + * sm4加密算法工具类 + * + * @explain sm4加密、解密与加密结果验证 可逆算法 + * @Autor:jingyao + */ +public class TestMs4 { + static { + Security.addProvider(new BouncyCastleProvider()); + } + + private static final String ENCODING = "UTF-8"; + public static final String ALGORITHM_NAME = "SM4"; + // 加密算法/分组加密模式/分组填充方式 + // PKCS5Padding-以8个字节为一组进行分组加密 + // 定义分组加密模式使用:PKCS5Padding + public static final String ALGORITHM_NAME_ECB_PADDING = "SM4/ECB/PKCS5Padding"; + // 128-32位16进制;256-64位16进制 + public static final int DEFAULT_KEY_SIZE = 128; + + /** + * 生成ECB暗号 + * + * @param algorithmName 算法名称 + * @param mode 模式 + * @param key + * @return + * @throws Exception + * @explain ECB模式(电子密码本模式:Electronic codebook) + */ + private static Cipher generateEcbCipher(String algorithmName, int mode, byte[] key) throws Exception { + Cipher cipher = Cipher.getInstance(algorithmName, BouncyCastleProvider.PROVIDER_NAME); + Key sm4Key = new SecretKeySpec(key, ALGORITHM_NAME); + cipher.init(mode, sm4Key); + return cipher; + } + + /** + * 自动生成密钥 + * + * @return + * @throws NoSuchAlgorithmException + * @throws NoSuchProviderException + * @explain + */ + public static byte[] generateKey() throws Exception { + return generateKey(DEFAULT_KEY_SIZE); + } + + + //加密****************************************** + + /** + * @param keySize + * @return + * @throws Exception + * @explain 系统产生秘钥 + */ + public static byte[] generateKey(int keySize) throws Exception { + KeyGenerator kg = KeyGenerator.getInstance(ALGORITHM_NAME, BouncyCastleProvider.PROVIDER_NAME); + kg.init(keySize, new SecureRandom()); + return kg.generateKey().getEncoded(); + } + + /** + * sm4加密 + * + * @param hexKey 16进制密钥(忽略大小写) + * @param paramStr 待加密字符串 + * @return 返回16进制的加密字符串 + * @throws Exception + * @explain 加密模式:ECB 密文长度不固定,会随着被加密字符串长度的变化而变化 + */ + public static String encryptEcb(String hexKey, String paramStr) throws Exception { + String cipherText = ""; + // 16进制字符串-->byte[] + byte[] keyData = ByteUtils.fromHexString(hexKey); + // String-->byte[] + byte[] srcData = paramStr.getBytes(ENCODING); + // 加密后的数组 + byte[] cipherArray = encrypt_Ecb_Padding(keyData, srcData); + // byte[]-->hexString + cipherText = ByteUtils.toHexString(cipherArray); + return cipherText; + } + + /** + * 加密模式之Ecb + * + * @param key + * @param data + * @return + * @throws Exception + */ + public static byte[] encrypt_Ecb_Padding(byte[] key, byte[] data) throws Exception { + Cipher cipher = generateEcbCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.ENCRYPT_MODE, key);//声称Ecb暗号,通过第二个参数判断加密还是解密 + return cipher.doFinal(data); + } + + //解密**************************************** + + /** + * sm4解密 + * + * @param hexKey 16进制密钥 + * @param cipherText 16进制的加密字符串(忽略大小写) + * @return 解密后的字符串 + * @throws Exception + * @explain 解密模式:采用ECB + */ + public static String decryptEcb(String hexKey, String cipherText) throws Exception { + // 用于接收解密后的字符串 + String decryptStr = ""; + // hexString-->byte[] + byte[] keyData = ByteUtils.fromHexString(hexKey); + // hexString-->byte[] + byte[] cipherData = ByteUtils.fromHexString(cipherText); + // 解密 + byte[] srcData = decrypt_Ecb_Padding(keyData, cipherData); + // byte[]-->String + decryptStr = new String(srcData, ENCODING); + return decryptStr; + } + + /** + * 解密 + * + * @param key + * @param cipherText + * @return + * @throws Exception + * @explain + */ + public static byte[] decrypt_Ecb_Padding(byte[] key, byte[] cipherText) throws Exception { + Cipher cipher = generateEcbCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.DECRYPT_MODE, key);//生成Ecb暗号,通过第二个参数判断加密还是解密 + return cipher.doFinal(cipherText); + } + + /** + * 校验加密前后的字符串是否为同一数据 + * + * @param hexKey 16进制密钥(忽略大小写) + * @param cipherText 16进制加密后的字符串 + * @param paramStr 加密前的字符串 + * @return 是否为同一数据 + * @throws Exception + * @explain + */ + public static boolean verifyEcb(String hexKey, String cipherText, String paramStr) throws Exception { + // 用于接收校验结果 + boolean flag = false; + // hexString-->byte[] + byte[] keyData = ByteUtils.fromHexString(hexKey); + // 将16进制字符串转换成数组 + byte[] cipherData = ByteUtils.fromHexString(cipherText); + // 解密 + byte[] decryptData = decrypt_Ecb_Padding(keyData, cipherData); + // 将原字符串转换成byte[] + byte[] srcData = paramStr.getBytes(ENCODING); + // 判断2个数组是否一致 + flag = Arrays.equals(decryptData, srcData); + return flag; + } + + public static void main(String[] args) throws Exception { + String text = "5d22ea44c7599a48f0d4446b1b7fbb4bb8353922df437d39c3a38549c0f2549cbd021ada00a8be83027ae06203c3daea2eedc5bd0875c7e509c7049045c5349577f2c21bcec328a5ea0bf341191e5bdba978566dddd16f1cf1928ff5cbd826dd33289fb45a8a04585f1f24ab04f59426371a5a0a0f2ee3e7b00d2bdfba7810524ce4c33130eda077546fa4c4191d0117f7a44e1cadac6c69a7d437653be1f958a459e0f025d471e09ab4636c38013032948ffb0827040ed6f3436be090f545186928a7b0b2bfc65782452606607ce8555ba130caacad73998da704428a07276a2699889c9872eebba5de8b72cdbe88705483293b00ab3ecb3aa57d283a4ecab40b71bc0a10e9ec626f07b2293255349fb2270d37e81c5c3d0de0b0f0706ed1872f60f039ce2e51effc39aef9747d67457e072cf3170a9c19589c1bab1a7d9d80"; + String s = TestMs4.decryptEcb("dbcff4c9f4774e6cb56080f279149d59", text); + System.out.println(s); + } + +} + diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiApi.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiApi.java index cbab66f5b8..84195d6711 100644 --- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiApi.java +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiApi.java @@ -7,9 +7,12 @@ import com.epmet.commons.tools.exception.EpmetErrorCode; import com.epmet.commons.tools.exception.EpmetException; import com.epmet.commons.tools.utils.HttpClientManager; import com.epmet.commons.tools.utils.Result; +import com.fasterxml.jackson.core.JsonProcessingException; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; +import javax.crypto.BadPaddingException; +import java.security.InvalidKeyException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -24,8 +27,10 @@ import java.util.Map; */ @Slf4j public class YantaiApi { - private static final String SSO_SERVER = "http://localhost:8080/"; - private static final String CLIENT_ID = "1000006"; + private static final String SSO_SERVER = "http://172.20.46.155:8080/sso/"; + private static final String CLIENT_ID = "1000009"; + private static final String CLIENT_SECRET = "a1f9879119bc4080ab5575f832b7d98b"; + private static final String SSO_CLIENT_TOKEN = "PRm5Db96atozjPQsJOuwlA=="; /** * desc:根据组织id获取下级组织 @@ -35,8 +40,8 @@ public class YantaiApi { */ public static List getChildOuInfoByGuid(String organizationId) { try { - if (StringUtils.isBlank(organizationId)){ - throw new EpmetException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg()); + if (StringUtils.isBlank(organizationId)) { + throw new EpmetException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(), EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg(), EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg()); } //加密 String organizationIdEn = SM4UtilsForYanTai.dealEncryptData(organizationId); @@ -69,14 +74,14 @@ public class YantaiApi { */ public static List getUserByOuGuid(String organizationId) { try { - if (StringUtils.isBlank(organizationId)){ - throw new EpmetException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg()); + if (StringUtils.isBlank(organizationId)) { + throw new EpmetException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(), EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg(), EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg()); } //加密 String organizationIdEn = SM4UtilsForYanTai.dealEncryptData(organizationId); //pwd = URLEncoder.encode(pwd, "UTF-8"); System.out.println("加密组织Id = " + organizationIdEn); - String url = SSO_SERVER+"ouinfo/getUserByOuGuid?organizationId=" + organizationIdEn; + String url = SSO_SERVER + "ouinfo/getUserByOuGuid?organizationId=" + organizationIdEn; Map headerMap = new HashMap<>(); Map paramMap = new HashMap<>(); @@ -103,29 +108,41 @@ public class YantaiApi { */ public static YantaiSSOUser getLoginToken(String code) { try { - if (StringUtils.isBlank(code)){ - throw new EpmetException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg(),EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg()); + if (StringUtils.isBlank(code)) { + throw new EpmetException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(), EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg(), EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getMsg()); } //加密 String organizationIdEn = SM4UtilsForYanTai.dealEncryptData(code); //pwd = URLEncoder.encode(pwd, "UTF-8"); - System.out.println("加密组织Id = " + organizationIdEn); - String url = "logintoken?client_id="+CLIENT_ID+"&client_code=" + code; + log.info("getLoginToken加密组织Id = " + organizationIdEn); + String url = SSO_SERVER + "logintoken?client_id=" + CLIENT_ID + "&client_code=" + code; Map headerMap = new HashMap<>(); Map paramMap = new HashMap<>(); log.info("getUserByOuGuid request param: url:{},header:{}", url, headerMap); Result result = HttpClientManager.getInstance().sendGet(url, paramMap, headerMap); + if (!result.success() || StringUtils.isBlank(result.getData())) { + log.info("getUserByOuGuid fail result:{}", JSON.toJSONString(result)); + throw new EpmetException(EpmetErrorCode.EPMET_COMMON_OPERATION_FAIL.getCode(), "获取token为空", "获取token为空"); + } log.info("getUserByOuGuid request result:{}", result); JSONObject jsonObject = JSONObject.parseObject(result.getData()); //解密 String errcode = jsonObject.getString("errcode"); - if (!NumConstant.ZERO_STR.equals(errcode)){ - throw new EpmetException(EpmetErrorCode.EPMET_COMMON_OPERATION_FAIL.getCode(),"获取token失败","获取token失败"); + if (!NumConstant.ZERO_STR.equals(errcode)) { + throw new EpmetException(EpmetErrorCode.EPMET_COMMON_OPERATION_FAIL.getCode(), "获取token失败", "获取token失败"); } - String data = SM4UtilsForYanTai.dealDecryptData(jsonObject.getString("data")); + String sencondData = jsonObject.getString("data"); + log.info("getLoginToken jiami data:{}", sencondData); + //String data = SM4UtilsForYanTai.dealDecryptData(sencondData); + + + String data = TestMs4.decryptEcb(CLIENT_SECRET, sencondData); + log.info("getLoginToken jiemi data:{}", sencondData); YantaiSSOUser userData = JSON.parseObject(data, YantaiSSOUser.class); log.info("getUserByOuGuid request real result:{}", JSON.toJSONString(userData)); + String userInfoMobile = getUserInfoMobile(userData.getUserGuid()); + userData.setMobile(userInfoMobile); return userData; } catch (Exception e) { log.error("getUserByOuGuid exception", e); @@ -133,12 +150,76 @@ public class YantaiApi { return null; } - public static void main(String[] args) { - String serverUrl = "http://172.20.46.155:8080/sso/login"; - Map param = new HashMap<>(); - param.put("client_id","1000006"); - param.put("redirect_url","https://epmet-open.elinkservice.cn/epmet-oper-gov/"); - Result stringResult = HttpClientManager.getInstance().sendGet(serverUrl, param); - System.out.println(JSON.toJSONString(stringResult)); + public static String getUserInfoMobile(String userId) { + try { + JSONObject token = new JSONObject(); + token.put("token", "iJCDUgCBV/Zk5FkkaxLypA=="); + // token.put("token","iJCDUgCBV/Zk5FkkaxLypA=="); + token.put("expiration", System.currentTimeMillis()); + + String tokanStr = SM4UtilsForYanTai.dealEncryptData(token.toString()); + String userIdEn = SM4UtilsForYanTai.dealEncryptData(userId); + System.out.println(tokanStr + "__" + userIdEn); + String serverUrl = "http://172.20.46.155:8082/person/userInfo/getUserByUserGuid"; + //String serverUrl = "http://120.220.248.247:8081/person/userInfo/getUserByUserGuid"; + Map param = new HashMap<>(); + param.put("userGuid", userIdEn); + Map headerMap = new HashMap<>(); + headerMap.put("Authorization", "Bearer " + tokanStr); + Result result = HttpClientManager.getInstance().sendGet(serverUrl, param, headerMap); + System.out.println(JSON.toJSONString(result)); + if (!result.success() || StringUtils.isBlank(result.getData())) { + log.info("getUserInfoMobile fail result:{}", JSON.toJSONString(result)); + throw new EpmetException(EpmetErrorCode.EPMET_COMMON_OPERATION_FAIL.getCode(), "获取用户信息失败", "获取用户信息失败"); + } + String data = result.getData(); + log.info("getUserInfoMobile jiami data:{}", JSON.parseObject(data)); + JSONObject jsonObject = JSON.parseObject(data); + String secondCode = jsonObject.getString("code"); + String secondMessage = jsonObject.getString("message"); + if (!"200".equals(secondCode)) { + throw new EpmetException(EpmetErrorCode.EPMET_COMMON_OPERATION_FAIL.getCode(), "获取人员信息接口返回失败" + secondMessage, "获取人员信息接口返回失败" + secondMessage); + } + String data1 = SM4UtilsForYanTai.dealDecryptData(jsonObject.getString("data")); + String telephoneNumber = JSON.parseObject(data1).getString("mobileTelephoneNumber"); + log.info("getUserInfoMobile jiemi data:{}", telephoneNumber); + return telephoneNumber; + } catch (Exception e) { + log.error("getUserInfoMobile exception", e); + } + return null; + } + + public static void main(String[] args) throws BadPaddingException, InvalidKeyException, JsonProcessingException { +// JSONObject token = new JSONObject(); +// token.put("token", SSO_CLIENT_TOKEN); +// token.put("expiration", System.currentTimeMillis()); +// +// String tokanStr = SM4UtilsForYanTai.dealEncryptData(token.toString()); +// String testUserId = "0ffd76e2-27b5-4b33-be9a-186f9f878bf1"; +// String userId = SM4UtilsForYanTai.dealEncryptData(testUserId); +// System.out.println(tokanStr + "__" + userId); +// String serverUrl = "http://172.20.46.155:8082/person/userInfo/getUserByUserGuid"; +// //String serverUrl = "http://120.220.248.247:8081/person/userInfo/getUserByUserGuid"; +// Map param = new HashMap<>(); +// param.put("userGuid", userId); +// Map headerMap = new HashMap<>(); +// headerMap.put("Authorization", "Bearer " + tokanStr); +// Result stringResult = HttpClientManager.getInstance().sendGet(serverUrl, param, headerMap); +// System.out.println(JSON.toJSONString(stringResult)); +// +// String data = stringResult.getData(); +// JSONObject jsonObject = JSON.parseObject(data); +// String secondCode = jsonObject.getString("code"); +// String secondMessage = jsonObject.getString("message"); +// System.out.println(secondCode); +// System.out.println(secondMessage); +// String data1 = SM4UtilsForYanTai.dealDecryptData(jsonObject.getString("data")); +// System.out.println("======" + data1); + String s = SM4UtilsForYanTai.dealDecryptData("R5TbfdZPJ7QA9uo02EGT/uDWyUWapZTmTQZwwLYnX5ZChQhV8bYa17yJ+d+KC5vUm9P/O9J25pkpKSzUSaXEmJz3oniLQdj3OyhmZFghKAKVbK/By+3oyVQG3ApRUMwir64RkvnjpP7MjgUaXXongNRheMrsarV2fjr8ZYDzIH0bhsTDgo0/qNSSmFc+0sWmcvraDyeeI5nRNyjaBzybuBQzOCkqf3LtQAwnqWj8lCVPi5dH7KiTzM0pwZWzhfr21xzaw80fQkUMznBfkiJJM8nI2vqgZfa6TgtTH3h7JYLq8LDcu5UMJpMuVjbWwW41N41I+c9magDCUOJ9LkbmrUTvg2Y0asccP7U3jt9NNgwmRT5L/vxNmuapDaADjFR83P3ospRaclr3vo9OWMORSw=="); + System.out.println("sssssss:"+s); + + + getLoginToken("0d554bccfbac4be3846d643252daf92b"); } } diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiSSOUser.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiSSOUser.java index 99d31cc439..d2285ce0f3 100644 --- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiSSOUser.java +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/api/yt/YantaiSSOUser.java @@ -27,4 +27,9 @@ public class YantaiSSOUser implements Serializable { private String userGuid; private String userName; + /** + * 二次请求结果 + */ + private String mobile; + } diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/IcFollowUpRecordServiceImpl.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/IcFollowUpRecordServiceImpl.java index 1e3c46f9f1..0999660b0e 100644 --- a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/IcFollowUpRecordServiceImpl.java +++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/IcFollowUpRecordServiceImpl.java @@ -83,6 +83,7 @@ public class IcFollowUpRecordServiceImpl extends BaseServiceImpl