解密微信小程序加密信息
获取微信程序人员信息之后,会给一个加密字符串,这个时候,前端不太好解密,因为浪费性能,会请求后端解密,那么后端如何解密呢?demo来说话;
1、首先工具类
package com.XXX.member.utils;import com.alibaba.fastjson.JSONObject;import lombok.Data;import javax.crypto.Cipher;import javax.crypto.spec.IvParameterSpec;import javax.crypto.spec.SecretKeySpec;import java.security.AlgorithmParameters;import java.security.Key;import java.security.Security;import java.util.Base64;/*** 小程序 AES 解密工具** @author Kilde*/@Datapublic class WXBizDataCrypt {// public static void main(String[] args) {//// String appId = "wx4f4bc4dec97d474b";// String sessionKey = "tiihtNczf5v6AKRyjwEUhQ==";// String encryptedData = "CiyLU1Aw2KjvrjMdj8YKliAjtP4gsMZMQmRzooG2xrDcvSnxIMXFufNstNGTyaGS9uT5geRa0W4oTOb1WT7fJlAC+oNPdbB+3hVbJSRgv+4lGOETKUQz6OYStslQ142dNCuabNPGBzlooOmB231qMM85d2/fV6ChevvXvQP8Hkue1poOFtnEtpyxVLW1zAo6/1Xx1COxFvrc2d7UL/lmHInNlxuacJXwu0fjpXfz/YqYzBIBzD6WUfTIF9GRHpOn/Hz7saL8xz+W//FRAUid1OksQaQx4CMs8LOddcQhULW4ucetDf96JcR3g0gfRK4PC7E/r7Z6xNrXd2UIeorGj5Ef7b1pJAYB6Y5anaHqZ9J6nKEBvB4DnNLIVWSgARns/8wR2SiRS7MNACwTyrGvt9ts8p12PKFdlqYTopNHR1Vf7XjfhQlVsAJdNiKdYmYVoKlaRv85IfVunYzO0IKXsyl7JCUjCpoG20f0a04COwfneQAGGwd5oa+T8yO5hzuyDb/XcxxmK01EpqOyuxINew==";// String iv = "r7BXXKkLb8qrSNn05n0qiA==";//// WXBizDataCrypt pc = new WXBizDataCrypt(appId,sessionKey);// JSONObject decrypt = pc.decrypt(encryptedData, iv);//// System.out.println(decrypt.toString());//// }public static JSONObject getMoreInfoFromEncryptedData(String appId, String sessionKey, String encryptedData, String iv) {WXBizDataCrypt pc = new WXBizDataCrypt(appId, sessionKey);JSONObject decrypt = pc.decrypt(encryptedData, iv);return decrypt;}private String appId;private String sessionKey;public WXBizDataCrypt(String appId, String sessionKey) {this.appId = appId;this.sessionKey = sessionKey;}/*** 解密成json** @param encryptedData* @param iv* @return*/public JSONObject decrypt(String encryptedData, String iv) {byte[] encryptedDataDecode = Base64.getDecoder().decode(encryptedData);byte[] sessionKeyDecode = Base64.getDecoder().decode(this.sessionKey);byte[] ivDecode = Base64.getDecoder().decode(iv);Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());byte[] decodeData = decode(encryptedDataDecode, sessionKeyDecode, ivDecode);String stringData = new String(decodeData);JSONObject jsonObject = JSONObject.parseObject(stringData);return jsonObject;}/*** 解密算法 AES-128-CBC* 填充模式 PKCS#7** @param encryptedDataDecode 目标密文* @return* @throws Exception*/private byte[] decode(byte[] encryptedDataDecode, byte[] sessionKeyDecode, byte[] iv) {try {Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");Key sKeySpec = new SecretKeySpec(sessionKeyDecode, "AES");cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(iv));// 初始化byte[] result = cipher.doFinal(encryptedDataDecode);return result;} catch (Exception e) {throw new RuntimeException(e);}}/*** 处理iv** @param iv* @return* @throws Exception*/private AlgorithmParameters generateIV(byte[] iv) throws Exception {AlgorithmParameters params = AlgorithmParameters.getInstance("AES");params.init(new IvParameterSpec(iv));return params;}}
2、真正的代码
@Transactional(rollbackFor = Exception.class)@Overridepublic JsonResult<UserInfoVoWeChatInfoDTO> saveAcode2SessionUserInfo(UserInfoVoWeChatInfoVO userInfoVoWeChatInfoVO) {if (Objects.isNull(userInfoVoWeChatInfoVO)) {return new JsonResult(JsonResultEnum.ARGS_NOT_FULL);}String encryptedData = userInfoVoWeChatInfoVO.getEncryptedData();Integer flag = userInfoVoWeChatInfoVO.getFlag();String iv = userInfoVoWeChatInfoVO.getIv();String sessionKey = userInfoVoWeChatInfoVO.getSessionKey();String openId = userInfoVoWeChatInfoVO.getOpenId();if (StringUtils.isBlank(encryptedData) ||StringUtils.isBlank(iv) ||StringUtils.isBlank(sessionKey) ||StringUtils.isBlank(openId) ||Objects.isNull(flag)) {return new JsonResult(JsonResultEnum.ARGS_NOT_FULL);}UserInfoVo userInfoVo = UserInfoVo.builder().build();String userPhone = userInfoVo.getUserPhone();String wechatAvatar = userInfoVo.getWechatAvatar();String wechatNickname = userInfoVo.getWechatNickname();String wechatOpenid = userInfoVo.getWechatOpenid();/*** 用户信息的* {"country":"CN","unionId":"ocMvos6NjeKLIBqg5Mr9QjxrP1FA","watermark":{"appid":"wx4f4bc4dec97d474b","timestamp":1477314187},"gender":1,"province":"Guangdong","city":"Guangzhou","avatarUrl":"http://wx.qlogo.cn/mmopen/vi_32/aSKcBBPpibyKNicHNTMM0qJVh8Kjgiak2AHWr8MHM4WgMEm7GFhsf8OYrySdbvAMvTsw3mo8ibKicsnfN5pRjl1p8HQ/0","openId":"oGZUI0egBJY1zhBYw2KhdUfwVJJE","nickName":"Band","language":"zh_CN"}** 手机号的** {"phoneNumber":"186168383*2","watermark":{"appid":"wxf0e8d778d88e861b","timestamp":1598263205},"purePhoneNumber":"18616838312","countryCode":"86"}**/if (flag.equals(NumberUtils.INTEGER_ONE)) {JSONObject moreInfoFromEncryptedDataJosn =WXBizDataCrypt.getMoreInfoFromEncryptedData(appid, sessionKey, encryptedData, iv);//优先选这个userPhone = String.valueOf(moreInfoFromEncryptedDataJosn.get("phoneNumber"));userPhone = StringUtils.isBlank(userPhone) ? String.valueOf(moreInfoFromEncryptedDataJosn.get("purePhoneNumber")) : userPhone;wechatOpenid = openId;} else if (flag.equals(NumberUtils.INTEGER_TWO)) {JSONObject moreInfoFromEncryptedDataJosn =WXBizDataCrypt.getMoreInfoFromEncryptedData(appid, sessionKey, encryptedData, iv);wechatAvatar = moreInfoFromEncryptedDataJosn.getString("avatarUrl");wechatNickname = moreInfoFromEncryptedDataJosn.getString("nickName");wechatOpenid = openId;}UserInfo userInfo = userInfoMapper.selectUserInfo(openId, userPhone);if (Objects.isNull(userInfo)) {//等获取到再补充更正UserInfo build = UserInfo.builder().userMoney(0).userName("0").userPhone(StringUtils.isBlank(userPhone) ? "0" : userPhone).wechatNickname(StringUtils.isBlank(wechatNickname) ? "0" : wechatNickname).wechatAvatar(StringUtils.isBlank(wechatAvatar) ? "0" : wechatAvatar).wechatOpenid(openId).build();int i = userInfoMapper.insertUser(build);if (i != 1) {log.error("小程序获取Acode2Session信息保存失败---build:{}", JSON.toJSONString(build));return JsonResult.error(JsonResultEnum.EXCEPTION_ERROR.getMsg());}} else if (Objects.nonNull(userInfo) && StringUtils.isNotBlank(wechatNickname) && StringUtils.isNotBlank(wechatAvatar)) {userInfo.setUserPhone(StringUtils.isBlank(userPhone) ? "0" : userPhone);userInfo.setWechatNickname(wechatNickname);userInfo.setWechatAvatar(wechatAvatar);int i = userInfoMapper.updateByPrimaryKeySelective(userInfo);if (i != 1) {log.error("完善微信授权信息失败---build:{}", JSON.toJSONString(userInfo));return JsonResult.error(JsonResultEnum.EXCEPTION_ERROR.getMsg());}}if (flag.equals(NumberUtils.INTEGER_ONE)) {UserInfoVoWeChatInfoDTO resultObject = UserInfoVoWeChatInfoDTO.builder().phone(userPhone).openId(openId).build();return new JsonResult(JsonResultEnum.SUCCESS, resultObject);} else if (flag.equals(NumberUtils.INTEGER_TWO)) {UserInfoVoWeChatInfoDTO resultObject = UserInfoVoWeChatInfoDTO.builder().phone(userPhone).wechatAvatar(wechatAvatar).wechatNickname(wechatNickname).phone(userInfo.getUserPhone()).openId(openId).build();return new JsonResult(JsonResultEnum.SUCCESS, resultObject);}return JsonResult.seccess();}
Love The Way You Lie
我就是我
野性酷女
还没有评论,来说两句吧...