BMD用户登录加密解密

suishenbang-api/src/test/java/test/MyTest.java

@@ -22,6 +22,9 @@ import org.springframework.test.context.junit4.SpringRunner;
 import java.nio.charset.StandardCharsets;
 import java.util.*;
 
+import static com.dgtly.common.utils.bean.EnDecoderUtil.DESdecode;
+import static com.dgtly.common.utils.bean.EnDecoderUtil.DESencode;
+
 @RunWith(SpringRunner.class)
 @SpringBootTest(classes=ApiApplication.class)
 public class MyTest {
@@ -50,15 +53,16 @@ public class MyTest {
         String orders="6107665807";
         esignSignService.tmsCertificate(orders, certificateUrl);*/
         String name="gujing.sm";
-
+        System.out.println(DESencode("gujing.sm","SSB2023BMD"));
+        System.out.println(DESdecode("C0D8A1C91E39CE7BD9D07949AC4F08E7","SSB2023BMD"));
         //base64进行加密解密,通常用作对二进制数据进行加密
-        byte[] base64Encrypt = EnDecoderUtil.base64Encrypt(name);
-     /*   String toHexString = HexUtils.toHexString(base64Encrypt);
-        System.out.println(toHexString);*/
+     /*   byte[] base64Encrypt = EnDecoderUtil.base64Encrypt(name);
+     *//*   String toHexString = HexUtils.toHexString(base64Encrypt);
+        System.out.println(toHexString);*//*
         String toHexString="5a3356716157356e4c6e4e74";
         byte[] to = HexUtils.toByteArray(toHexString);
         byte[] base64Decrypt = EnDecoderUtil.base64Decrypt(to);
-        System.out.println(new String(base64Decrypt));
+        System.out.println(new String(base64Decrypt));*/
     }
 
 }

suishenbang-common/src/main/java/com/dgtly/common/utils/bean/EnDecoderUtil.java

@@ -1,8 +1,42 @@
 package com.dgtly.common.utils.bean;
 
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.SecureRandom;
 import java.util.Base64;
 
 public class EnDecoderUtil {
+    public static final String DES = "DES";
+    public static final String AES = "AES";
+    /**
+     * 	签名算法
+     */
+    public static final String SIGN_ALGORITHMS = "SHA1PRNG";
+    /**编码格式；默认使用uft-8*/
+    public static String charset = "utf-8";
+    /**DES*/
+    public static int keysizeDES = 0;
+    /**AES*/
+    public static int keysizeAES = 128;
+
+    public static EnDecoderUtil me;
+
+    private EnDecoderUtil(){
+        //单例
+    }
+    //双重锁
+    public static EnDecoderUtil getInstance(){
+        if (me==null) {
+            synchronized (EnDecoderUtil.class) {
+                if(me == null){
+                    me = new EnDecoderUtil();
+                }
+            }
+        }
+        return me;
+    }
 
     /**
      * base64加密
@@ -21,4 +55,93 @@ public class EnDecoderUtil {
     public static byte[] base64Decrypt(final byte[] encoderContent) {
         return Base64.getDecoder().decode(encoderContent);
     }
+
+
+    /**
+     * 使用DES加密算法进行加密（可逆）
+     * @param res 需要加密的原文
+     * @param key 秘钥
+     * @return
+     */
+    public static String DESencode(String res, String key) {
+        return keyGeneratorES(res, DES, key, keysizeDES, true);
+    }
+
+    /**
+     * 对使用DES加密算法的密文进行解密（可逆）
+     * @param res 需要解密的密文
+     * @param key 秘钥
+     * @return
+     */
+    public static String DESdecode(String res, String key) {
+        return keyGeneratorES(res, DES, key, keysizeDES, false);
+    }
+    /**
+     * 使用KeyGenerator双向加密，DES/AES，注意这里转化为字符串的时候是将2进制转为16进制格式的字符串，不是直接转，因为会出错
+     * @param res 加密的原文
+     * @param algorithm 加密使用的算法名称
+     * @param key  加密的秘钥
+     * @param keysize
+     * @param isEncode
+     * @return
+     */
+    private static String keyGeneratorES(String res,String algorithm,String key,int keysize,boolean isEncode){
+        try {
+            KeyGenerator kg = KeyGenerator.getInstance(algorithm);
+            SecureRandom random = SecureRandom.getInstance(SIGN_ALGORITHMS);
+            if (keysize == 0) {
+                byte[] keyBytes = charset==null?key.getBytes():key.getBytes(charset);
+                random.setSeed(keyBytes);
+                kg.init(random);
+            }else if (key==null) {
+                kg.init(keysize);
+            }else {
+                byte[] keyBytes = charset==null?key.getBytes():key.getBytes(charset);
+                random.setSeed(keyBytes);
+                kg.init(keysize, random);
+            }
+            SecretKey sk = kg.generateKey();
+            SecretKeySpec sks = new SecretKeySpec(sk.getEncoded(), algorithm);
+            Cipher cipher = Cipher.getInstance(algorithm);
+            if (isEncode) {
+                cipher.init(Cipher.ENCRYPT_MODE, sks);
+                byte[] resBytes = charset==null?res.getBytes():res.getBytes(charset);
+                return parseByte2HexStr(cipher.doFinal(resBytes));
+            }else {
+                cipher.init(Cipher.DECRYPT_MODE, sks);
+                return new String(cipher.doFinal(parseHexStr2Byte(res)));
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+
+    /**将二进制转换成16进制 */
+    public static String parseByte2HexStr(byte buf[]) {
+        StringBuffer sb = new StringBuffer();
+        for (int i = 0; i < buf.length; i++) {
+            String hex = Integer.toHexString(buf[i] & 0xFF);
+            if (hex.length() == 1) {
+                hex = '0' + hex;
+            }
+            sb.append(hex.toUpperCase());
+        }
+        return sb.toString();
+    }
+    /**将16进制转换为二进制*/
+    public static byte[] parseHexStr2Byte(String hexStr) {
+        if (hexStr.length() < 1) {
+            return null;
+        }
+        byte[] result = new byte[hexStr.length()/2];
+        for (int i = 0;i< hexStr.length()/2; i++) {
+            int high = Integer.parseInt(hexStr.substring(i*2, i*2+1), 16);
+            int low = Integer.parseInt(hexStr.substring(i*2+1, i*2+2), 16);
+            result[i] = (byte) (high * 16 + low);
+        }
+        return result;
+    }
+
 }

suishenbang-wxportal/suishenbang-wxportal-api/src/main/java/com/dgtly/wxportal/controller/WxController.java

@@ -33,6 +33,9 @@ import org.springframework.web.bind.annotation.*;
 import java.util.*;
 import java.util.stream.Collectors;
 
+import static com.dgtly.common.utils.bean.EnDecoderUtil.DESdecode;
+import static com.dgtly.common.utils.bean.EnDecoderUtil.DESencode;
+
 
 @Api(tags = "企业微信相关API", description = "提供企业微信相关的AP")
 @RequestMapping("wx")
@@ -562,7 +565,7 @@ public class WxController extends ApiBaseController {
      * @author: njs
      * @date: 2023/5/4 9:30
      */
-    @ApiOperation(value = "根据账户密码获取用户信息",notes = "参数：{'username':'1','token':'xxx'}" +
+    @ApiOperation(value = "根据账户密码获取用户信息",notes = "参数：{'token':'xxx','callbackUrl':'xxx'}" +
             " 错误：303 无识别令牌" +
             "错误：302  查无此人")
     @ApiImplicitParams({
@@ -571,18 +574,23 @@ public class WxController extends ApiBaseController {
     @PostMapping("/getUserBmdByNameAndToken")
     public Object getUserBmdByNameAndToken(){
         ParameterObject obj =  getParameterObject();
-        obj.checkParameterNotNull("username,token");
-        String username = obj.getString("username");
+        obj.checkParameterNotNull("token");
         String token = obj.getString("token");
-        byte[] toByte = HexUtils.toByteArray(username);
-        byte[] base64Decrypt = EnDecoderUtil.base64Decrypt(toByte);
-        String name=new String(base64Decrypt);
+        String callbackUrl = obj.getString("callbackUrl");
+        Map result=new HashMap();
+        if(callbackUrl !=null && !("").equals(callbackUrl) ){
+            result.put("callbackUrl", callbackUrl);
+        }
+        if(token ==null || ("").equals(token) ){
+            return AjaxResult.error(303,"无识别令牌",result);
+        }
+        String name=DESdecode(token,"SSB2023BMD");
+        if(name==null || ("").equals(name)){
+            return AjaxResult.error(302,"查无此人",result);
+        }
         SysUser user = sysUserService.selectUserByLoginName(name);
         if(user==null){
-            return AjaxResult.error(302,"查无此人");
-        }
-        if(token ==null || ("").equals(token) || !("bmdCustomer").equals(token)){
-            return AjaxResult.error(303,"无识别令牌");
+            return AjaxResult.error(302,"查无此人",result);
         }
        // String pass = EncryptPassWordClass.encryptPassword(user.getLoginName(),user.getLoginName(),user.getSalt());
         List<Ztree>  author = sysUserOrderAuthorService.userAuthorTreeDataFmt(user.getUserId());
@@ -594,7 +602,7 @@ public class WxController extends ApiBaseController {
                 user.setAuthorType("DIY");//默认diy
             }
             user.setAuthor(author);
-            return AjaxResult.success().putKV("sysUser",user);
+            return AjaxResult.success().putKV("sysUser",user).putKV("callbackUrl", callbackUrl);
     }
 
 }