1.支付宝授权 为了私钥公钥 pid appid等敏感信息存在客户端 在此方法中返回信息
@ApiOperation(notes = "/alipayAuth", httpMethod = "GET", value = "支付宝登录授权")
@RequestMapping(value = "/alipayAuth", method = RequestMethod.GET, produces = {"application/json;charset=UTF-8"})
@ResponseBody
public BaseResult alipayAuth() {
try {
String pid = ApiConstant.ALIPAY_PID;
String target_id = CipherUtil.buildAESKey(32);
//拼接返回客户端参数
String suthStr = "apiname=com.alipay.account.auth&app_id="+ApiConstant.ALIPAY_APPID+"&app_name=mc&auth_type=AUTHACCOUNT" +
"&biz_type=openservice&method=alipay.open.auth.sdk.code.get&pid="+pid+
"&product_id=APP_FAST_LOGIN&scope=kuaijie&sign_type=RSA2&target_id="+target_id;
String sign = AlipaySignature.rsaSign(suthStr, ApiConstant.ALIPAY_PRIVATE_KEY, "UTF-8", "RSA2");
suthStr = suthStr+"&sign="+URLEncoder.encode(sign);
return new BaseResult(OperationStatus.SUCCESS, suthStr);
} catch (Exception e) {
e.printStackTrace();
}
return new BaseResult();
}
CipherUtil
public static String buildAESKey(int length) {
String base = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
Random random = new Random();
StringBuffer sb = new StringBuffer();
for (int i = 0; i < length; i++) {
int number = random.nextInt(base.length());
sb.append(base.charAt(number));
}
return sb.toString();
}
2.获取支付宝用户信息 、
注意坑::此处公钥为支付宝公钥 不是应用公钥
具体参考:https://blog.csdn.net/qq_21727627/article/details/78225770
/**
* 根据token获取用户信息
* @param alipayToken
* @return
*/
private AlipayUserInfoDto getAlipayUserInfo(AlipayTokenDto alipayToken) {
try{
AlipayClient alipayClient = new DefaultAlipayClient(ApiConstant.ALIPAY_URL,ApiConstant.ALIPAY_APPID,
ApiConstant.ALIPAY_PRIVATE_KEY,"json","UTF-8",ApiConstant.ALIPAY_PUBLIC_KEY,"RSA2");
AlipayUserInfoShareRequest request = new AlipayUserInfoShareRequest();
AlipayUserInfoShareResponse response = alipayClient.execute(request,alipayToken.getAccess_token());
if(response.isSuccess()){
AlipayUserInfoDto alipayUserInfoDto = new AlipayUserInfoDto(response);
return alipayUserInfoDto;
} else {
LOGGER.info("获取用户信息失败");
}
}catch (AlipayApiException e){
LOGGER.info("获取用户信息失败",e);
}
return null;
}
/**
* 通过code获取支付宝 access_token
* @param code
* @return
*/
private AlipayTokenDto getAlipayToken(String code) {
try {
AlipayClient alipayClient = new DefaultAlipayClient(ApiConstant.ALIPAY_URL,ApiConstant.ALIPAY_APPID,
ApiConstant.ALIPAY_PRIVATE_KEY,"json","UTF-8",ApiConstant.ALIPAY_PUBLIC_KEY,"RSA2");
AlipaySystemOauthTokenRequest request = new AlipaySystemOauthTokenRequest();
request.setGrantType("authorization_code");
request.setCode(code);
AlipaySystemOauthTokenResponse response = alipayClient.execute(request);
if(response.isSuccess()){
AlipayTokenDto alipayTokenDto = new AlipayTokenDto(response);
return alipayTokenDto;
} else {
LOGGER.info("支付宝登录 获取alipayToken为空");
}
} catch (Exception e) {
LOGGER.info("支付宝登录 获取alipayToken失败",e);
}
return null;
}
3.具体登录方法
@ApiOperation(notes = "/alipaylogin", httpMethod = "GET", value = "支付宝登录")
@RequestMapping(value = "/alipaylogin", method = RequestMethod.GET, produces = {"application/json;charset=UTF-8"})
@ResponseBody
public BaseResult alipayLogin(@ApiParam(value = "code") String code) {
try{
if (StringUtils.isBlank(code)) {
return new BaseResult();
}
AlipayTokenDto alipayToken = getAlipayToken(code);
if (alipayToken == null) {
return new BaseResult();
}
AlipayUserInfoDto userInfoDto = getAlipayUserInfo(alipayToken);
if (userInfoDto == null) {
return new BaseResult();
}
UserLoginAccount userLoginAccount = userService.getByIdentifier(userInfoDto.getUser_id(), IdentityType.ALIPAY);
/**
* 用户没有注册,开始注册流程
*/
User user = null;
if (userLoginAccount == null) {
user = userService.registerAlipay(userInfoDto);
if (user == null) {
LOGGER.error("登录失败 服务器内部错误", userInfoDto.getNick_name());
return new BaseResult(OperationStatus.ERROR_SERVICE);
}
String token = JwtTokenUtil.encodeToken(user.getId());
userCloudManager.setUserToken(user.getId(), token);
userCloudManager.setCurrentLoginType(user.getId(), CurrentLoginType.ALIPAY.getType());
return BaseResult.newSuccess(token);
}
String token = JwtTokenUtil.encodeToken(userLoginAccount.getUser_id());
userCloudManager.setUserToken(userLoginAccount.getUser_id(), token);
userCloudManager.setCurrentLoginType(userLoginAccount.getUser_id(), CurrentLoginType.ALIPAY.getType());
return BaseResult.newSuccess(token);
}catch (Exception e) {
LOGGER.error("登录失败 服务器内部错误", e);
}
return new BaseResult(OperationStatus.RETRY);
}
import com.alipay.api.response.AlipaySystemOauthTokenResponse;
import lombok.Data;
import java.io.Serializable;
/**
* @author
* @date 19-3-29 下午2:07
* 支付宝登录返回token
*/
@Data
public class AlipayTokenDto implements Serializable{
private static final long serialVersionUID = 8031542656532093391L;
/**
* 支付宝用户的唯一userId
*/
private String user_id;
/**
* 访问令牌。通过该令牌调用需要授权类接口
*/
private String access_token;
/**
* 访问令牌的有效时间,单位是秒。
*/
private String expires_in;
/**
* 刷新令牌。通过该令牌可以刷新access_token
*/
private String refresh_token;
/**
* 刷新令牌的有效时间,单位是秒。
*/
private String re_expires_in;
public AlipayTokenDto() {
}
public AlipayTokenDto(AlipaySystemOauthTokenResponse response) {
this.user_id = response.getUserId();
this.access_token = response.getAccessToken();
this.expires_in = response.getExpiresIn();
this.refresh_token = response.getRefreshToken();
this.re_expires_in = response.getReExpiresIn();
}
}
702
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
