jar
<dependency>
<groupId>org.bitcoinj</groupId>
<artifactId>bitcoinj-core</artifactId>
<version>0.15</version>
</dependency>
demo
import okio.ByteString;
import org.bitcoinj.core.ECKey;
import org.bitcoinj.core.Sha256Hash;
import org.bitcoinj.core.SignatureDecodeException;
public class T {
private static String pri_key = "44fd13e8ff8ab3de017520197c5431d3f38ede1911a87dd372cf34984e33b678";
private static String pub_key = "03e4ed8c32ab01ff4572526bbeae3cfcf9ca5554d6ab41e4fb1eb59d7eee4d8e55";
//公 私
public static void test() {
ECKey key = new ECKey();
String privHex = bytes2Hex(key.getPrivKeyBytes());
String pubHex = bytes2Hex(key.getPubKey());
System.out.println("private key: " + privHex + "; public key: " + pubHex);
}
public static void main(String[] args) throws SignatureDecodeException {
String date = "date";
String s = generateHmac256Signature(date, pri_key);
System.out.println(s);
boolean b = verifyResponse(date, s, pub_key);
System.out.println(b);
}
//生成签名
private static String generateHmac256Signature(String content, String key) {
ByteString k = ByteString.of(key.getBytes());
return ByteString.of(content.getBytes()).hmacSha256(k).hex();
}
//验签
private static boolean verifyResponse(String content, String sig, String pubkey) throws SignatureDecodeException {
ECKey key = ECKey.fromPublicOnly(hex2bytes(pubkey));
return key.verify(doubleSha256(content), hex2bytes(sig));
}
private static byte[] doubleSha256(String content) {
return Sha256Hash.hashTwice(content.getBytes());
}
private static byte[] hex2bytes(String s) {
return ByteString.decodeHex(s).toByteArray();
}
private static String bytes2Hex(byte[] b) {
return ByteString.of(b).hex();
}
}
小程序 微信授权
小程序拉起小程序会,微信会返回一个token,前台将token返回后台,后台那此token换取微信的openId
/***
* @Description
* @param code: token
* @param avatarUrl: 头像URL
* @param nickName: 昵称
* @param gender: xingbie
* @return java.lang.Object
* wx.appid=wxxxx9d335746xxxxx
* wx.secret=xxxxfb62034fb63874adc38aefxxxxxx
* wx.jscode2session=https://api.weixin.qq.com/sns/jscode2session?appid=%s&secret=%s&js_code=%s&
*/
@PostMapping("/login")
public Object login(@RequestParam(value = "code" ,required = false) String code,
@RequestParam(value = "avatarUrl" ,required = false) String avatarUrl,
@RequestParam(value = "nickName" ,required = false) String nickName,
@RequestParam(value = "gender" ,defaultValue = "1") Integer gender){
String cUrl = String.format(jscode2session, appId, secret, code);
String res = OkHttpUtil.getIntance().get(cUrl);
JSONObject jsonObject = JSON.parseObject(res);
if (jsonObject == null || !jsonObject.containsKey("openid")) {
throw new ApiRuntimeException(InfoCode.AUTH_FAIL);
}
try {
String openId = jsonObject.getString("openid");
UserDto user = userService.findByOpenId(openId);
if(user == null){
// TODO 注册
}
String k = "shop_uid_" + user.getId();
String token = UUID.randomUUID().toString();//自定义TOKEN ,保护用户数据
stringRedisTemplate.opsForValue().set(k , token ,tokenExpire ,TimeUnit.SECONDS);
return new HashMap<String, Object>(5) {
{
put("uid", user.getId());
put("token", token);//
put("nickName", nickName);
put("gender", gender);
put("avatarUrl", avatarUrl);
}
};
} catch (ServiceException e) {
logger.error("注册用户失败 e =" ,e);
throw new ApiRuntimeException(InfoCode.FAIL, e.getMsg());
} catch (ApiRuntimeException e){
throw e;
}catch (Exception e){
throw new ApiRuntimeException(InfoCode.SERVICE_UNAVAILABLE);
}
}