taoke_autopay_server.git

			@@ -1,19 +1,19 @@
			package com.taoke.autopay.controller;

			import com.google.gson.Gson;
			import com.taoke.autopay.dto.DYOrderDto;
			import com.taoke.autopay.dto.WXAppInfoDto;
			import com.taoke.autopay.entity.KeyOrder;
			import com.taoke.autopay.entity.SystemConfigKeyEnum;
			import com.taoke.autopay.entity.WxUserInfo;
			import com.taoke.autopay.exception.KeyOrderException;
			import com.taoke.autopay.exception.KeyVerifyException;
			import com.taoke.autopay.exception.WxOrderCountException;
			import com.taoke.autopay.factory.OrderFactory;
			import com.taoke.autopay.service.KeyOrderService;
			import com.taoke.autopay.service.SystemConfigService;
			import com.taoke.autopay.service.WxUserOrderCountService;
			import com.taoke.autopay.service.WxUserService;
			import com.taoke.autopay.utils.*;
			import com.taoke.autopay.vo.SubmitKeyInfo;
			import net.sf.json.JSONArray;
			import net.sf.json.JSONObject;
			import org.slf4j.Logger;
			import org.slf4j.LoggerFactory;
			@@ -23,15 +23,11 @@
			import org.yeshi.utils.UrlUtils;

			import javax.annotation.Resource;
			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import javax.servlet.http.HttpSession;
			import java.io.IOException;
			import java.io.PrintWriter;
			import java.math.BigDecimal;
			import java.util.Date;
			import java.util.HashSet;
			import java.util.List;
			import java.util.Set;
			import java.util.*;

			@Controller
			@RequestMapping("webapi")
			@@ -39,6 +35,8 @@
			Logger logger = LoggerFactory.getLogger(WebApiController.class);

			Logger wxLogger = LoggerFactory.getLogger("wxLogger");

			Logger verifyLogger = LoggerFactory.getLogger("keyVerifyLogger");


			@Resource
			@@ -53,7 +51,7 @@
			@ResponseBody
			@RequestMapping(value = "submitKey")
			public String submitKey(String key) {
			if(1>0){
			if (1 > 0) {
			return JsonUtil.loadFalseResult(0, "接口已关闭");
			}
			if (StringUtil.isNullOrEmpty(key)) {
			@@ -82,7 +80,48 @@
			}
			}

			private void addKey(SubmitKeyInfo keyInfo, Long wxUid) throws KeyOrderException, WxOrderCountException {
			private void addKey(SubmitKeyInfo keyInfo, Long wxUid) throws KeyVerifyException, KeyOrderException, WxOrderCountException {
			// 解析链接
			List<String> urllist = UrlUtils.parseUrlsFromText(keyInfo.getKey());


			String verifyAlipayKey = systemConfigService.getValueCache(SystemConfigKeyEnum.ALIPAY_KEY_VERIFY);
			if (verifyAlipayKey != null && verifyAlipayKey.trim().equalsIgnoreCase("1")) {
			try {
			// 需要验证支付宝口令
			if (urllist.size() < 1) {
			throw new Exception("口令中不包含链接");
			}
			AlipayOrderUtil.AlipayOrderTradeInfo tradeInfo = AlipayOrderUtil.getTradeInfo(urllist.get(0));
			String orderStatus = "";
			switch (tradeInfo.getStatus()) {
			case AlipayOrderUtil.AlipayOrderTradeInfo.STATUS_CANCELED:
			orderStatus = "订单已取消";
			break;
			case AlipayOrderUtil.AlipayOrderTradeInfo.STATUS_PAY:
			orderStatus = "订单已支付";
			break;
			case AlipayOrderUtil.AlipayOrderTradeInfo.STATUS_NOT_PAY:
			orderStatus = "订单未支付";
			break;
			}
			if (tradeInfo == null) {
			throw new Exception("口令内容获取失败");
			}
			// 验证内容
			DYOrderDto dto = keyOrderService.verifyKey(tradeInfo.getGoodsTitle(), orderStatus, tradeInfo.getItemRealAmount(), wxUid);
			} catch (KeyVerifyException ee) {
			try {
			verifyLogger.warn("校验不通过：【{}】-{}", keyInfo.getKey(), ee.getMessage());
			} catch (Exception e) {
			}
			throw ee;
			} catch (Exception e) {
			throw new KeyVerifyException(KeyVerifyException.CODE_COMMON, e.getMessage());
			}
			}


			KeyOrder order = keyOrderService.addKeyOrder(keyInfo, wxUid, TimeUtil.getGernalTime(System.currentTimeMillis(), "yyyyMMdd"));
			Long uid = keyOrderService.getCanDistributeUid();
			if (uid != null) {
			@@ -96,15 +135,26 @@

			}

			private void verifySubmitKey(String key) throws Exception {
			List<String> urllist = UrlUtils.parseUrlsFromText(key);
			if (urllist.isEmpty() \|\| !urllist.get(0).contains("ur.alipay.com")) {
			throw new Exception("不包含支付宝链接");
			}
			if (!key.contains("支付宝")) {
			throw new Exception("没包含支付宝汉字");
			}
			}

			@ResponseBody
			@RequestMapping(value = "submitKeyV2")
			public String submitKeyV2(SubmitKeyInfo keyInfo, HttpSession session) {
			WxUserInfo user = (WxUserInfo) session.getAttribute(Constant.SESSION_KEY_USER);
			if (StringUtil.isNullOrEmpty(keyInfo.getKey())) {
			return JsonUtil.loadFalseResult(0, "请上传key");
			return JsonUtil.loadFalseResult("请上传key");
			}
			List<String> urllist = UrlUtils.parseUrlsFromText(keyInfo.getKey());
			if (urllist.isEmpty() \|\| !urllist.get(0).contains("ur.alipay.com")) {
			try {
			verifySubmitKey(keyInfo.getKey());
			} catch (Exception e) {
			return JsonUtil.loadFalseResult("支付宝口令不正确");
			}

			@@ -131,55 +181,54 @@
			e.printStackTrace();
			return JsonUtil.loadFalseResult(e.getMessage());
			} catch (WxOrderCountException e) {
			return JsonUtil.loadFalseResult(e.getMessage());
			} catch (KeyVerifyException e) {
			switch (e.getCode()) {
			case KeyVerifyException.CODE_KEY_MONEY_NOT_MATCH:
			return JsonUtil.loadFalseResult("该笔订单有误，不予提交");
			case KeyVerifyException.CODE_ORDER_MONEY_NOT_MATCH:
			return JsonUtil.loadFalseResult("提交金额不匹配");
			}
			logger.debug("口令验证结果异常：{}-{}", keyInfo.getKey(), e.getMessage());
			return JsonUtil.loadFalseResult(e.getMessage());
			}
			}

			/**
			* @return java.lang.String
			* @author hxh
			* @description 带口令与金额的口令提交接口
			* @date 0:12 2024/7/9
			* @param: keyInfo
			* @param: session
			* @return java.lang.String
			**/
			@ResponseBody
			@RequestMapping(value = "submitKeyV3")
			public String submitKeyV3(SubmitKeyInfo keyInfo, HttpSession session) {
			public String submitKeyV3(SubmitKeyInfo keyInfo, HttpSession session, HttpServletRequest request) {
			String referer = request.getHeader("Referer");
			keyInfo.setReferer(referer);
			WxUserInfo user = (WxUserInfo) session.getAttribute(Constant.SESSION_KEY_USER);
			if (StringUtil.isNullOrEmpty(keyInfo.getKey())) {
			return JsonUtil.loadFalseResult(0, "请上传key");
			return JsonUtil.loadFalseResult("请上传key");
			}
			if (StringUtil.isNullOrEmpty(keyInfo.getMoney())) {
			return JsonUtil.loadFalseResult(0, "请上传money");
			}
			List<String> urllist = UrlUtils.parseUrlsFromText(keyInfo.getKey());
			if (urllist.isEmpty() \|\| !urllist.get(0).contains("ur.alipay.com")) {
			// if (StringUtil.isNullOrEmpty(keyInfo.getMoney())) {
			// return JsonUtil.loadFalseResult("请上传money");
			// }
			try {
			verifySubmitKey(keyInfo.getKey());
			} catch (Exception e) {
			return JsonUtil.loadFalseResult("支付宝口令不正确");
			}
			// 验证提交时间
			String timeStr = systemConfigService.getValueCache(SystemConfigKeyEnum.KEY_SUBMIT_TIME_RANGE);
			if(StringUtil.isNullOrEmpty(timeStr)){
			String timeStr = systemConfigService.getValueCache(SystemConfigKeyEnum.KEY_SUBMIT_TIME_RANGE);
			if (StringUtil.isNullOrEmpty(timeStr)) {
			return JsonUtil.loadFalseResult("尚未配置生效时间");
			}
			String startTime = timeStr.split(",")[0].trim().replace(":","");
			String endTime = timeStr.split(",")[1].trim().replace(":","");
			String now = TimeUtil.getGernalTime(System.currentTimeMillis(),"HHmmss");
			if(Integer.parseInt(now)<Integer.parseInt(startTime)\|\|Integer.parseInt(now)>Integer.parseInt(endTime)){
			return JsonUtil.loadFalseResult(String.format("口令提交时间段为：%s-%s",timeStr.split(",")[0],timeStr.split(",")[1]));
			}
			// 验证提交的金额是否正确
			String moneyStr = systemConfigService.getValueCache(SystemConfigKeyEnum.PAY_MONEY_LIST);
			if(StringUtil.isNullOrEmpty(moneyStr)){
			return JsonUtil.loadFalseResult("尚未配置金额");
			}
			JSONArray array=JSONArray.fromObject(moneyStr);
			Set<String> moneySet=new HashSet<>();
			for(int i=0;i<array.size();i++){
			moneySet.add(MoneyUtil.getMoneyStr(new BigDecimal(array.optString(i))));
			}
			if(!moneySet.contains(MoneyUtil.getMoneyStr(new BigDecimal(keyInfo.getMoney())))){
			return JsonUtil.loadFalseResult("提交金额不符合要求");
			String startTime = timeStr.split(",")[0].trim().replace(":", "");
			String endTime = timeStr.split(",")[1].trim().replace(":", "");
			String now = TimeUtil.getGernalTime(System.currentTimeMillis(), "HHmmss");
			if (Integer.parseInt(now) < Integer.parseInt(startTime) \|\| Integer.parseInt(now) > Integer.parseInt(endTime)) {
			return JsonUtil.loadFalseResult(String.format("口令提交时间段为：%s-%s", timeStr.split(",")[0], timeStr.split(",")[1]));
			}
			if (user == null) {
			// 先保存KEY
			@@ -204,23 +253,118 @@
			return JsonUtil.loadFalseResult(e.getMessage());
			} catch (WxOrderCountException e) {
			return JsonUtil.loadFalseResult(e.getMessage());
			} catch (KeyVerifyException e) {
			logger.debug("口令校验失败：{}-{}-{}", keyInfo.getKey(), e.getCode(), e.getMessage());
			switch (e.getCode()) {
			case KeyVerifyException.CODE_KEY_MONEY_NOT_MATCH:
			return JsonUtil.loadFalseResult("该笔订单有误，不予提交");
			case KeyVerifyException.CODE_ORDER_MONEY_NOT_MATCH:
			return JsonUtil.loadFalseResult("提交金额不匹配");
			}
			return JsonUtil.loadFalseResult(e.getMessage());
			}
			}

			@ResponseBody
			@RequestMapping(value = "submitKeyV4")
			public String submitKeyV4(SubmitKeyInfo keyInfo, HttpSession session, HttpServletRequest request) {
			String referer = request.getHeader("Referer");
			keyInfo.setReferer(referer);
			WxUserInfo user = (WxUserInfo) session.getAttribute(Constant.SESSION_KEY_USER);
			if (StringUtil.isNullOrEmpty(keyInfo.getKey())) {
			return JsonUtil.loadFalseResult("请上传key");
			}

			try {
			verifySubmitKey(keyInfo.getKey());
			} catch (Exception e) {
			return JsonUtil.loadFalseResult("支付宝口令不正确");
			}
			// 验证提交时间
			String timeStr = systemConfigService.getValueCache(SystemConfigKeyEnum.KEY_SUBMIT_TIME_RANGE);
			if (StringUtil.isNullOrEmpty(timeStr)) {
			return JsonUtil.loadFalseResult("尚未配置生效时间");
			}
			String startTime = timeStr.split(",")[0].trim().replace(":", "");
			String endTime = timeStr.split(",")[1].trim().replace(":", "");
			String now = TimeUtil.getGernalTime(System.currentTimeMillis(), "HHmmss");
			if (Integer.parseInt(now) < Integer.parseInt(startTime) \|\| Integer.parseInt(now) > Integer.parseInt(endTime)) {
			return JsonUtil.loadFalseResult(String.format("口令提交时间段为：%s-%s", timeStr.split(",")[0], timeStr.split(",")[1]));
			}

			if (user == null) {
			// 先保存KEY
			session.setAttribute(Constant.SESSION_KEY_TEMP_ALIPAY_KEY, keyInfo);
			wxLogger.info("微信没有授权:" + session.getId());
			String redictLink = systemConfigService.getValueCache(SystemConfigKeyEnum.WX_REDIRECT_LINK);
			if (StringUtil.isNullOrEmpty(redictLink)) {
			return JsonUtil.loadFalseResult("无法获取到授权链接");
			}

			redictLink = redictLink.replace("snsapi_base", "snsapi_userinfo");
			// 没有登录，返回登录链接
			JSONObject root = new JSONObject();
			root.put("link", redictLink);
			return JsonUtil.loadTrueResult(Constant.RESULT_CODE_NEED_LOGIN, root);
			}
			wxLogger.info("微信有授权:" + session.getId());
			try {
			addKey(keyInfo, user.getId());
			return JsonUtil.loadTrueResult("");
			} catch (KeyOrderException e) {
			e.printStackTrace();
			return JsonUtil.loadFalseResult(e.getMessage());
			} catch (WxOrderCountException e) {
			return JsonUtil.loadFalseResult(e.getMessage());
			} catch (KeyVerifyException e) {
			LogUtil.loggerDebug.debug("口令校验失败：{}-{}-{}", keyInfo.getKey(), e.getCode(), e.getMessage());
			switch (e.getCode()) {
			case KeyVerifyException.CODE_KEY_MONEY_NOT_MATCH:
			return JsonUtil.loadFalseResult("该笔订单有误，不予提交");
			case KeyVerifyException.CODE_ORDER_MONEY_NOT_MATCH:
			return JsonUtil.loadFalseResult("提交金额不匹配");
			}
			return JsonUtil.loadFalseResult(e.getMessage());
			}
			}


			@RequestMapping(value = "wxLogin")
			public void wxLogin(String code, String state, HttpServletResponse response, HttpSession session) throws IOException {
			public void wxLogin(String code, String state, HttpServletRequest request, HttpServletResponse response, HttpSession session) throws IOException {
			// 根据code获取openid
			wxLogger.info("微信授权回调：{} code-{}", session.getId(), code);
			SubmitKeyInfo alipayKeyInfo = (SubmitKeyInfo) session.getAttribute(Constant.SESSION_KEY_TEMP_ALIPAY_KEY);
			wxLogger.info("微信授权回调：{} code-{} referer-{}", session.getId(), code, alipayKeyInfo.getReferer());
			String failLink = systemConfigService.getValueCache(SystemConfigKeyEnum.WX_LOGIN_FAIL_LINK);
			String referer = alipayKeyInfo.getReferer();

			try {
			WXAppInfoDto wxApp = systemConfigService.getWxAppInfoCache();
			String successLink = systemConfigService.getValueCache(SystemConfigKeyEnum.WX_LOGIN_SUCCESS_LINK);
			if (!StringUtil.isNullOrEmpty(referer)) {
			Map<String, String> params = HttpUtil.getPramsFromUrl(referer);
			params.put("state", "SUCCESS");
			successLink = HttpUtil.getWholeUrl(HttpUtil.getUrlWithoutParams(referer), params);
			}

			WxApiUtil.WXAccessTokenInfo tokenInfo = WxApiUtil.getAcessTokenInfo(code, wxApp);
			if (tokenInfo != null && !StringUtil.isNullOrEmpty(tokenInfo.getOpenid())) {
			WxUserInfo user = wxUserService.login(tokenInfo.getOpenid());
			WxApiUtil.WXUserInfo wxUserInfo = null;
			if (tokenInfo.getScope() != null && tokenInfo.getScope().contains("snsapi_userinfo")) {
			try {
			wxUserInfo = WxApiUtil.getUserInfo(tokenInfo.getAccess_token(), tokenInfo.getOpenid());
			wxLogger.info("解析结果", new Gson().toJson(wxUserInfo));
			} catch (Exception e) {
			wxLogger.error("解析出错", e);
			}
			}
			if (wxUserInfo == null) {
			wxUserInfo = new WxApiUtil.WXUserInfo();
			wxUserInfo.setOpenid(tokenInfo.getOpenid());
			}
			WxUserInfo user = wxUserService.login(wxUserInfo);
			session.setAttribute(Constant.SESSION_KEY_USER, user);
			wxLogger.info("微信保存用户信息：{} id-{}", session.getId(), user.getId());
			SubmitKeyInfo alipayKeyInfo = (SubmitKeyInfo) session.getAttribute(Constant.SESSION_KEY_TEMP_ALIPAY_KEY);

			wxLogger.info("从session读取到key：{}", alipayKeyInfo);
			if (alipayKeyInfo != null) {
			addKey(alipayKeyInfo, user.getId());
			@@ -231,6 +375,11 @@
			} catch (Exception e) {
			e.printStackTrace();
			wxLogger.error("授权失败：{}", e.getMessage());
			if (!StringUtil.isNullOrEmpty(referer)) {
			Map<String, String> params = HttpUtil.getPramsFromUrl(referer);
			params.put("state", "FAIL");
			failLink = HttpUtil.getWholeUrl(HttpUtil.getUrlWithoutParams(referer), params);
			}
			}
			response.sendRedirect(failLink);
			}