package com.taoke.autopay.controller; import com.google.gson.Gson; import com.taoke.autopay.dto.DYOrderDto; import com.taoke.autopay.dto.WXAppInfoDto; import com.taoke.autopay.entity.KeyOrder; import com.taoke.autopay.entity.SystemConfigKeyEnum; import com.taoke.autopay.entity.WxUserInfo; import com.taoke.autopay.exception.KeyOrderException; import com.taoke.autopay.exception.KeyVerifyException; import com.taoke.autopay.exception.WxOrderCountException; import com.taoke.autopay.service.KeyOrderService; import com.taoke.autopay.service.SystemConfigService; import com.taoke.autopay.service.WxUserService; import com.taoke.autopay.utils.*; import com.taoke.autopay.vo.SubmitKeyInfo; import net.sf.json.JSONObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import org.yeshi.utils.UrlUtils; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; import java.util.*; @Controller @RequestMapping("webapi") public class WebApiController { Logger logger = LoggerFactory.getLogger(WebApiController.class); Logger wxLogger = LoggerFactory.getLogger("wxLogger"); Logger verifyLogger = LoggerFactory.getLogger("keyVerifyLogger"); @Resource private KeyOrderService keyOrderService; @Resource private WxUserService wxUserService; @Resource private SystemConfigService systemConfigService; @ResponseBody @RequestMapping(value = "submitKey") public String submitKey(String key) { if(1>0){ return JsonUtil.loadFalseResult(0, "接口已关闭"); } if (StringUtil.isNullOrEmpty(key)) { return JsonUtil.loadFalseResult(0, "请上传key"); } List urllist = UrlUtils.parseUrlsFromText(key); if (urllist.isEmpty() || !urllist.get(0).contains("ur.alipay.com")) { return JsonUtil.loadFalseResult("支付宝口令不正确"); } try { KeyOrder order = keyOrderService.addKeyOrder(new SubmitKeyInfo(key), null, TimeUtil.getGernalTime(System.currentTimeMillis(), "yyyyMMdd")); Long uid = keyOrderService.getCanDistributeUid(); if (uid != null) { KeyOrder orderUpdate = new KeyOrder(); orderUpdate.setId(order.getId()); orderUpdate.setDistributeClientUid(uid); orderUpdate.setDistributeTime(new Date()); keyOrderService.update(orderUpdate); } return JsonUtil.loadTrueResult(""); } catch (KeyOrderException e) { e.printStackTrace(); return JsonUtil.loadFalseResult(e.getMessage()); } catch (WxOrderCountException e) { return JsonUtil.loadFalseResult("今日超过最大提交次数"); } } private void addKey(SubmitKeyInfo keyInfo, Long wxUid) throws KeyVerifyException, KeyOrderException, WxOrderCountException { // 解析链接 List urllist = UrlUtils.parseUrlsFromText(keyInfo.getKey()); String verifyAlipayKey = systemConfigService.getValueCache(SystemConfigKeyEnum.ALIPAY_KEY_VERIFY); if(verifyAlipayKey!=null&&verifyAlipayKey.trim().equalsIgnoreCase("1")) { try { // 需要验证支付宝口令 if (urllist.size() < 1) { throw new Exception("口令中不包含链接"); } AlipayOrderUtil.AlipayOrderTradeInfo tradeInfo = AlipayOrderUtil.getTradeInfo(urllist.get(0)); String orderStatus = ""; switch (tradeInfo.getStatus()) { case AlipayOrderUtil.AlipayOrderTradeInfo.STATUS_CANCELED: orderStatus = "订单已取消"; break; case AlipayOrderUtil.AlipayOrderTradeInfo.STATUS_PAY: orderStatus = "订单已支付"; break; case AlipayOrderUtil.AlipayOrderTradeInfo.STATUS_NOT_PAY: orderStatus = "订单未支付"; break; } if (tradeInfo == null) { throw new Exception("口令内容获取失败"); } // 验证内容 DYOrderDto dto = keyOrderService.verifyKey(tradeInfo.getGoodsTitle(), orderStatus, tradeInfo.getItemRealAmount()); }catch(KeyVerifyException ee){ try { verifyLogger.warn("校验不通过：【{}】-{}", keyInfo.getKey(), ee.getMessage()); }catch(Exception e){ } throw ee; } catch(Exception e){ throw new KeyVerifyException(KeyVerifyException.CODE_COMMON, e.getMessage()); } } KeyOrder order = keyOrderService.addKeyOrder(keyInfo, wxUid, TimeUtil.getGernalTime(System.currentTimeMillis(), "yyyyMMdd")); Long uid = keyOrderService.getCanDistributeUid(); if (uid != null) { KeyOrder orderUpdate = new KeyOrder(); orderUpdate.setId(order.getId()); orderUpdate.setDistributeClientUid(uid); orderUpdate.setDistributeTime(new Date()); keyOrderService.update(orderUpdate); } } private void verifySubmitKey(String key) throws Exception{ List urllist = UrlUtils.parseUrlsFromText(key); if (urllist.isEmpty() || !urllist.get(0).contains("ur.alipay.com")) { throw new Exception("不包含支付宝链接"); } if(!key.contains("支付宝")){ throw new Exception("没包含支付宝汉字"); } } @ResponseBody @RequestMapping(value = "submitKeyV2") public String submitKeyV2(SubmitKeyInfo keyInfo, HttpSession session) { WxUserInfo user = (WxUserInfo) session.getAttribute(Constant.SESSION_KEY_USER); if (StringUtil.isNullOrEmpty(keyInfo.getKey())) { return JsonUtil.loadFalseResult("请上传key"); } try{ verifySubmitKey(keyInfo.getKey()); }catch (Exception e){ return JsonUtil.loadFalseResult("支付宝口令不正确"); } if (user == null) { // 先保存KEY // SESSION_KEY_TEMP_ALIPAY_KEY session.setAttribute(Constant.SESSION_KEY_TEMP_ALIPAY_KEY, keyInfo); wxLogger.info("微信没有授权:" + session.getId()); String redictLink = systemConfigService.getValueCache(SystemConfigKeyEnum.WX_REDIRECT_LINK); if (StringUtil.isNullOrEmpty(redictLink)) { return JsonUtil.loadFalseResult("无法获取到授权链接"); } // 没有登录，返回登录链接 JSONObject root = new JSONObject(); root.put("link", redictLink); return JsonUtil.loadTrueResult(Constant.RESULT_CODE_NEED_LOGIN, root); } wxLogger.info("微信有授权:" + session.getId()); try { addKey(keyInfo, user.getId()); return JsonUtil.loadTrueResult(""); } catch (KeyOrderException e) { e.printStackTrace(); return JsonUtil.loadFalseResult(e.getMessage()); } catch (WxOrderCountException e) { return JsonUtil.loadFalseResult(e.getMessage()); } catch (KeyVerifyException e) { switch (e.getCode()){ case KeyVerifyException.CODE_KEY_MONEY_NOT_MATCH: return JsonUtil.loadFalseResult("该笔订单有误，不予提交"); case KeyVerifyException.CODE_ORDER_MONEY_NOT_MATCH: return JsonUtil.loadFalseResult("提交金额不匹配"); } logger.debug("口令验证结果异常：{}-{}", keyInfo.getKey(), e.getMessage()); return JsonUtil.loadFalseResult(e.getMessage()); } } /** * @author hxh * @description 带口令与金额的口令提交接口 * @date 0:12 2024/7/9 * @param: keyInfo * @param: session * @return java.lang.String **/ @ResponseBody @RequestMapping(value = "submitKeyV3") public String submitKeyV3(SubmitKeyInfo keyInfo, HttpSession session, HttpServletRequest request) { String referer = request.getHeader("Referer"); keyInfo.setReferer(referer); WxUserInfo user = (WxUserInfo) session.getAttribute(Constant.SESSION_KEY_USER); if (StringUtil.isNullOrEmpty(keyInfo.getKey())) { return JsonUtil.loadFalseResult( "请上传key"); } // if (StringUtil.isNullOrEmpty(keyInfo.getMoney())) { // return JsonUtil.loadFalseResult("请上传money"); // } try{ verifySubmitKey(keyInfo.getKey()); }catch (Exception e){ return JsonUtil.loadFalseResult("支付宝口令不正确"); } // 验证提交时间 String timeStr = systemConfigService.getValueCache(SystemConfigKeyEnum.KEY_SUBMIT_TIME_RANGE); if(StringUtil.isNullOrEmpty(timeStr)){ return JsonUtil.loadFalseResult("尚未配置生效时间"); } String startTime = timeStr.split(",")[0].trim().replace(":",""); String endTime = timeStr.split(",")[1].trim().replace(":",""); String now = TimeUtil.getGernalTime(System.currentTimeMillis(),"HHmmss"); if(Integer.parseInt(now)Integer.parseInt(endTime)){ return JsonUtil.loadFalseResult(String.format("口令提交时间段为：%s-%s",timeStr.split(",")[0],timeStr.split(",")[1])); } if (user == null) { // 先保存KEY // SESSION_KEY_TEMP_ALIPAY_KEY session.setAttribute(Constant.SESSION_KEY_TEMP_ALIPAY_KEY, keyInfo); wxLogger.info("微信没有授权:" + session.getId()); String redictLink = systemConfigService.getValueCache(SystemConfigKeyEnum.WX_REDIRECT_LINK); if (StringUtil.isNullOrEmpty(redictLink)) { return JsonUtil.loadFalseResult("无法获取到授权链接"); } // 没有登录，返回登录链接 JSONObject root = new JSONObject(); root.put("link", redictLink); return JsonUtil.loadTrueResult(Constant.RESULT_CODE_NEED_LOGIN, root); } wxLogger.info("微信有授权:" + session.getId()); try { addKey(keyInfo, user.getId()); return JsonUtil.loadTrueResult(""); } catch (KeyOrderException e) { e.printStackTrace(); return JsonUtil.loadFalseResult(e.getMessage()); } catch (WxOrderCountException e) { return JsonUtil.loadFalseResult(e.getMessage()); } catch (KeyVerifyException e) { logger.debug("口令校验失败：{}-{}-{}", keyInfo.getKey(), e.getCode(), e.getMessage()); switch (e.getCode()){ case KeyVerifyException.CODE_KEY_MONEY_NOT_MATCH: return JsonUtil.loadFalseResult("该笔订单有误，不予提交"); case KeyVerifyException.CODE_ORDER_MONEY_NOT_MATCH: return JsonUtil.loadFalseResult("提交金额不匹配"); } return JsonUtil.loadFalseResult(e.getMessage()); } } @ResponseBody @RequestMapping(value = "submitKeyV4") public String submitKeyV4(SubmitKeyInfo keyInfo, HttpSession session, HttpServletRequest request) { String referer = request.getHeader("Referer"); keyInfo.setReferer(referer); WxUserInfo user = (WxUserInfo) session.getAttribute(Constant.SESSION_KEY_USER); if (StringUtil.isNullOrEmpty(keyInfo.getKey())) { return JsonUtil.loadFalseResult( "请上传key"); } if(1<0) { try { verifySubmitKey(keyInfo.getKey()); } catch (Exception e) { return JsonUtil.loadFalseResult("支付宝口令不正确"); } // 验证提交时间 String timeStr = systemConfigService.getValueCache(SystemConfigKeyEnum.KEY_SUBMIT_TIME_RANGE); if (StringUtil.isNullOrEmpty(timeStr)) { return JsonUtil.loadFalseResult("尚未配置生效时间"); } String startTime = timeStr.split(",")[0].trim().replace(":", ""); String endTime = timeStr.split(",")[1].trim().replace(":", ""); String now = TimeUtil.getGernalTime(System.currentTimeMillis(), "HHmmss"); if (Integer.parseInt(now) < Integer.parseInt(startTime) || Integer.parseInt(now) > Integer.parseInt(endTime)) { return JsonUtil.loadFalseResult(String.format("口令提交时间段为：%s-%s", timeStr.split(",")[0], timeStr.split(",")[1])); } } if (user == null) { // 先保存KEY // SESSION_KEY_TEMP_ALIPAY_KEY session.setAttribute(Constant.SESSION_KEY_TEMP_ALIPAY_KEY, keyInfo); wxLogger.info("微信没有授权:" + session.getId()); String redictLink = systemConfigService.getValueCache(SystemConfigKeyEnum.WX_REDIRECT_LINK); if (StringUtil.isNullOrEmpty(redictLink)) { return JsonUtil.loadFalseResult("无法获取到授权链接"); } redictLink=redictLink.replace("snsapi_base","snsapi_userinfo"); // 没有登录，返回登录链接 JSONObject root = new JSONObject(); root.put("link", redictLink); return JsonUtil.loadTrueResult(Constant.RESULT_CODE_NEED_LOGIN, root); } wxLogger.info("微信有授权:" + session.getId()); try { addKey(keyInfo, user.getId()); return JsonUtil.loadTrueResult(""); } catch (KeyOrderException e) { e.printStackTrace(); return JsonUtil.loadFalseResult(e.getMessage()); } catch (WxOrderCountException e) { return JsonUtil.loadFalseResult(e.getMessage()); } catch (KeyVerifyException e) { logger.debug("口令校验失败：{}-{}-{}", keyInfo.getKey(), e.getCode(), e.getMessage()); switch (e.getCode()){ case KeyVerifyException.CODE_KEY_MONEY_NOT_MATCH: return JsonUtil.loadFalseResult("该笔订单有误，不予提交"); case KeyVerifyException.CODE_ORDER_MONEY_NOT_MATCH: return JsonUtil.loadFalseResult("提交金额不匹配"); } return JsonUtil.loadFalseResult(e.getMessage()); } } @RequestMapping(value = "wxLogin") public void wxLogin(String code, String state, HttpServletRequest request, HttpServletResponse response, HttpSession session) throws IOException { // 根据code获取openid SubmitKeyInfo alipayKeyInfo = (SubmitKeyInfo) session.getAttribute(Constant.SESSION_KEY_TEMP_ALIPAY_KEY); wxLogger.info("微信授权回调：{} code-{} referer-{}", session.getId(), code, alipayKeyInfo.getReferer()); String failLink = systemConfigService.getValueCache(SystemConfigKeyEnum.WX_LOGIN_FAIL_LINK); String referer = alipayKeyInfo.getReferer(); try { WXAppInfoDto wxApp = systemConfigService.getWxAppInfoCache(); String successLink = systemConfigService.getValueCache(SystemConfigKeyEnum.WX_LOGIN_SUCCESS_LINK); if(!StringUtil.isNullOrEmpty(referer)){ Map params = HttpUtil.getPramsFromUrl(referer); params.put("state","SUCCESS"); successLink = HttpUtil.getWholeUrl(HttpUtil.getUrlWithoutParams(referer),params); } WxApiUtil.WXAccessTokenInfo tokenInfo = WxApiUtil.getAcessTokenInfo(code, wxApp); if (tokenInfo != null && !StringUtil.isNullOrEmpty(tokenInfo.getOpenid())) { WxApiUtil.WXUserInfo wxUserInfo =null; if(tokenInfo.getScope()!=null&&tokenInfo.getScope().contains("snsapi_userinfo")){ try { wxUserInfo = WxApiUtil.getUserInfo(tokenInfo.getAccess_token(), tokenInfo.getOpenid()); wxLogger.info("解析结果",new Gson().toJson(wxUserInfo)); }catch(Exception e){ wxLogger.error("解析出错",e); } } if(wxUserInfo==null){ wxUserInfo=new WxApiUtil.WXUserInfo(); wxUserInfo.setOpenid(tokenInfo.getOpenid()); } WxUserInfo user = wxUserService.login(wxUserInfo); session.setAttribute(Constant.SESSION_KEY_USER, user); wxLogger.info("微信保存用户信息：{} id-{}", session.getId(), user.getId()); wxLogger.info("从session读取到key：{}", alipayKeyInfo); if (alipayKeyInfo != null) { addKey(alipayKeyInfo, user.getId()); } response.sendRedirect(successLink); return; } } catch (Exception e) { e.printStackTrace(); wxLogger.error("授权失败：{}", e.getMessage()); if(!StringUtil.isNullOrEmpty(referer)){ Map params = HttpUtil.getPramsFromUrl(referer); params.put("state","FAIL"); failLink = HttpUtil.getWholeUrl(HttpUtil.getUrlWithoutParams(referer),params); } } response.sendRedirect(failLink); } }