JS-SDK使用权限签名算法

YijiaRestful/src/main/java/com/platform/yijia/controller/AppUserInfoController.java

@@ -4,7 +4,6 @@ import com.alibaba.fastjson.JSONObject;
 import com.google.gson.Gson;
 import com.platform.yijia.param.request.AppUserInfoRequest;
 import com.platform.yijia.pojo.AppUserInfo;
-import com.platform.yijia.pojo.CustomerManage;
 import com.platform.yijia.pojo.CustomerPoints;
 import com.platform.yijia.service.AppUserInfoService;
 import com.platform.yijia.service.CustomerPointsService;
@@ -15,6 +14,7 @@ import com.platform.yijia.utils.ResultData;
 import com.platform.yijia.utils.redis.RedisCacheUtil;
 import com.platform.yijia.utils.weixinapp.AesDecryptUtil;
 import com.platform.yijia.utils.weixinapp.WeiXinUserUtil;
+import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -82,7 +82,57 @@ public class AppUserInfoController {
         return AesDecryptUtil.decryptEncryptedData(jsonObject.get("encryptedData").toString(), jsonObject.get("sessionKey").toString(), jsonObject.get("iv").toString(), "UTF-8").toString();
     }
 
-    //判断使用小程序支付的用户是否关注公众号
+    /*
+     * JS-SDK使用权限签名算法
+     * @param noncestr  随机字符串
+     * @param timestamp 时间戳
+     * @param url   页面访问路径
+     * @param stationId 油站ID
+     * @return
+     */
+    @RequestMapping(value = "/getSignature", method = RequestMethod.GET)
+    @ResponseBody
+    public String getSignature(@RequestParam String noncestr, String timestamp, String url, Integer stationId){
+        Gson gson =new Gson();
+        //返回结果集
+        ResultData resultData = null;
+        Map<String, String> m = stationService.getStationAppIdAndAppSecret(stationId);
+        String gzhAppId ="";
+        String gzhAppSecret ="";
+        String accessToken ="";
+        if(m !=null && m.containsKey("gzhAppId") && m.containsKey("gzhAppSecret")){
+            gzhAppId = m.get("gzhAppId");
+            gzhAppSecret = m.get("gzhAppSecret");
+            accessToken  = this.getTokenByRedisCache(gzhAppId, gzhAppSecret);
+            //当前用户登录的公众号redis缓存中的jsapi_ticket
+            String appIdTicket =gzhAppId + "-ticket";
+            String jsapiTicket ="";
+            if(redisCacheUtil.hasKey(appIdTicket)){
+                jsapiTicket = redisCacheUtil.getCacheObject(appIdTicket);
+            }else {
+                //获取jsapi_ticket
+                net.sf.json.JSONObject gzhJsapiTicket = WeiXinUserUtil.getGzhJsapiTicket(accessToken);
+                if(gzhJsapiTicket.containsKey("ticket")){
+                    redisCacheUtil.setCacheObject(appIdTicket, gzhJsapiTicket.get("ticket"));
+                    redisCacheUtil.expire(appIdTicket, 7200, TimeUnit.SECONDS);
+                    jsapiTicket = gzhJsapiTicket.get("ticket").toString();
+                }
+            }
+            String string1 = "jsapi_ticket="+jsapiTicket + "&noncestr=" +noncestr +"&timestamp=" +timestamp +"&url=" +url;
+            //sha1加密
+            String signature = DigestUtils.sha1Hex(string1);
+            resultData = ResultData.success(signature);
+        }
+        return gson.toJson(resultData);
+    }
+
+
+    /*
+     * 判断使用小程序支付的用户是否关注公众号
+     * @param unionId
+     * @param stationId
+     * @return
+     */
     @RequestMapping(value = "/whetherFollowGzh", method = RequestMethod.GET)
     @ResponseBody
     public String whetherFollowGzh(@RequestParam String unionId, Integer stationId){
@@ -150,7 +200,12 @@ public class AppUserInfoController {
     }
 
 
-    //获取公众号信息
+    /*
+     * 获取公众号信息
+     * @param openId
+     * @param stationId
+     * @return
+     */
     @RequestMapping(value = "/getGzhUserInfo", method = RequestMethod.GET)
     @ResponseBody
     public String getGzhUserInfo(@RequestParam String openId, Integer stationId){

YijiaRestful/src/main/java/com/platform/yijia/utils/weixinapp/WeiXinUserUtil.java

@@ -36,10 +36,27 @@ public class WeiXinUserUtil {
     //获取UnionId
     public final static String unionId_Url ="https://api.weixin.qq.com/cgi-bin/user/info?access_token=ACCESS_TOKEN&openid=OPENID&lang=zh_CN";
 
+    //获取公众号jsapi_ticket
+    private static final String JSAPI_TICKET_URL ="https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=ACCESS_TOKEN&type=jsapi";
+
     //日志
     private static final Logger logger = LoggerFactory.getLogger(WeiXinUserUtil.class);
 
     /*
+     * 获取公众号jsapi_ticket
+     * @param accessToken
+     * @return
+     */
+    public static JSONObject getGzhJsapiTicket(String accessToken){
+        String requestUrl =JSAPI_TICKET_URL.replace("ACCESS_TOKEN",accessToken);
+        JSONObject jsonObject = HttpRequestUtil.getHttpsRequestData(requestUrl, "GET", null);
+        logger.info("获取公众号jsapi_ticket：" + jsonObject.toString());
+        return jsonObject;
+
+    }
+
+
+    /*
      * 获取用户公众号的授权信息
      * @param appId
      * @param appSecret

YijiaRestful/src/test/java/com/palatform/yijia/test.java

@@ -1,5 +1,7 @@
 package com.palatform.yijia;
 
+import org.apache.commons.codec.digest.DigestUtils;
+
 public class test {
 
     public static void main(String[] args) {
@@ -7,8 +9,11 @@ public class test {
         byte[] digestb = {0, 0, 0, 1};
         boolean equal = test.isEqual(digesta, digestb);
         System.out.println(equal);
+        //DigestUtils.sha1();
     }
 
+
+
     public static boolean isEqual(byte[] digesta, byte[] digestb) {
         if (digesta.length != digestb.length) {
             return false;
@@ -23,4 +28,7 @@ public class test {
         }
         return result == 0;
     }
+
+
+
 }