用户购买授权相关修改

1 year ago · b3612fdfb6
parent e39e34cd40
commit b3612fdfb6
3 changed files with 79 additions and 51 deletions
--- a/ms-biz/src/main/java/com/ms/api/common/SPIBaseService.java
+++ b/ms-biz/src/main/java/com/ms/api/common/SPIBaseService.java
@ -40,16 +40,6 @@ public class SPIBaseService {

        // TODO 后面可以redis缓存，避免每次都查库
        Shop shop = shopService.getDetailById(shopId);
-        if (Objects.isNull(shop)) {  // TODO 要放到订阅回调中
-            shop = new Shop();
-            shop.setShopId(shopId);
-            shop.setGmtCreate(new Date());
-            shop.setGmtModified(new Date());
-            shopService.insert(shop);
-
-            // TODO 创建素材文件夹
-
-        }
        shopInfo = shopService.getShopInfoByShop(shop);
    }
    public String getAuthCode() {
--- a/ms-biz/src/main/java/com/ms/api/spi/callback/ShopAuthCallbackService.java
+++ b/ms-biz/src/main/java/com/ms/api/spi/callback/ShopAuthCallbackService.java
@ -1,6 +1,7 @@
 package com.ms.api.spi.callback;

 import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
 import com.doudian.open.api.token_create.TokenCreateRequest;
 import com.doudian.open.api.token_create.TokenCreateResponse;
 import com.doudian.open.api.token_create.data.TokenCreateData;
@ -16,65 +17,67 @@ import com.ms.api.common.SPIBaseService;
 import com.ms.api.dto.auth.PlatformAuthCallBackRequestDTO;
 import com.ms.api.service.ShopService;
 import com.ms.api.tool.CommonTool;
+import com.ms.api.tool.SecurityTool;
 import com.ms.dal.entity.Shop;
+import lombok.Data;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;

+import java.util.Date;
 import java.util.Map;
+import java.util.Objects;

 /**
 * 抖店授权回调地址
 */
@ExtensionService("shopAuthCallback")
@Slf4j
-public class ShopAuthCallbackService extends SPIBaseService implements ExtensionServiceHandler<Object, Ret> {
+public class ShopAuthCallbackService extends SPIBaseService implements ExtensionServiceHandler<CallBackRequest, String> {
+
+    @Value("${cloud.app.secret}")
+    private String cloudAppSecret;

    @Autowired
    private ShopService shopService;

    @Override
-    public BaseResponse<Ret> handle(BaseRequest<Object> req) {
-//        initHandle(req);
+    public BaseResponse<String> handle(BaseRequest<CallBackRequest> req) {
        // ----参数校验----
        log.info("receive callback: " + JSON.toJSONString(req));
-        Object fields =  req.getData();
-        log.info("receive callback: " + JSON.toJSONString(fields));
+        String url = req.getData().getUrl();
+        String reqBody = req.getData().getBody();
+        String key = cloudAppSecret.replaceAll("-", "");
+        reqBody = SecurityTool.decryptDoudianCallback(reqBody, key);
+        log.info("receive callback body: ", reqBody);
+
+        JSONObject bodyObj = JSONObject.parseObject(reqBody);
+        Integer msgType = bodyObj.getInteger("msg_type");
+        if (msgType == 2) { // 授权消息
+            String msg = bodyObj.getString("msg");
+            JSONObject msgObj = JSONObject.parseObject(msg);
+            Long shopId = msgObj.getLong("shop_id");
+
+            Shop shop = shopService.getDetailById(shopId);
+            if (Objects.isNull(shop)) {
+                shop = new Shop();
+                shop.setShopId(shopId);
+                shop.setGmtCreate(new Date());
+                shop.setGmtModified(new Date());
+                shopService.insert(shop);

-        throw new MSException("预留接口，看返回结构");
-//        // ----逻辑校验----
-//        TokenCreateRequest request = new TokenCreateRequest();
-//        TokenCreateParam param = request.getParam();
-//        param.setCode("df020f1c-37ed-41b5-8341-85d3d3b02250");
-//        param.setGrantType("authorization_code");
-//        log.info("receive callback: " + JSON.toJSONString(param));
-//        TokenCreateResponse response = request.execute();
-//        TokenCreateData data = new TokenCreateData();
-//        data = response.getData();
-//        Long shopId = data.getShopId();
-//        String accessToken = data.getAccessToken();
-//        Long expiresIn = data.getExpiresIn();
-//        String shopName = data.getShopName();
-//        String refreshToken = data.getRefreshToken();
-//        Shop shop = shopService.getDetailById(shopId);
-//        if (shop == null) {
-//            shop = new Shop();
-//            shop.setShopId(shopId);
-//            // shop.setAccessToken(accessToken); // 加密
-//            // shop.setRefreshToken(refreshToken); // 加密
-//            shop.setExpiresIn(expiresIn.toString());
-//            shop.setShopName(shopName);
-//            shopService.insert(shop);
-//        } else {
-//            // shop.setAccessToken(accessToken); // 加密
-//            // shop.setRefreshToken(refreshToken); // 加密
-//            shopService.updateByPrimaryKey(shop);
-//        }
-//
-//
-//        // log.info("receive callback: " + JSON.toJSONString(response.getData()));
-//        // ----业务处理----
-//
-//        // ----结果返回----
-//        return R.ok(CommonTool.successResult());
+                // TODO 创建素材文件夹
+            }
+        }
+
+        // 按照三方平台的规范返回成功或失败的body值
+        String respBody = "{\"success\":true,\"code\":0}";
+        return BaseResponse.<String>builder().success(true).code("0").data(respBody).build();
    }
 }
+
+@Data
+class CallBackRequest {
+    private String url;
+    private String body;
+}
--- a/ms-biz/src/main/java/com/ms/api/tool/SecurityTool.java
+++ b/ms-biz/src/main/java/com/ms/api/tool/SecurityTool.java
@ -1,7 +1,11 @@
 package com.ms.api.tool;

 import com.ms.api.tool.security.AES;
+import sun.misc.BASE64Decoder;

+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.util.Base64;
@ -59,4 +63,35 @@ public class SecurityTool {
        }
        return null;
    }
+
+    /**
+     * 抖店的消息解密
+     * @param sSrc
+     * @param sKey
+     * @return
+     */
+    public static String decryptDoudianCallback(String sSrc, String sKey) {
+        try {
+            byte[] raw = sKey.getBytes("ASCII");
+            SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            int blockSize = cipher.getBlockSize();
+            IvParameterSpec iv = new IvParameterSpec(sKey.substring(0,blockSize).getBytes());
+            cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
+            byte[] encrypted1 = new BASE64Decoder().decodeBuffer(sSrc);//先用base64解密
+            byte[] original = cipher.doFinal(encrypted1);
+            String originalString = new String(original, "utf-8");
+            return originalString;
+        } catch (Exception ex) {
+            return null;
+        }
+    }
+
+    public static void main(String[] args) {
+        String msgSecret = "rzYLiyrSFtW8vSQWrlRTtsSHcH6KZdJGEpCGNZRjNcdXrn1HR39YSMXhj7z36gbeHdqPqR2zbkzO2CMOJz6l1aDFX5ZYTYHsLAIdOyN3RyQYJDihcLzhlACdNf/fEf28srQI37N/7+gVwSApAmnvP7CvBg8X5Hb+2A2cK13jMT8GAskYsNieL982MMPiAZmAF8ktAqN2bLJo/IpxYrW+OXLudrRylWXeLa5fbqO+pZVAtItoGN995lf6iPF8JnWJpQaSBPVuUgU/6Ns5sFWl7A==";
+        String appSecret = "4c927c89-d55c-42cf-805c-694269a4b165";
+        String key = appSecret.replaceAll("-", "");
+        String decrypt = decryptDoudianCallback(msgSecret,key);
+        System.out.println("解密之后的数据为: "+decrypt);
+    }
 }