易班轻应用相关设置
链接:https://o.yiban.cn/manage/index
需要获取到轻应用的AppID和AppSecret
设置回调地址
回调地址为获取易班授权信息的地址
相关依赖
易班sdk
maven安装这个jar到仓库中
mvn install:install-file "-Dfile=地址\YBOpenApi.jar" "-DgroupId=com.yiban" "-DartifactId=YBOpenApi" "-Dversion=1.0.0" "-Dpackaging=jar"
引入依赖
<dependencies>
<dependency>
<groupId>com.yiban</groupId>
<artifactId>YBOpenApi</artifactId>
<version>${YBOpenApi.version}</version>
</dependency>
<!--易班SDK依赖的HttpClient库 -->
<!-- https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient -->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>${httpclient.version}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>
<version>${httpclient.version}</version>
</dependency>
<!--易班SDK依赖的json-lib库 -->
<!-- https://mvnrepository.com/artifact/net.sf.json-lib/json-lib -->
<dependency>
<groupId>net.sf.json-lib</groupId>
<artifactId>json-lib</artifactId>
<version>${json-lib.version}</version>
<classifier>jdk15</classifier>
</dependency>
</dependencies>
接口开发
@RestController
@RequestMapping("yiban")
@Slf4j
public class YibanController {
@Autowired
YiBanOauthService yiBanOauthService;
@ApiOperation(value = "登陆请求")
@GetMapping("/login_request")
public void loginRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
yiBanOauthService.loginRequest(request, response);
}
@ApiOperation(value = "登陆回调")
@GetMapping("/callback")
public void loginCallback(HttpServletRequest request, HttpServletResponse response) throws Exception {
yiBanOauthService.loginCallback(request, response);
}
}
登陆请求
public void loginRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
//YibanAppId 易班appid YibSecret 密钥
Authorize au = new Authorize(systemConfig.getYibanAppId(), systemConfig.getYibSecret());
//YibRedirectURI 回调地址
String url = au.forwardurl(systemConfig.getYibRedirectURI(), "QUERY", Authorize.DISPLAY_TAG_T.WEB);
try {
response.sendRedirect(url);
} catch (IOException e) {
throw e;
}
}
回调
解密易班传回来的verify_request即可获得用户登陆信息
public void loginCallback(HttpServletRequest request, HttpServletResponse response) throws Exception {
// 登陆易班
String verify_request = request.getParameter("verify_request");
// 解密
UserInfo userInfo = AESTransferUtil.jsonCode(verify_request, systemConfig.getYibSecret(), systemConfig.getYibanAppId());
}
解密算法:
import lombok.extern.slf4j.Slf4j;
import net.sf.json.JSONObject;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
@Slf4j
public class AESTransferUtil {
// 默认的加密算法
private static final String CIPHER_ALGORITHM = "AES/CBC/NOPadding";
// 编码
private static final String ENCODING = "UTF-8";
// 算法
private static final String ALGORITHM = "AES";
/**
* 将hex格式转化成十进制
*/
public static byte[] hexToByte(String hex) {
int m = 0, n = 0;
int byteLen = hex.length() / 2; // 每两个字符描述一个字节
byte[] ret = new byte[byteLen];
for (int i = 0; i < byteLen; i++) {
m = i * 2 + 1;
n = m + 1;
int intVal = Integer.decode("0x" + hex.substring(i * 2, m) + hex.substring(m, n));
ret[i] = (byte) intVal;
}
return ret;
}
/**
* AES密文解析
*
* @param data 要解密的内容
* @param key 密码
* @param offset 偏移量
*/
public static String decrypt(String data, String key, String offset) throws Exception {
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(StandardCharsets.US_ASCII), ALGORITHM);
IvParameterSpec iv = new IvParameterSpec(offset.getBytes());// 使用CBC模式,需要一个向量iv,可增加加密算法的强度
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] buffer = hexToByte(data);
byte[] encrypted = cipher.doFinal(buffer);
return new String(encrypted, ENCODING);// 此处使用BASE64做转码。
}
/**
* 将易班请求参数中的密文解析出用户信息
*
* @param data 要解密的内容
* @param key 密码 (appSecret)
* @param offset 偏移量 (appId)
* @return 关于返回值,如果返回的对象为空,说明是非法的密文,走正常登录; 如果对象的用户id登信息为空,未授权;不为空,已授权
*/
public static UserInfo jsonCode(String data, String key, String offset) {
try {
String plaintext = decrypt(data, key, offset);
JSONObject plainJson = JSONObject.fromObject(plaintext.trim());
log.info(String.valueOf(plainJson));
Object visit_oauth = plainJson.get("visit_oauth");
if (visit_oauth instanceof Boolean) {
if (!((Boolean) visit_oauth)) {
log.error("未授权");
return new UserInfo();
}
}
if (visit_oauth instanceof JSONObject) {
JSONObject oauthJson = (JSONObject) visit_oauth;
if (oauthJson.get("access_token") != null) {
log.warn("已授权");
JSONObject visitUser = (JSONObject) plainJson.get("visit_user");
JSONObject visitOauth = (JSONObject) plainJson.get("visit_oauth");
UserInfo userInfo = new UserInfo();
userInfo.setYbUserid(visitUser.getString("userid"));
userInfo.setUsername(visitUser.getString("username"));
userInfo.setNickname(visitUser.getString("usernick"));
userInfo.setSex(visitUser.getString("usersex"));
userInfo.setAccessToken(visitOauth.getString("access_token"));
userInfo.setTokenExpires(visitOauth.getString("token_expires"));
return userInfo;
}
}
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
}