添加站点参数

base-manager/src/main/java/com/mortals/xhx/busiz/web/MidSignApiController.java

@@ -12,6 +12,7 @@ import com.mortals.xhx.busiz.req.MidReq;
 import com.mortals.xhx.busiz.rsp.SignResp;
 import com.mortals.xhx.common.utils.EncryptionUtils;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.codec.binary.Base64;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -121,33 +122,16 @@ public class MidSignApiController {
         try {
             Map<String, String> headerMap = new HashMap<>();
             StringBuilder signSb = new StringBuilder();
-           // headerMap.put("appId", appId);
             headerMap.put("appKey", appKey);
             String timeStamp = System.currentTimeMillis() + "";
             headerMap.put("timeStamp", timeStamp);
             String nonce = RandomUtil.randomNumbers(6);
             headerMap.put("nonce", nonce);
             headerMap.put("secretKey", secretKey);
+            JSONObject object = JSONObject.parseObject(midReq.getBody());
+            headerMap.put("body", object.toJSONString());
 
 
-
-
-
-            if ("post".equalsIgnoreCase(midReq.getMethod())) {
-                JSONObject object1 = JSONObject.parseObject(midReq.getBody());
-                headerMap.put("body", object1.toJSONString());
-            } else if ("get".equalsIgnoreCase(midReq.getMethod())) {
-           /*     HashMap<String, String> paramsMap = JSON.parseObject(midReq.getBody(), HashMap.class);
-                if (!paramsMap.isEmpty()) {
-                    for (Map.Entry<String, String> entry : paramsMap.entrySet()) {
-                        headerMap.put(entry.getKey(), entry.getValue());
-                    }
-                }*/
-            } else {
-                JSONObject object1 = JSONObject.parseObject(midReq.getBody());
-                headerMap.put("body", object1.toJSONString());
-            }
-
             signSb.append("appId").append("=").append(headerMap.get("appId")).append("&");
             signSb.append("appKey").append("=").append(headerMap.get("appKey")).append("&");
             signSb.append("body").append("=").append(headerMap.get("body")).append("&");
@@ -160,11 +144,25 @@ public class MidSignApiController {
             log.info("签名计算结果: " + sign);
 
             headerMap.put("sign", sign);
+
+            //todo 添加rsa非对称加密
+            String pwdRsa = pwd + "#" + timeStamp;
+            pwdRsa = EncryptionUtils.encrypt(pwdRsa, publickey);
+            String param = "{\"USER\":\"" + user + "\",\"PWD\":\"" + pwdRsa + "\"}";
+            param = Base64.encodeBase64String(param.getBytes("UTF-8"));
+            headerMap.put("param", param);
+
+            String request = Base64.encodeBase64String(object.toJSONString().getBytes("UTF-8"));
+
+            JSONObject reqBody = new JSONObject();
+            reqBody.put("request", request);
+
             //请求转发
             String fullUrl = UrlBuilder.ofHttp(midUrl).addPath(midReq.getPath()).build();
             //String fullUrl = URLUtil.completeUrl(midUrl, midReq.getPath());
             log.info("mid url:{},body:{}", fullUrl, headerMap.get("body"));
-            String body = HttpUtil.createRequest(Method.POST, fullUrl).headerMap(headerMap, true).body(headerMap.get("body")).execute().body();
+            //String body = HttpUtil.createRequest(Method.POST, fullUrl).headerMap(headerMap, true).body(headerMap.get("body")).execute().body();
+            String body = HttpUtil.createRequest(Method.POST, fullUrl).headerMap(headerMap, true).body(reqBody.toJSONString()).execute().body();
             JSONObject bodyJson = JSONObject.parseObject(body);
             log.info("mid resp:" + bodyJson.toJSONString());
 

base-manager/src/main/java/com/mortals/xhx/common/utils/EncryptionUtils.java

 package com.mortals.xhx.common.utils;
 
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.codec.binary.Base64;
 
+import javax.crypto.Cipher;
+import java.security.KeyFactory;
 import java.security.MessageDigest;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
 
 @Slf4j
 public class EncryptionUtils {
@@ -60,4 +67,49 @@ public class EncryptionUtils {
     public final static String SHA256(String s){
         return digest(s, DigestType.SHA256);
     }
+
+
+    /**
+     * RSA公钥加密
+     *
+     * @param str       加密字符串
+     * @param publicKey 公钥
+     * @return 密文
+     * @throws Exception 加密过程中的异常信息
+     */
+
+    public static String encrypt(String str, String publicKey) throws Exception {
+        //base64编码的公钥
+        byte[] decoded = Base64.decodeBase64(publicKey);
+        RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA")
+                .generatePublic(new X509EncodedKeySpec(decoded));
+        //RSA加密
+        Cipher cipher = Cipher.getInstance("RSA");
+        cipher.init(Cipher.ENCRYPT_MODE, pubKey);
+        String outStr = Base64.encodeBase64String(cipher.doFinal(str.getBytes("UTF-8")));
+        return outStr;
+    }
+
+
+    /**
+     * RSA私钥解密
+     *
+     * @param str        加密字符串
+     * @param privateKey 私钥
+     * @return 明文
+     * @throws Exception 解密过程中的异常信息
+     */
+    public static String decrypt(String str, String privateKey) throws Exception {
+        //64位解码加密后的字符串
+        byte[] inputByte = Base64.decodeBase64(str.getBytes("UTF-8"));
+        //base64编码的私钥
+        byte[] decoded = Base64.decodeBase64(privateKey);
+        RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA")
+                .generatePrivate(new PKCS8EncodedKeySpec(decoded));
+        //RSA解密
+        Cipher cipher = Cipher.getInstance("RSA");
+        cipher.init(Cipher.DECRYPT_MODE, priKey);
+        String outStr = new String(cipher.doFinal(inputByte));
+        return outStr;
+    }
 }