no message

src/main/java/com/gree/mall/manager/logic/common/UMSLogic.java

@@ -1,7 +1,6 @@
 package com.gree.mall.manager.logic.common;
 
 import cn.hutool.core.date.DateUtil;
-import cn.hutool.http.HttpUtil;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.gree.mall.manager.exception.RemoteServiceException;
@@ -9,7 +8,8 @@ import com.gree.mall.manager.plus.entity.AdminWebsit;
 import com.gree.mall.manager.plus.service.AdminCompanyWechatService;
 import com.gree.mall.manager.plus.service.AdminWebsitService;
 import com.gree.mall.manager.utils.ArithUtils;
-import com.gree.mall.manager.utils.EncryptUtils;
+import com.gree.mall.manager.utils.ums.HttpUtils;
+import com.gree.mall.manager.utils.ums.RSAUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.codec.digest.DigestUtils;
@@ -30,10 +30,12 @@ import javax.crypto.Mac;
 import javax.crypto.spec.SecretKeySpec;
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
 import java.text.SimpleDateFormat;
 import java.util.Date;
+import java.util.HashMap;
 import java.util.UUID;
 
 @Service
@@ -162,8 +164,9 @@ public class UMSLogic {
      */
     public JSONObject submitSubsidyApplyTrace(String userId, String reqSn, String encBizReqData, String servicePublicKey,
                                               String privateKey) throws Exception {
-        String url = supplementUrl + "/o2o/submitSubsidyApplTrace";
-        return this.commonReqYueHuanXin(userId, reqSn, encBizReqData, servicePublicKey, privateKey);
+        String sourceUrl = supplementUrl + "/o2o/submitSubsidyApplTrace";
+        log.info("准备请求{}", sourceUrl);
+        return this.commonReqYueHuanXin(sourceUrl, userId, reqSn, encBizReqData, servicePublicKey, privateKey);
     }
 
     /**
@@ -171,8 +174,9 @@ public class UMSLogic {
      */
     public JSONObject querySubsidyApplyTrace(String userId, String reqSn, String encBizReqData, String servicePublicKey,
                                              String privateKey) throws Exception {
-        String url = supplementUrl + "/o2o/querySubsidyApplTrace";
-        return this.commonReqYueHuanXin(userId, reqSn, encBizReqData, servicePublicKey, privateKey);
+        String sourceUrl = supplementUrl + "/o2o/querySubsidyApplTrace";
+        log.info("准备请求{}", sourceUrl);
+        return this.commonReqYueHuanXin(sourceUrl, userId, reqSn, encBizReqData, servicePublicKey, privateKey);
     }
 
     /**
@@ -180,55 +184,72 @@ public class UMSLogic {
      */
     public JSONObject querySubsidyApply(String userId, String reqSn, String encBizReqData, String servicePublicKey,
                                         String privateKey) throws Exception {
-        String url = supplementUrl + "/o2o/querySubsidyAppl";
-
-        return this.commonReqYueHuanXin(userId, reqSn, encBizReqData, servicePublicKey, privateKey);
+        String sourceUrl = supplementUrl + "/o2o/querySubsidyAppl";
+        log.info("准备请求{}", sourceUrl);
+        return this.commonReqYueHuanXin(sourceUrl, userId, reqSn, encBizReqData, servicePublicKey, privateKey);
     }
 
-    private JSONObject commonReqYueHuanXin(String userId, String reqSn, String encBizReqData, String servicePublicKey,
-                                           String privateKey) throws Exception {
-        JSONObject json = new JSONObject();
-        json.put("userId", userId);
-        json.put("reqSn", reqSn);
-        json.put("timestamp", DateUtil.formatDateTime(DateUtil.date()));
-        final String encryptBizReqData = EncryptUtils.encryptBizReqData(servicePublicKey, encBizReqData);
-        final String sign = EncryptUtils.generateSign(privateKey, encryptBizReqData);
-        json.put("encBizReqData", encryptBizReqData);
-        json.put("signAlg", "1");
-        json.put("sign", sign);
-
-        String post;
-        JSONObject respBody;
-
-        try {
-            post = HttpUtil.post(url, json.toString());
-            respBody = JSON.parseObject(post);
-        } catch (Exception e) {
-            throw new RemoteServiceException("公共应答参数异常: " + e.getMessage());
+    private JSONObject commonReqYueHuanXin(String sourceUrl, String userId, String reqSn, String data,
+                                           String servicePublicKey, String privateKey) throws Exception {
+        log.info("commonReqYueHuanXin请求data:{}", data);
+        HashMap<String, Object> baseReq = new HashMap<>();
+        baseReq.put("userId", userId);
+        baseReq.put("reqSn", reqSn);
+        baseReq.put("timestamp", DateUtil.formatDateTime(DateUtil.date()));
+        byte[] encBizReqData = RSAUtils.encryptByPublicKey(data.getBytes(StandardCharsets.UTF_8), servicePublicKey);
+        baseReq.put("encBizReqData", encBizReqData);
+        baseReq.put("signAlg", "SHA256withRSA");
+        baseReq.put("sign", RSAUtils.sign(encBizReqData, privateKey));
+
+        String respBody = HttpUtils.post(sourceUrl,
+                JSON.toJSONString(baseReq));
+        JSONObject jsonObject = JSONObject.parseObject(respBody);
+
+        if ("00000".equals(jsonObject.getString("code"))) {
+            // 验签
+            verifySign(jsonObject, servicePublicKey);
+
+            // 解密
+            byte[] decryptData = decryptByPrivateKey(jsonObject, privateKey);
+
+            final String respData = new String(decryptData);
+
+            log.info("commonReqYueHuanXin返回结果data:{}", respData);
+            return JSON.parseObject(respData);
         }
 
-        final boolean isSuccess = respBody.containsValue("00000");
-
-        if (!isSuccess) {
-            final String msg = respBody.getObject("msg", String.class);
+        throw new RemoteServiceException("发起补贴申请流水：响应码：" + jsonObject.getString("code") + ",响应描述:" + jsonObject.getString("msg"));
+    }
 
-            throw new RemoteServiceException("应码码错误: " + msg);
+    /**
+     * 验证签名
+     *
+     * @param respDTO
+     */
+    public static void verifySign(JSONObject respDTO, String serverPublicKey) throws Exception {
+        try {
+            boolean pass = RSAUtils.verifySign(Base64.decodeBase64((String) respDTO.get("encBizRespData")), (String) respDTO.get("sign"),
+                    serverPublicKey);
+            if (!pass) {
+                throw new RuntimeException("业务请求数据验签不通过");
+            }
+        } catch (Exception e) {
+            throw new Exception("业务请求数据验签失败");
         }
+    }
 
-        final String encBizRespData = respBody.getObject("encBizRespData", String.class);
-        final String respSign = respBody.getObject("sign", String.class);
-
-        final String respData = EncryptUtils.decryptEncBizRespData(privateKey, encBizRespData);
-
-        final boolean verifySign = EncryptUtils.verifySign(servicePublicKey, encBizRespData, respSign);
-
-        if (!verifySign) {
-            throw new RemoteServiceException("验签签名串失败");
+    /**
+     * 解密
+     *
+     * @param respDTO
+     */
+    public static byte[] decryptByPrivateKey(JSONObject respDTO, String privateKey) throws Exception {
+        try {
+            return RSAUtils.decryptByPrivateKey(Base64.decodeBase64((String) respDTO.get("encBizRespData")),
+                    privateKey);
+        } catch (Exception e) {
+            throw new Exception("业务请求数据解密失败");
         }
-
-        final JSONObject respDataJson = JSON.parseObject(respData);
-
-        return respDataJson;
     }
 }
 

src/main/java/com/gree/mall/manager/logic/ums/SupplementRecordLogic.java

@@ -223,6 +223,15 @@ public class SupplementRecordLogic {
 
         record.setStatus("SUBMIT");
         if (StringUtils.isBlank(record.getId())) {
+            if (StringUtils.isNotBlank(record.getTraceId())) {
+                final boolean reset = umsSupplementRecordService.lambdaUpdate()
+                        .set(UmsSupplementRecord::getStatus, "RESET")
+                        .eq(UmsSupplementRecord::getTraceId, record.getTraceId())
+                        .update();
+                if (reset) {
+                    throw new RemoteServiceException(record.getTraceId() + "流水号记录已经重新生成过记录，不能再提交");
+                }
+            }
             String traceId = adminWebsit.getYunSpCode() + IdUtil.fastSimpleUUID();
             record.setCreateTime(DateUtil.date())
                     .setCreateBy(adminUser.getNickName())

src/main/java/com/gree/mall/manager/schedule/YueHuanXinSchedule.java

@@ -91,7 +91,8 @@ public class YueHuanXinSchedule {
                 final String traceStatus = resultJson.getObject("traceStatus", String.class);
                 final String traceMsg = resultJson.getObject("traceMsg", String.class);
 
-                record.setTraceStatus(traceStatus)
+                record.setStatus("END")
+                        .setTraceStatus(traceStatus)
                         .setTraceMsg(traceMsg)
                         .setErrCount(0)
                         .setSysErr("");
@@ -107,6 +108,20 @@ public class YueHuanXinSchedule {
 
     private void handleImageUpload(AdminWebsit websit, UmsSupplementRecord record,
                                    SubsidyApplyTraceBean reqBean) throws IOException {
+        if (StringUtils.isNotBlank(record.getIdCardFrontPicKey())) {
+            reqBean.setNewCelecAppInvPicKey(fileSftpUploaderLogic.uploadFromUrl(record.getIdCardFrontPicKey(),
+                    websit.getYunSpCode(), websit.getUmsUser(), websit.getUmsPassword()));
+        } else {
+            reqBean.setIdCardFrontPicKey(null);
+        }
+
+        if (StringUtils.isNotBlank(record.getIdCardBackPicKey())) {
+            reqBean.setNewCelecAppInvPicKey(fileSftpUploaderLogic.uploadFromUrl(record.getIdCardBackPicKey(),
+                    websit.getYunSpCode(), websit.getUmsUser(), websit.getUmsPassword()));
+        } else {
+            reqBean.setIdCardBackPicKey(null);
+        }
+
         if (StringUtils.isNotBlank(record.getNewCelecAppInvPicKey())) {
             reqBean.setNewCelecAppInvPicKey(fileSftpUploaderLogic.uploadFromUrl(record.getNewCelecAppInvPicKey(),
                     websit.getYunSpCode(), websit.getUmsUser(), websit.getUmsPassword()));
@@ -145,6 +160,39 @@ public class YueHuanXinSchedule {
             }
         }
 
+        StringBuilder picSb = new StringBuilder();
+        if (StringUtils.isNotBlank(record.getNewTransRecPicKey1())) {
+            picSb.append(fileSftpUploaderLogic.uploadFromUrl(record.getNewTransRecPicKey1(),
+                    websit.getYunSpCode(), websit.getUmsUser(), websit.getUmsPassword()))
+                    .append("|");
+        }
+        if (StringUtils.isNotBlank(record.getNewTransRecPicKey2())) {
+            picSb.append(fileSftpUploaderLogic.uploadFromUrl(record.getNewTransRecPicKey2(),
+                    websit.getYunSpCode(), websit.getUmsUser(), websit.getUmsPassword()))
+                    .append("|");
+        }
+        if (StringUtils.isNotBlank(record.getNewTransRecPicKey3())) {
+            picSb.append(fileSftpUploaderLogic.uploadFromUrl(record.getNewTransRecPicKey3(),
+                    websit.getYunSpCode(), websit.getUmsUser(), websit.getUmsPassword()))
+                    .append("|");
+        }
+        if (StringUtils.isNotBlank(record.getNewTransRecPicKey4())) {
+            picSb.append(fileSftpUploaderLogic.uploadFromUrl(record.getNewTransRecPicKey4(),
+                    websit.getYunSpCode(), websit.getUmsUser(), websit.getUmsPassword()))
+                    .append("|");
+        }
+        if (StringUtils.isNotBlank(record.getNewTransRecPicKey5())) {
+            picSb.append(fileSftpUploaderLogic.uploadFromUrl(record.getNewTransRecPicKey5(),
+                    websit.getYunSpCode(), websit.getUmsUser(), websit.getUmsPassword()))
+                    .append("|");
+        }
+        if (StringUtils.isNotBlank(picSb.toString())) {
+            final String picKeys = StringUtils.chop(picSb.toString());
+            if (StringUtils.isNotBlank(picKeys)) {
+                reqBean.setNewTransRecPicKey(picKeys);
+            }
+        }
+
         StringBuilder otherSb = new StringBuilder();
         if (StringUtils.isNotBlank(record.getNewOtherFile1Key1())) {
             goodsSb.append(fileSftpUploaderLogic.uploadFromUrl(record.getNewOtherFile1Key1(),

src/main/java/com/gree/mall/manager/utils/ums/HttpUtils.java

@@ -0,0 +1,54 @@
+package com.gree.mall.manager.utils.ums;
+
+import java.io.*;
+import java.net.HttpURLConnection;
+import java.net.URL;
+
+public class HttpUtils {
+
+    public static String post(String url, String requestBody) throws IOException {
+        return post(url, new ByteArrayInputStream(requestBody.getBytes()), "application/json");
+    }
+
+    public static String post(String url, InputStream inputStream, String contentType) throws IOException {
+        BufferedReader in = null;
+        StringBuilder result = new StringBuilder();
+        HttpURLConnection conn = null;
+        conn = (HttpURLConnection) new URL(url).openConnection();
+        conn.setRequestMethod("POST");
+        conn.setDoOutput(true);
+        conn.setDoInput(true);
+        conn.setConnectTimeout(30000);
+        conn.setReadTimeout(10000);
+        conn.setRequestProperty("Content-Type", contentType);
+        conn.setRequestProperty("Accept", "*/*");
+        try {
+            OutputStream out = conn.getOutputStream();
+
+            byte[] buff = new byte[1024];
+            int len = 0;
+            while((len = inputStream.read(buff))>0) {
+                out.write(buff, 0, len);
+            }
+            out.flush();
+            out.close();
+
+            //取得输入流，并使用Reader读取
+            if (200 == conn.getResponseCode()) {
+                in = new BufferedReader(new InputStreamReader(conn.getInputStream(), "UTF-8"));
+                String line;
+                while ((line = in.readLine()) != null) {
+                    result.append(line);
+                }
+                return result.toString();
+            } else {
+                throw new RuntimeException("ResponseCode is an error code:" + conn.getResponseCode());
+            }
+        } finally {
+            if (in != null) {
+                in.close();
+            }
+        }
+
+    }
+}

src/main/java/com/gree/mall/manager/utils/ums/RSAUtils.java

@@ -0,0 +1,224 @@
+package com.gree.mall.manager.utils.ums;
+
+import com.alibaba.fastjson.JSONObject;
+import org.apache.commons.codec.binary.Base64;
+
+import javax.crypto.Cipher;
+import java.io.ByteArrayOutputStream;
+import java.security.*;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+
+public class RSAUtils {
+
+    /**
+     * 加密算法RSA
+     */
+    private static final String KEY_ALGORITHM = "RSA";
+
+    /**
+     * 签名算法
+     */
+    public final static String SIGN_ALG = "SHA256WithRSA";
+
+    /**
+     * 算法名称/加密模式/数据填充方式
+     * 默认：RSA/ECB/PKCS1Padding
+     */
+    private static final String ALGORITHMS = "RSA/ECB/PKCS1Padding";
+
+    /**
+     * RSA最大加密明文大小
+     */
+    private static final int MAX_ENCRYPT_BLOCK = 245;
+
+    /**
+     * RSA最大解密密文大小
+     */
+    private static final int MAX_DECRYPT_BLOCK = 256;
+
+    /**
+     * RSA 位数 如果采用2048 上面最大加密和最大解密则须填写:  245 256
+     */
+    private static final int INITIALIZE_LENGTH = 2048;
+
+    /**
+     * 后端RSA的密钥对(公钥和私钥)Map，由静态代码块赋值
+     */
+    private static final Map<String, String> map = new LinkedHashMap<>(2);
+
+    public static void main(String[] args) throws Exception {
+        Map<String,String> res  = genKeyPair();
+        System.out.println(JSONObject.toJSONString(res));
+    }
+    /**
+     * 生成密钥对(公钥和私钥)
+     */
+
+    public static Map<String, String> genKeyPair() throws Exception {
+        KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);
+        keyPairGen.initialize(INITIALIZE_LENGTH);
+        KeyPair keyPair = keyPairGen.generateKeyPair();
+        // 获取公钥
+        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
+        // 获取私钥
+        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
+        // 得到公钥字符串
+        String publicKeyString = Base64.encodeBase64String(publicKey.getEncoded());
+        // 得到私钥字符串
+        String privateKeyString = Base64.encodeBase64String((privateKey.getEncoded()));
+        map.put("publicKey", publicKeyString);
+        map.put("privateKey", privateKeyString);
+        return map;
+    }
+
+    public static String getPrivateKey() {
+        return map.get("privateKey");
+    }
+
+    public static String getPublicKey() {
+        return map.get("publicKey");
+    }
+
+    /**
+     * RSA私钥解密
+     *
+     * @param data       BASE64编码过的密文
+     * @param privateKey 私钥(BASE64编码)
+     * @return utf-8编码的明文
+     */
+    public static byte[] decryptByPrivateKey(byte[] data, String privateKey) throws Exception {
+        //base64格式的key字符串转Key对象
+        Key privateK = KeyFactory.getInstance(KEY_ALGORITHM).generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey)));
+        Cipher cipher = Cipher.getInstance(ALGORITHMS);
+        cipher.init(Cipher.DECRYPT_MODE, privateK);
+
+        //分段进行解密操作
+        return encryptAndDecryptOfSubsection(data, cipher, MAX_DECRYPT_BLOCK);
+    }
+
+    /**
+     * RSA公钥加密
+     *
+     * @param data      BASE64编码过的密文
+     * @param publicKey 公钥(BASE64编码)
+     * @return utf-8编码的明文
+     */
+    public static byte[] encryptByPublicKey(byte[] data, String publicKey) throws Exception {
+        //base64格式的key字符串转Key对象
+        System.out.println("加密公钥:"+publicKey);
+        Key publicK = KeyFactory.getInstance(KEY_ALGORITHM).generatePublic(new X509EncodedKeySpec(Base64.decodeBase64(publicKey)));
+        Cipher cipher = Cipher.getInstance(ALGORITHMS);
+        cipher.init(Cipher.ENCRYPT_MODE, publicK);
+        //分段进行加密操作
+        return encryptAndDecryptOfSubsection(data, cipher, MAX_ENCRYPT_BLOCK);
+    }
+
+    /**
+     * RSA公钥解密
+     *
+     * @param data      BASE64编码过的密文
+     * @param publicKey RSA公钥
+     * @return utf-8编码的明文
+     */
+    public static byte[] pubKeyDec(byte[] data, String publicKey) throws Exception {
+        //base64格式的key字符串转Key对象
+        Key privateK = KeyFactory.getInstance(KEY_ALGORITHM).generatePublic(new X509EncodedKeySpec(Base64.decodeBase64(publicKey)));
+        Cipher cipher = Cipher.getInstance(ALGORITHMS);
+        cipher.init(Cipher.DECRYPT_MODE, privateK);
+
+        //分段进行解密操作
+        return encryptAndDecryptOfSubsection(data, cipher, MAX_DECRYPT_BLOCK);
+    }
+
+    /**
+     * RSA私钥加密
+     *
+     * @param data       待加密的明文
+     * @param privateKey RSA私钥
+     * @return 经BASE64编码后的密文
+     */
+    public static byte[] privKeyEnc(byte[] data, String privateKey) throws Exception {
+
+        //base64格式的key字符串转Key对象
+        Key publicK = KeyFactory.getInstance(KEY_ALGORITHM).generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey)));
+        Cipher cipher = Cipher.getInstance(ALGORITHMS);
+        cipher.init(Cipher.ENCRYPT_MODE, publicK);
+
+        //分段进行加密操作
+        return encryptAndDecryptOfSubsection(data, cipher, MAX_ENCRYPT_BLOCK);
+    }
+
+    /**
+     * 生成签名
+     *
+     * @param data 签名原文
+     * @return 签名
+     */
+    public static String sign(byte[] data, String privateKey) {
+        try {
+            System.out.println("签名私钥:"+privateKey);
+
+            PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));
+            PrivateKey priKey = KeyFactory.getInstance("RSA").generatePrivate(keySpec);
+            Signature signature = Signature.getInstance(SIGN_ALG);
+            signature.initSign(priKey);
+            signature.update(data);
+            return Base64.encodeBase64String(signature.sign());
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    /**
+     * 验证签名
+     *
+     * @param data      签名原文
+     * @param sign      签名
+     * @param publicKey 公钥
+     * @return 是否验签通过
+     */
+    public static boolean verifySign(byte[] data, String sign, String publicKey) {
+        try {
+            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey));
+            PublicKey pubKey = KeyFactory.getInstance("RSA").generatePublic(keySpec);
+            Signature signature = Signature.getInstance(SIGN_ALG);
+            signature.initVerify(pubKey);
+            signature.update(data);
+            return signature.verify(Base64.decodeBase64(sign.getBytes()));
+        } catch (Exception e) {
+            //验签失败
+            throw new RuntimeException(e);
+        }
+    }
+
+    /**
+     * 分段进行加密、解密操作
+     */
+    private static byte[] encryptAndDecryptOfSubsection(byte[] data, Cipher cipher, int encryptBlock) throws Exception {
+        int inputLen = data.length;
+        ByteArrayOutputStream out = new ByteArrayOutputStream();
+        int offSet = 0;
+        byte[] cache;
+        int i = 0;
+        // 对数据分段加密
+        while (inputLen - offSet > 0) {
+            if (inputLen - offSet > encryptBlock) {
+                cache = cipher.doFinal(data, offSet, encryptBlock);
+            } else {
+                cache = cipher.doFinal(data, offSet, inputLen - offSet);
+            }
+            out.write(cache, 0, cache.length);
+            i++;
+            offSet = i * encryptBlock;
+        }
+        out.close();
+        return out.toByteArray();
+    }
+
+}