@Action("wxlogin")
public String execute() {
if (CommonUtil.isEmpty(getSession().get("openid"))) {
Config conf = Config.getInstance();
try {
byte[] bs = new byte[16];
new Random().nextBytes(bs);
String st = EncodeHelper.bytes2hex(bs);
// 放进一个使用EhCache维护的容器,当用户从微信的OAuth2.0拿到code后检查这个链接是不是由此链接生成的。
// CacheManager.getInstance().getCache("WXStates")
// .put(new Element(st, redir));
getSession().put("wxstate", st);
getSession().put("redir", redir);
redir =
"https://open.weixin.qq.com/connect/oauth2/authorize?appid="
+ conf.get("weixin.appid")
+ "&redirect_uri="
+ EncodeHelper.encode(conf.get("weixin.context") + "wxlogindo.act", "URL")
+ "&response_type=code&scope=snsapi_base&state="
+ st
+ "#wechat_redirect";
} catch (Exception e) {
log.error(e);
}
}
try {
org.apache.struts2.ServletActionContext.getResponse().sendRedirect(redir);
} catch (IOException e) {
log.error(e);
}
return NONE;
}
private boolean checkmsgsum(Object data, String touser, String userenc, String checksum) {
String sdata = JSON.serialize(data);
sdata = sdata.replaceAll("[ \\n\\r\\t]", "");
log.info(sdata);
if (CommonUtil.eq(checksum, EncodeHelper.digest(sdata + touser + userenc, "SHA"))) return true;
else return false;
}
private boolean checkenc(DB db, long stamp, String clientid, String userenc) {
DBObject clientinfo = getClientInfo(db, clientid);
if (clientinfo == null) return false;
String enckey = String.valueOf(clientinfo.get("enckey"));
try {
String userdec =
new String(
EncodeHelper.dencrypt(
"DESede", EncodeHelper.hex2bytes(userenc), EncodeHelper.hex2bytes(enckey), null));
if (CommonUtil.eq(userdec, String.valueOf(clientinfo.get("password")) + stamp)) return true;
else return false;
} catch (GeneralSecurityException e) {
log.error(e);
errormsg = e.getMessage();
return false;
}
}