@Action("wxlogin")
  public String execute() {
    if (CommonUtil.isEmpty(getSession().get("openid"))) {
      Config conf = Config.getInstance();
      try {
        byte[] bs = new byte[16];
        new Random().nextBytes(bs);
        String st = EncodeHelper.bytes2hex(bs);
        // 放进一个使用EhCache维护的容器,当用户从微信的OAuth2.0拿到code后检查这个链接是不是由此链接生成的。
        // CacheManager.getInstance().getCache("WXStates")
        // .put(new Element(st, redir));
        getSession().put("wxstate", st);
        getSession().put("redir", redir);
        redir =
            "https://open.weixin.qq.com/connect/oauth2/authorize?appid="
                + conf.get("weixin.appid")
                + "&redirect_uri="
                + EncodeHelper.encode(conf.get("weixin.context") + "wxlogindo.act", "URL")
                + "&response_type=code&scope=snsapi_base&state="
                + st
                + "#wechat_redirect";
      } catch (Exception e) {
        log.error(e);
      }
    }
    try {
      org.apache.struts2.ServletActionContext.getResponse().sendRedirect(redir);
    } catch (IOException e) {
      log.error(e);
    }

    return NONE;
  }
Esempio n. 2
0
 private boolean checkmsgsum(Object data, String touser, String userenc, String checksum) {
   String sdata = JSON.serialize(data);
   sdata = sdata.replaceAll("[ \\n\\r\\t]", "");
   log.info(sdata);
   if (CommonUtil.eq(checksum, EncodeHelper.digest(sdata + touser + userenc, "SHA"))) return true;
   else return false;
 }
Esempio n. 3
0
 private boolean checkenc(DB db, long stamp, String clientid, String userenc) {
   DBObject clientinfo = getClientInfo(db, clientid);
   if (clientinfo == null) return false;
   String enckey = String.valueOf(clientinfo.get("enckey"));
   try {
     String userdec =
         new String(
             EncodeHelper.dencrypt(
                 "DESede", EncodeHelper.hex2bytes(userenc), EncodeHelper.hex2bytes(enckey), null));
     if (CommonUtil.eq(userdec, String.valueOf(clientinfo.get("password")) + stamp)) return true;
     else return false;
   } catch (GeneralSecurityException e) {
     log.error(e);
     errormsg = e.getMessage();
     return false;
   }
 }