关于微信小程序中用户数据解密的介绍
这篇文章主要介绍了微信小程序 用户数据解密详细介绍的相关资料,需要的朋友可以参考下
微信小程序 用户数据解密
官方指引图:
引导图一步一步操作
1、获取code
onLoad: function (options) {// 页面初始化 options为页面跳转所带来的参数let that = thiswx.login({success: function (res) {// successlet code = res.codethat.setData({ code: code })wx.getUserInfo({success: function (res) {// successthat.setData({ userInfo: res.userInfo })that.setData({ iv: res.iv })that.setData({ encryptedData: res.encryptedData })that.get3rdSession()}})} })}
2、发送code到第三方服务器,获取3rd_session
get3rdSession:function(){let that = thiswx.request({url: 'https://localhost:8443/get3rdSession',data: {code: this.data.code},method: 'GET', // OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, CONNECT// header: {}, // 设置请求的 headersuccess: function (res) {// successvar sessionId = res.data.session;that.setData({ sessionId: sessionId })wx.setStorageSync('sessionId', sessionId)that.decodeUserInfo()}}) }
3、在第三方服务器上发送appid、appsecret、code到微信服务器换取session_key和openid
这里使用JFinal搭建的服务器
Redis配置
public void configPlugin(Plugins me) {//用于缓存userinfo模块的redis服务RedisPlugin userInfoRedis = new RedisPlugin("userInfo","localhost");me.add(userInfoRedis);}
获取第三方session
public void get3rdSession() {//获取名为userInfo的Redis Cache对象Cache userInfoCache = Redis.use("userInfo");String sessionId = "";JSONObject json = new JSONObject();String code = getPara("code");String url = "https://api.weixin.qq.com/sns/jscode2session?appid=wx7560b8008e2c445d&secret=f1af3312b7038513fd17dd9cbc3b357c&js_code=" + code + "&grant_type=authorization_code";//执行命令生成3rd_sessionString session = ExecLinuxCMDUtil.instance.exec("cat /dev/urandom |od -x | tr -d ' '| head -n 1").toString();json.put("session", session);//创建默认的httpClient实例CloseableHttpClient httpClient = getHttpClient();try {//用get方法发送http请求HttpGet get = new HttpGet(url);System.out.println("执行get请求:...." + get.getURI());CloseableHttpResponse httpResponse = null;//发送get请求httpResponse = httpClient.execute(get);try {//response实体HttpEntity entity = httpResponse.getEntity();if (null != entity) {String result = EntityUtils.toString(entity);System.out.println(result);JSONObject resultJson = JSONObject.fromObject(result);String session_key = resultJson.getString("session_key");String openid = resultJson.getString("openid");//session存储userInfoCache.set(session,session_key+","+openid);}} finally {httpResponse.close();}} catch (Exception e) {e.printStackTrace();} finally {try {closeHttpClient(httpClient);} catch (IOException e) {e.printStackTrace();}}renderJson(json);}private CloseableHttpClient getHttpClient() {return HttpClients.createDefault();}private void closeHttpClient(CloseableHttpClient client) throws IOException {if (client != null) {client.close();}}
ExecLinuxCMDUtil.Java
import java.io.InputStreamReader;import java.io.LineNumberReader;/** * java在linux环境下执行linux命令,然后返回命令返回值。 * Created by LJaer on 16/12/22. */public class ExecLinuxCMDUtil {public static final ExecLinuxCMDUtil instance = new ExecLinuxCMDUtil();public static Object exec(String cmd) {try {String[] cmdA = { "/bin/sh", "-c", cmd };Process process = Runtime.getRuntime().exec(cmdA);LineNumberReader br = new LineNumberReader(new InputStreamReader(process.getInputStream()));StringBuffer sb = new StringBuffer();String line;while ((line = br.readLine()) != null) {System.out.println(line);sb.append(line).append("n");}return sb.toString();} catch (Exception e) {e.printStackTrace();}return null;}}
4、解密用户数据
decodeUserInfo:function(){let that = thiswx.request({url: 'https://localhost:8443/decodeUserInfo',data: {encryptedData: that.data.encryptedData,iv: that.data.iv,session: wx.getStorageSync('sessionId')},method: 'GET', // OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, CONNECT// header: {}, // 设置请求的 headersuccess: function (res) {// successconsole.log(res)}})}
console输出结果:
后端解密代码
/** * 解密用户敏感数据 */public void decodeUserInfo(){String encryptedData = getPara("encryptedData");String iv = getPara("iv");String session = getPara("session");//从缓存中获取session_key//获取名称为userInfo的Redis Cache对象Cache userInfoRedis = Redis.use("userInfo");Object wxSessionObj = userInfoRedis.get(session);if(null==wxSessionObj){renderNull();}String wxSessionStr = (String)wxSessionObj;String session_key = wxSessionStr.split(",")[0];try {byte[] resultByte = AESUtil.instance.decrypt(Base64.decodeBase64(encryptedData), Base64.decodeBase64(session_key), Base64.decodeBase64(iv));if(null != resultByte && resultByte.length > 0){String userInfo = new String(resultByte, "UTF-8");System.out.println(userInfo);JSONObject json = JSONObject.fromObject(userInfo); //将字符串{“id”:1}renderJson(json);}} catch (InvalidAlgorithmParameterException e) {e.printStackTrace();} catch (UnsupportedEncodingException e) {e.printStackTrace();}}
AESUtil.java
import org.bouncycastle.jce.provider.BouncyCastleProvider;import javax.crypto.BadPaddingException;import javax.crypto.Cipher;import javax.crypto.IllegalBlockSizeException;import javax.crypto.NoSuchPaddingException;import javax.crypto.spec.IvParameterSpec;import javax.crypto.spec.SecretKeySpec;import java.security.*;public class AESUtil {public static final AESUtil instance = new AESUtil();public static boolean initialized = false;/*** AES解密* @param content 密文* @return* @throws InvalidAlgorithmParameterException* @throws NoSuchProviderException*/public byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException {initialize();try {Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");Key sKeySpec = new SecretKeySpec(keyByte, "AES");cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化byte[] result = cipher.doFinal(content);return result;} catch (NoSuchAlgorithmException e) {e.printStackTrace();} catch (NoSuchPaddingException e) {e.printStackTrace();} catch (InvalidKeyException e) {e.printStackTrace();} catch (IllegalBlockSizeException e) {e.printStackTrace();} catch (BadPaddingException e) {e.printStackTrace();} catch (NoSuchProviderException e) {// TODO Auto-generated catch blocke.printStackTrace();} catch (Exception e) {// TODO Auto-generated catch blocke.printStackTrace();}return null;}public static void initialize(){if (initialized) return;Security.addProvider(new BouncyCastleProvider());initialized = true;}//生成ivpublic static AlgorithmParameters generateIV(byte[] iv) throws Exception{AlgorithmParameters params = AlgorithmParameters.getInstance("AES");params.init(new IvParameterSpec(iv));return params;}}
以上就是本文的全部内容,希望对大家的学习有所帮助,更多相关内容请关注PHP中文网!
相关推荐:
微信小程序通过保存图片分享到朋友圈的功能实现
关于微信小程序收藏功能的实现
微信小程序如何获取openid及用户信息
以上就是关于微信小程序中用户数据解密的介绍的详细内容,更多请关注小潘博客其它相关文章!