package org.sxkj.common.utils;
|
|
import cn.hutool.core.codec.Base64;
|
import cn.hutool.crypto.asymmetric.SM2;
|
import com.alibaba.fastjson.JSONObject;
|
import com.fasterxml.jackson.core.JsonProcessingException;
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
|
import org.sxkj.common.utils.sm3.SM2SignUtil;
|
|
|
import java.io.BufferedReader;
|
import java.io.InputStreamReader;
|
import java.net.HttpURLConnection;
|
import java.net.URL;
|
import java.nio.charset.StandardCharsets;
|
import java.util.HashMap;
|
import java.util.Map;
|
|
|
|
public class AuthUtil {
|
private static final ObjectMapper objectMapper = new ObjectMapper();
|
/**
|
* 国土调查云获取token
|
* 1、获取当前时间的时间的毫秒时间戳A
|
* 2、用调用方的数字证书B和A进行字符串顺序拼接得到字符串C
|
* 3、获取字符串C的UTF-8字节数组D
|
* 4、采用调用方的私钥,使用SM2签名算法对字节数组D进行签名得到字节数组E
|
* 5、对字节数组E进行base64编码得到字符串F
|
* 6、组装得到token:{B}.{A}.{F}
|
* @return
|
*/
|
public static String getToken() {
|
String privateKey = "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3";
|
String publicKey = "04225AACF606D800EA3C2C31FCF8FB161B15F7A8D0460DEB91013D4F228C455E76A2ED8D71BC6525B5DC5CC015C155479D8839950344AEE438A3A6305C90F8269F";
|
SM2 sm2 = new SM2(privateKey, publicKey);
|
sm2.usePlainEncoding();
|
//SM2 token生成
|
String certCode = "UAV32_WHR4E3UAJZTE3KE5IZFDGL7CBU";
|
long timestamp = System.currentTimeMillis();
|
//拼接待签名数据
|
String needSignData = certCode + timestamp;
|
byte[] needSignDataByte = needSignData.getBytes(StandardCharsets.UTF_8);
|
//签名
|
byte[] signData = sm2.sign(needSignDataByte);
|
// String signDataHex = HexUtil.encodeHexStr(signData);
|
// System.out.println("sign Hex:" + signDataHex);
|
String signDataBase64 = Base64.encode(signData);
|
// System.out.println("sign Base64:" + signDataBase64);
|
//生成token
|
// String token = certCode + "." + timestamp + "." + signDataBase64;
|
// System.out.println("token:" + token);
|
//SM2 token验证
|
// boolean rst1 = sm2.verify(needSignDataByte, signData);
|
// System.out.println("verify result:" + rst1);
|
// boolean rst2 = sm2.verify(needSignDataByte, HexUtil.decodeHex(signDataHex));
|
// System.out.println("verify result:" + rst2);
|
// boolean rst3 = sm2.verify(needSignDataByte, Base64.decode(signDataBase64));
|
// System.out.println("verify result:" + rst3);
|
return certCode + "." + timestamp + "." + signDataBase64;
|
|
}
|
|
public static boolean tokenVerify(String token) {
|
|
String [] tokenStrs = token.split("\\.");
|
if (tokenStrs.length < 3) {
|
return false;
|
}
|
|
String privateKey = "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3";
|
String publicKey = "04225AACF606D800EA3C2C31FCF8FB161B15F7A8D0460DEB91013D4F228C455E76A2ED8D71BC6525B5DC5CC015C155479D8839950344AEE438A3A6305C90F8269F";
|
SM2 sm2 = new SM2(privateKey, publicKey);
|
sm2.usePlainEncoding();
|
|
//拼接待签名数据
|
String needSignData = tokenStrs[0] + tokenStrs[1];
|
byte[] needSignDataByte = needSignData.getBytes(StandardCharsets.UTF_8);
|
|
return sm2.verify(needSignDataByte, Base64.decode(tokenStrs[2]));
|
}
|
|
public static boolean tokenVerify2(String token,String publicKey) {
|
String [] tokenStrs = token.split("\\.");
|
if (tokenStrs.length < 3) {
|
return false;
|
}
|
|
String privateKey = "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3";
|
// String publicKey ="047719B34C1149EE1068A18E207E2BA4D0F61C42D2336FD0E0AE76D75AD556AB50DF8B8A395624F589DD3FBE12FB1E0DEA059114BD15D0629AE3408FDBC48212FA" ;
|
SM2 sm2 = new SM2(privateKey, publicKey);
|
sm2.usePlainEncoding();
|
|
//拼接待签名数据
|
String needSignData = tokenStrs[0] + tokenStrs[1];
|
byte[] needSignDataByte = needSignData.getBytes(StandardCharsets.UTF_8);
|
|
return sm2.verify(needSignDataByte, Base64.decode(tokenStrs[2]));
|
}
|
|
|
public static String getPublicKey() {
|
String urlString = "https://xcx.geoway.com.cn:8033/v1/cert/getPublicKey";
|
try {
|
URL url = new URL(urlString);
|
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
|
connection.setRequestMethod("GET");
|
connection.setRequestProperty("Accept", "application/json");
|
connection.setRequestProperty("x-lc-token", "UAV32_WHR4E3UAJZTE3KE5IZFDGL7CBU.1724764016746.mDm0ylBxqPyhX2wEishoTh3EulqMRxji4yLGscnew4ZGVfiV9qqJHTzTIbvbLtXOrog6YOHqFTYNy+j06yQ3IA=="); // 设置token
|
|
int responseCode = connection.getResponseCode();
|
if (responseCode == HttpURLConnection.HTTP_OK) {
|
String secret = connection.getHeaderField("x-lc-secret");
|
BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
|
String inputLine;
|
StringBuilder response = new StringBuilder();
|
|
while ((inputLine = in.readLine()) != null) {
|
response.append(inputLine);
|
}
|
in.close();
|
|
// 解析响应中的 JSON 并提取 data 信息
|
JSONObject jsonResponse = JSONObject.parseObject(response.toString());
|
String data = jsonResponse.getString("data");
|
byte[] bytes= SM2SignUtil.deSM2(secret, "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3");
|
return SM4Util.decrypt(bytes,data);
|
} else {
|
System.out.println("GET 请求失败。响应码:" + responseCode);
|
}
|
} catch (Exception e) {
|
e.printStackTrace();
|
}
|
return null;
|
}
|
public static Map<String,String> getPubulicKeys(String token) {
|
String urlString = "https://xcx.geoway.com.cn:8033/v1/cert/getcertbycertcode?certcode="+splitBeforeFirstDot(token);
|
try {
|
URL url = new URL(urlString);
|
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
|
connection.setRequestMethod("GET");
|
connection.setRequestProperty("Accept", "application/json");
|
connection.setRequestProperty("x-lc-token", getToken()); // 设置token
|
|
int responseCode = connection.getResponseCode();
|
if (responseCode == HttpURLConnection.HTTP_OK) {
|
String secret = connection.getHeaderField("x-lc-secret");
|
BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
|
String inputLine;
|
StringBuilder response = new StringBuilder();
|
|
while ((inputLine = in.readLine()) != null) {
|
response.append(inputLine);
|
}
|
in.close();
|
|
// 解析响应中的 JSON 并提取 data 信息
|
JSONObject jsonResponse = JSONObject.parseObject(response.toString());
|
String data = jsonResponse.getString("data");
|
byte[] bytes= SM2SignUtil.deSM2(secret, "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3");
|
// 解析JSON字符串
|
JSONObject jsonObject = JSONObject.parseObject(SM4Util.decrypt(bytes,data));
|
|
// 获取publickey字段的值
|
|
Map<String,String> map =new HashMap<>();
|
map.put("publickey",jsonObject.getString("publickey"));
|
map.put("orgname",jsonObject.getString("orgname"));
|
return map;
|
} else {
|
System.out.println("GET 请求失败。响应码:" + responseCode);
|
}
|
} catch (Exception e) {
|
e.printStackTrace();
|
}
|
return null;
|
}
|
public static String splitBeforeFirstDot(String input) {
|
if (input == null || input.isEmpty()) {
|
return input;
|
}
|
return input.split("\\.")[0];
|
}
|
public static String getPubulicKey(String token) {
|
String urlString = "https://xcx.geoway.com.cn:8033/v1/cert/getcertbycertcode?certcode="+splitBeforeFirstDot(token);
|
try {
|
URL url = new URL(urlString);
|
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
|
connection.setRequestMethod("GET");
|
connection.setRequestProperty("Accept", "application/json");
|
connection.setRequestProperty("x-lc-token", getToken()); // 设置token
|
|
int responseCode = connection.getResponseCode();
|
if (responseCode == HttpURLConnection.HTTP_OK) {
|
String secret = connection.getHeaderField("x-lc-secret");
|
BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
|
String inputLine;
|
StringBuilder response = new StringBuilder();
|
|
while ((inputLine = in.readLine()) != null) {
|
response.append(inputLine);
|
}
|
in.close();
|
|
// 解析响应中的 JSON 并提取 data 信息
|
JSONObject jsonResponse = JSONObject.parseObject(response.toString());
|
String data = jsonResponse.getString("data");
|
byte[] bytes= SM2SignUtil.deSM2(secret, "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3");
|
// 解析JSON字符串
|
JSONObject jsonObject = JSONObject.parseObject(SM4Util.decrypt(bytes,data));
|
|
// 获取publickey字段的值
|
|
return jsonObject.getString("publickey");
|
} else {
|
System.out.println("GET 请求失败。响应码:" + responseCode);
|
return null;
|
}
|
} catch (Exception e) {
|
e.printStackTrace();
|
}
|
return null;
|
}
|
|
public static <T> String buildRequestBody(T obj) {
|
try {
|
return objectMapper.writeValueAsString(obj);
|
} catch (JsonProcessingException e) {
|
throw new RuntimeException("对象转换为JSON字符串时发生错误", e);
|
}
|
}
|
|
|
}
|
