设为首页 加入收藏 关注我们: 官方微博 官方抖音

打开抖音扫一扫

轻源码

  • QingYuanMa.com
  • 全球最大的互联网技术和资源下载平台
搜索
源码学习下载
Dz插件 棋牌源码 精品游戏源码 Dz模版 整站资源 经典游戏源码
编程语言
微端制作 浏览器开发 VB 前端框架 后端开发 C++
微信开发
微信后端 Canvas 微信支付开发 支付宝开发 云融合 Xposed框架
分类
IT时讯 知识学习 招聘求职 科技专栏 VR资讯 VR开发
一起源码网 门户 终极进阶 查看主题

微信小程序用户数据解密

发布者: jiduqishi | 发布时间: 2017-2-26 02:16| 查看数: 4428| 评论数: 1|帖子模式

本文作者:Jaer_zk,来自原文地址

参考链接:

官方文档

官方指引图

按照官方引导图一步一步操作

1、获取code

  1. onLoad: function (options) {
  2.     // 页面初始化 options为页面跳转所带来的参数
  3.     let that = this
  4.     wx.login({
  5.       success: function (res) {
  6.         // success
  7.         let code = res.code
  8.         that.setData({ code: code })
  9.         wx.getUserInfo({
  10.           success: function (res) {
  11.             // success
  12.             that.setData({ userInfo: res.userInfo })
  13.             that.setData({ iv: res.iv })
  14.             that.setData({ encryptedData: res.encryptedData })
  15.             that.get3rdSession()
  16.           }
  17.         })
  18.       }
  19.   })
  20. }

2、发送code到第三方服务器,获取3rd_session

  1. get3rdSession:function(){
  2.     let that = this
  3.     wx.request({
  4.       url: 'https://localhost:8443/get3rdSession',
  5.       data: {
  6.         code: this.data.code
  7.       },
  8.       method: 'GET', // OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, CONNECT
  9.       // header: {}, // 设置请求的 header
  10.       success: function (res) {
  11.         // success
  12.         var sessionId = res.data.session;
  13.         that.setData({ sessionId: sessionId })
  14.         wx.setStorageSync('sessionId', sessionId)
  15.         that.decodeUserInfo()
  16.       }
  17.     })
  18.   }

3、在第三方服务器上发送appid、appsecret、code到微信服务器换取session_key和openid

这里使用JFinal搭建的服务器

Redis配置

  1. public void configPlugin(Plugins me) {
  2.     //用于缓存userinfo模块的redis服务
  3.     RedisPlugin userInfoRedis = new RedisPlugin("userInfo","localhost");
  4.     me.add(userInfoRedis);
  5. }

获取第三方session

  1. public void get3rdSession() {
  2.     //获取名为userInfoRedis Cache对象
  3.     Cache userInfoCache = Redis.use("userInfo");
  4.     String sessionId = "";
  5.     JSONObject json = new JSONObject();
  6.     String code = getPara("code");
  7.     String url = "" + code + "&grant_type=authorization_code";
  8.     //执行命令生成3rd_session
  9.     String session = ExecLinuxCMDUtil.instance.exec("cat /dev/urandom |od -x | tr -d ' '| head -n 1").toString();
  10.     json.put("session", session);
  11.     //创建默认的httpClient实例
  12.     CloseableHttpClient httpClient = getHttpClient();
  13.     try {
  14.         //用get方法发送http请求
  15.         HttpGet get = new HttpGet(url);
  16.         System.out.println("执行get请求:...." + get.getURI());
  17.         CloseableHttpResponse httpResponse = null;
  18.         //发送get请求
  19.         httpResponse = httpClient.execute(get);
  20.         try {
  21.             //response实体
  22.             HttpEntity entity = httpResponse.getEntity();
  23.             if (null != entity) {
  24.                 String result = EntityUtils.toString(entity);
  25.                 System.out.println(result);
  26.                 JSONObject resultJson = JSONObject.fromObject(result);
  27.                 String session_key = resultJson.getString("session_key");
  28.                 String openid = resultJson.getString("openid");
  29.                 //session存储
  30.                 userInfoCache.set(session,session_key+","+openid);
  31.                 }
  32.             } finally {
  33.                 httpResponse.close();
  34.             }
  35.         } catch (Exception e) {
  36.             e.printStackTrace();
  37.         } finally {
  38.             try {
  39.                 closeHttpClient(httpClient);
  40.             } catch (IOException e) {
  41.                 e.printStackTrace();
  42.             }
  43.         }
  44.         renderJson(json);
  45. }
  46. private CloseableHttpClient getHttpClient() {
  47.     return HttpClients.createDefault();
  48. }
  50. private void closeHttpClient(CloseableHttpClient client) throws IOException {
  51.     if (client != null) {
  52.         client.close();
  53.     }
  54. }

ExecLinuxCMDUtil.Java

  1. import java.io.InputStreamReader;
  2. import java.io.LineNumberReader;
  4. /**
  5.  * javalinux环境下执行linux命令,然后返回命令返回值。
  6.  * Created by LJaer on 16/12/22.
  7.  */
  8. public class ExecLinuxCMDUtil {
  9.     public static final  ExecLinuxCMDUtil instance = new ExecLinuxCMDUtil();
  11.     public static Object exec(String cmd) {
  12.         try {
  13.             String[] cmdA = { "/bin/sh", "-c", cmd };
  14.             Process process = Runtime.getRuntime().exec(cmdA);
  15.             LineNumberReader br = new LineNumberReader(new InputStreamReader(
  16.                     process.getInputStream()));
  17.             StringBuffer sb = new StringBuffer();
  18.             String line;
  19.             while ((line = br.readLine()) != null) {
  20.                 System.out.println(line);
  21.                 sb.append(line).append("\n");
  22.             }
  23.             return sb.toString();
  24.         } catch (Exception e) {
  25.             e.printStackTrace();
  26.         }
  27.         return null;
  28.     }
  29. }

4、解密用户数据

  1. decodeUserInfo:function(){
  2.     let that = this
  3.     wx.request({
  4.       url: 'https://localhost:8443/decodeUserInfo',
  5.       data: {
  6.         encryptedData: that.data.encryptedData,
  7.         iv: that.data.iv,
  8.         session: wx.getStorageSync('sessionId')
  9.       },
  10.       method: 'GET', // OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, CONNECT
  11.       // header: {}, // 设置请求的 header
  12.       success: function (res) {
  13.         // success
  14.         console.log(res)
  15.       }
  16.     })
  17. }

console输出结果:

后端解密代码

  1. /**
  2.  * 解密用户敏感数据
  3.  */
  4. public void decodeUserInfo(){
  5.     String encryptedData = getPara("encryptedData");
  6.     String iv = getPara("iv");
  7.     String session = getPara("session");
  8.     //从缓存中获取session_key
  9.     //获取名称为userInfoRedis Cache对象
  10.     Cache userInfoRedis = Redis.use("userInfo");
  11.     Object wxSessionObj =  userInfoRedis.get(session);
  12.     if(null==wxSessionObj){
  13.         renderNull();
  14.     }
  15.     String wxSessionStr = (String)wxSessionObj;
  16.     String session_key = wxSessionStr.split(",")[0];
  19.     try {
  20.         byte[] resultByte = AESUtil.instance.decrypt(Base64.decodeBase64(encryptedData), Base64.decodeBase64(session_key), Base64.decodeBase64(iv));
  21.         if(null != resultByte && resultByte.length > 0){
  22.             String userInfo = new String(resultByte, "UTF-8");
  23.             System.out.println(userInfo);
  24.             JSONObject json = JSONObject.fromObject(userInfo); //将字符串{“id”:1}
  25.             renderJson(json);
  26.         }
  27.     } catch (InvalidAlgorithmParameterException e) {
  28.         e.printStackTrace();
  29.     } catch (UnsupportedEncodingException e) {
  30.         e.printStackTrace();
  31.     }
  32. }

AESUtil.java

  1. import org.bouncycastle.jce.provider.BouncyCastleProvider;
  3. import javax.crypto.BadPaddingException;
  4. import javax.crypto.Cipher;
  5. import javax.crypto.IllegalBlockSizeException;
  6. import javax.crypto.NoSuchPaddingException;
  7. import javax.crypto.spec.IvParameterSpec;
  8. import javax.crypto.spec.SecretKeySpec;
  9. import java.security.*;
  11. public class AESUtil {
  12.     public static final AESUtil instance = new AESUtil();
  14.     public static boolean initialized = false;
  16.     /**
  17.      * AES解密
  18.      * @param content 密文
  19.      * @return
  20.      * @throws InvalidAlgorithmParameterException
  21.      * @throws NoSuchProviderException
  22.      */
  23.     public byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException {
  24.         initialize();
  25.         try {
  26.             Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
  27.             Key sKeySpec = new SecretKeySpec(keyByte, "AES");
  29.             cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化
  30.             byte[] result = cipher.doFinal(content);
  31.             return result;
  32.         } catch (NoSuchAlgorithmException e) {
  33.             e.printStackTrace();
  34.         } catch (NoSuchPaddingException e) {
  35.             e.printStackTrace();
  36.         } catch (InvalidKeyException e) {
  37.             e.printStackTrace();
  38.         } catch (IllegalBlockSizeException e) {
  39.             e.printStackTrace();
  40.         } catch (BadPaddingException e) {
  41.             e.printStackTrace();
  42.         } catch (NoSuchProviderException e) {
  43.             // TODO Auto-generated catch block
  44.             e.printStackTrace();
  45.         } catch (Exception e) {
  46.             // TODO Auto-generated catch block
  47.             e.printStackTrace();
  48.         }
  49.         return null;
  50.     }
  52.     public static void initialize(){
  53.         if (initialized) return;
  54.         Security.addProvider(new BouncyCastleProvider());
  55.         initialized = true;
  56.     }
  57.     //生成iv
  58.     public static AlgorithmParameters generateIV(byte[] iv) throws Exception{
  59.         AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
  60.         params.init(new IvParameterSpec(iv));
  61.         return params;
  62.     }
  63. }
微信post解密

最新评论

zuojurong 发表于 2022-4-26 19:48
源代码2为什么看不了

浏览过的版块

轻源码让程序更轻更快

QingYuanMa.com

工作时间 周一至周六 8:00-17:30

侵权处理

客服QQ点击咨询
城事
话题关注
网上民生
新闻拍客
情感家园
生活
房产资讯
汽车生活
谈婚论嫁
妈妈宝贝
游戏设计
动设计
91游戏
VIP游戏
轻松APP
友情链接
爱秒云
真考题
随手APP
goodpay

关注抖音号

定期抽VIP

设为首页 加入收藏手机版小黑屋

Copyright © 2016-2021 https://www.171739.xyz/ 滇ICP备13200218号

快速回复 返回顶部 返回列表