qq授权登录暂时不支持

app_web/src/components/login/login.vue

@@ -232,30 +232,25 @@
          * @param thirdpart
          */
         public tencentHandleClick(thirdpart: any) {
-            // window.QC.Login.showPopup({
-            //     appId:"101884990",
-            //     redirectURI:"http%3a%2f%2f127.0.0.1%3a8080%2f%23%2flogin"  //登录成功后会自动跳往该地址
-            // });
-            var _this = this;
-            // //　网站应用appid
-            const client_id = '101885024';
-            //　回调地址,即授权登录成功后跳转的地址(需要UrlEncode转码)
-            const redirect_uri = 'http%3a%2f%2f127.0.0.1%3a8080%2f%23%2flogin';
-            // 随机生成一段字符串，防止CSRF攻击的
-            const state =  Math.random().toString(36).substr(2);
-            // this.$store.dispatch(state);
-            // // qq授权登录地址
-            const url = 'https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=' + client_id + '&redirect_uri=' + redirect_uri + "&scope=get_user_info" + "&state=" + state;
-            // // 打开qq授权登录窗口，授权登录成功后会重定向到回调地址
-            this.openWindow(url, thirdpart, 540, 540);
+            this.$Message.warning("QQ授权登录暂未支持");
+            // var _this = this;
+            // const client_id = '101885024';//　网站应用appid
+            // const redirect_uri = 'http%3A%2F%2Fh6s33i.natappfree.cc%2F%23%2FqqLoginRedirect';//　回调地址,即授权登录成功后跳转的地址,需要UrlEncode转码
+            // const state =  Math.random().toString(36).substr(2);// 随机生成一段字符串，防止CSRF攻击的
+            // const url = 'https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=' + client_id + '&redirect_uri=' + redirect_uri + "&scope=get_user_info" + "&state=" + state;// qq授权登录地址
+            // this.openWindow(url, thirdpart, 540, 540);
         }
 
         /**
          * 微信授权登录
-         * @param thirddpart
+         * @param thirdpart
          */
-        public wechatHandleClick(thirddpart: any) {
+        public wechatHandleClick(thirdpart: any) {
             this.$Message.warning("微信授权登录暂未支持");
+            // let appId = 'wxcfe83301b6e6615f';	//微信开放平台提供的appId
+            // let redirectURI = 'http%3A%2F%2Fh6s33i.natappfree.cc%2F%23%2FweixinLoginRedirect';	//微信扫码后回调地址,需要UrlEncode转码
+            // let url =　'https://open.weixin.qq.com/connect/qrconnect?appid=' + appId +　'&redirect_uri=' +　redirectURI +　'&response_type=code&scope=snsapi_login&state=STATE#wechat_redirect';//微信扫码url
+            // this.openWindow(url, thirdpart, 540, 540);
         }
 
         /**

app_web/src/components/login/qqLoginRedirect.vue

@@ -232,7 +232,8 @@
                 param.registerType = "qq";
                 param.openId = this.openId;
                 param.accessToken = this.accessToken;
-            } else {
+            }
+            else {
                 this.$Message.error({
                     content: "注册并绑定QQ失败",
                     duration: 3,
@@ -262,7 +263,7 @@
                 }
             }).catch((e: any) => {
                 const data = e.data;
-                if (data && data.detail) {
+                if (data && data.message) {
                     this.$Message.error({
                         content: "注册失败，" + data.message,
                         duration: 3,

app_web/src/template.html

@@ -6,9 +6,7 @@
     <meta name="viewport" content="width=device-width,initial-scale=1.0">
     <link rel="icon" href="<%= BASE_URL %>favicon.ico">
     <title><%= htmlWebpackPlugin.options.title %></title>
-    <script type="text/javascript" src="http://qzonestyle.gtimg.cn/qzone/openapi/qc_loader.js" data-callback="true"
-            data-appid="101885024" data-redirecturi="http%3a%2f%2f127.0.0.1%3a8080%2f%23%2flogin" charset="utf-8">
-    </script>
+
 
   </head>
   <body>

ibzuaa-boot/src/main/java/cn/ibizlab/config/DevBootSecurityConfig.java

@@ -107,6 +107,7 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
                        .antMatchers("/uaa/login").permitAll()
                        .antMatchers("/uaa/register").permitAll()
                        .antMatchers("/uaa/queryUserByOpenId").permitAll()
+                       .antMatchers("/uaa/responseTokenToWeiXin").permitAll()
                 .anyRequest().authenticated()
                 // 防止iframe 造成跨域
                 .and().headers().frameOptions().disable();

ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/extensions/service/UserRegisterService.java

@@ -42,32 +42,6 @@ public class UserRegisterService{
         return ibzuser;
     }
 
-    /**
-     * qq授权注册并登录
-     * @param ibzuser 注册用户
-     * @param qqAuthorizationInfo　qq授权信息
-     */
-    public IBZUSER qqRegisterAndLogin(IBZUSER ibzuser, JSONObject qqAuthorizationInfo) {
-        // 1.根据qqAuthorizationInfo获取AccessToken
-        String code = qqAuthorizationInfo.getString("code");
-        String state = qqAuthorizationInfo.getString("state");
-        String redirect_uri = "";
-        String appid = "";
-        String appkey = "";
-        String url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&client_id=" + appid + "&client_secret=" + appkey + "&code=" + code + "&redirect_uri=" + redirect_uri;
-        // 2.根据AccessToken获取OpenID值
-
-
-        // 3.根据OpenID获取该QQ用户的相关信息
-
-
-        // 4.创建ibzuser，成功则登录
-        boolean flag = ibzuserService.save(ibzuser);
-        if (!flag) {
-            return null;
-        }
-        return ibzuser;
-    }
 
     /**
      * qq授权注册

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/UserRegisterResource.java

@@ -9,14 +9,13 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.ResponseEntity;
 import org.springframework.util.StringUtils;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.UUID;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.*;
 
 
 @RestController
@@ -27,7 +26,7 @@ public class UserRegisterResource {
     @Autowired
     private ISysPSSystemService iSysPSSystemService;
 
-    @Value("${ibiz.auth.qq.redirect_uri:}")
+    @Value("${ibiz.auth.qq.redirect_uri:http://127.0.0.1:8111/#/qqLoginRedirect}")
     private String redirect_URI;
 
     @PostMapping(value = "/uaa/register")
@@ -40,7 +39,7 @@ public class UserRegisterResource {
         String registerType = param.getString("registerType");
         if (StringUtils.isEmpty(loginname))
             throw new BadRequestAlertException("用户名为空", "register", "");
-        if (StringUtils.isEmpty(personname))
+        if (StringUtils.isEmpty(personname) && (!"qq".equals(registerType) && !"weixin".equals(registerType)))
             throw new BadRequestAlertException("用户姓名为空", "register", "");
         if (StringUtils.isEmpty(password))
             throw new BadRequestAlertException("密码为空", "register", "");
@@ -67,12 +66,11 @@ public class UserRegisterResource {
                 userRegisterService.commomRegister(ibzuser);
                 break;
             case "qq":// qq授权注册
-                ibzuser.setUserid("qq-" + uuid);
-                String openId = param.getString("openId");
-                String accessToken = param.getString("accessToken");
-                userRegisterService.qqRegister(ibzuser, openId, accessToken);
-//                JSONObject qqAuthorizationInfo = (JSONObject) param.get("qqAuthorizationInfo");
-//                userRegisterService.qqRegisterAndLogin(ibzuser, qqAuthorizationInfo);
+                ibzuser = null;
+//                ibzuser.setUserid("qq-" + uuid);
+//                String openId = param.getString("openId");
+//                String accessToken = param.getString("accessToken");
+//                userRegisterService.qqRegister(ibzuser, openId, accessToken);
                 break;
             default:
                 ibzuser.setUserid("commom-" + uuid);
@@ -86,6 +84,7 @@ public class UserRegisterResource {
 
     /**
      * 根据openId查用户
+     *
      * @param param
      * @return
      */
@@ -111,5 +110,40 @@ public class UserRegisterResource {
         return ResponseEntity.ok().body(object);
     }
 
+    //这里的token要和微信测试号网页填写的token一样
+    public static final String TOKEN = "weixin";
+
+    /**
+     * 响应微信发送的Token验证
+     *
+     * @param signature 　微信加密签名，signature结合了开发者填写的token参数和请求中的timestamp参数、nonce参数
+     * @param timestamp 　时间戳
+     * @param nonce     　随机数
+     * @param echostr   　随机字符串
+     * @param response  响应对象
+     * @throws IOException
+     * @throws NoSuchAlgorithmException
+     */
+    @GetMapping(value = "/uaa/responseTokenToWeiXin")
+    public void responseTokenToWeiXin(String signature, String timestamp, String nonce, String echostr, HttpServletResponse response) throws IOException, NoSuchAlgorithmException {
+        // 将token、timestamp、nonce三个参数进行字典序排序
+        System.out.println("signature:" + signature);
+        System.out.println("timestamp:" + timestamp);
+        System.out.println("nonce:" + nonce);
+        System.out.println("echostr:" + echostr);
+        System.out.println("TOKEN:" + TOKEN);
+        String[] params = new String[]{TOKEN, timestamp, nonce};
+        Arrays.sort(params);
+        // 将三个参数字符串拼接成一个字符串进行sha1加密
+        String clearText = params[0] + params[1] + params[2];
+        String algorithm = "SHA-1";
+        String sign = new String(org.apache.commons.codec.binary.Hex.encodeHex(MessageDigest.getInstance(algorithm).digest((clearText).getBytes()), true));
+        // 开发者获得加密后的字符串可与signature对比，标识该请求来源于微信
+        if (signature.equals(sign)) {
+            // 确认此次GET请求来自微信服务器，原样返回echostr参数内容，则接入生效，成为开发者成功
+            response.getWriter().print(echostr);
+        }
+    }
+
 
 }