package com.ruoyi.web.controller.api; import com.alibaba.fastjson2.JSONObject; import com.ruoyi.common.core.domain.R; import com.ruoyi.common.redis.service.RedisService; import com.ruoyi.framework.web.service.SysLoginService; import com.ruoyi.framework.web.service.TokenService; import com.ruoyi.system.model.TSysAiConfig; import com.ruoyi.system.service.TSysAiConfigService; import com.ruoyi.system.service.TSysAppUserService; import com.ruoyi.system.utils.util.AesSimpleUtil; import com.ruoyi.system.utils.util.RsaSimpleUtil; import com.ruoyi.system.utils.wx.model.WeixinProperties; import com.ruoyi.system.utils.wx.tools.WxAppletTools; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import org.springframework.web.client.RestTemplate; import javax.annotation.Resource; /** *

* 微信小程序登录 前端控制器 *

* * @author xiaochen * @since 2024-08-06 */ @Slf4j @RestController @RequestMapping("/aiCallback") public class H5AICallbackController { @Autowired private TSysAiConfigService sysAiConfigService; @PostMapping("/reportReturn") public String reportReturn(String encryptedJson, String signEncryptedJson) throws Exception { TSysAiConfig sysAiConfig = sysAiConfigService.getById(1); // 应用AES秘钥 String aesKey = sysAiConfig.getAesKey(); // 平台RSA公钥 String rsaPublicKey = sysAiConfig.getRsaPublicKey(); // 1. 先解密 String source = AesSimpleUtil.decrypt(encryptedJson, aesKey); JSONObject jsonObject = JSONObject.parseObject(source); // 2. 再验证签名 String signSource = String.format("%s_%s", jsonObject.getString("thirdId"), jsonObject.getString("time")); boolean verify = RsaSimpleUtil.verify(signSource, signEncryptedJson, rsaPublicKey); if (!verify) { return "error"; } // 3. 验证成功,则仅仅业务保存并返回success字符串 return "success"; } }