diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/WechatUtil.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/WechatUtil.java index afe1266..d43ac00 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/WechatUtil.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/WechatUtil.java @@ -205,6 +205,20 @@ public class WechatUtil { return tokenConent; } + /** + * 获取appid和session_key + * @param url + * @return + */ + private String getAccessData(String url) { + String str = ""; + String result = HttpUtil.get(url, CharsetUtil.CHARSET_UTF_8); + System.out.println("result=============="+result); + if (StringUtils.isEmpty(result)) + return str; + return result; + } + private String byteToHex(final byte[] hash) { Formatter formatter = new Formatter(); for (byte b : hash) { @@ -223,7 +237,7 @@ public class WechatUtil { */ public JSONObject code2Session(String code) { try { - String response = getAccessTokenData("https://api.weixin.qq.com/sns/jscode2session?appid="+appid+"&secret="+secret+"&js_code="+code+"&grant_type=authorization_code"); + String response = getAccessData("https://api.weixin.qq.com/sns/jscode2session?appid="+appid+"&secret="+secret+"&js_code="+code+"&grant_type=authorization_code"); JSONObject result = JSONObject.parseObject(response); // 微信返回错误码处理 if (result.containsKey("errcode") && result.getInteger("errcode") != 0) { @@ -250,8 +264,8 @@ public class WechatUtil { byte[] sessionKeyBytes = Base64.getDecoder().decode(sessionKey); byte[] ivBytes = Base64.getDecoder().decode(iv); - // 2. 初始化 AES-128-CBC 解密器(微信固定加密算法) - Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding"); + // 2. 初始化 AES-128-CBC 解密器(使用PKCS5Padding替换PKCS7Padding,两者在AES中效果一致) + Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); SecretKeySpec keySpec = new SecretKeySpec(sessionKeyBytes, "AES"); IvParameterSpec ivSpec = new IvParameterSpec(ivBytes); cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);