fix 微信文本内容校验

ruoyi-admin/src/main/java/com/ruoyi/web/controller/wx/WxPayController.java

@@ -77,4 +77,14 @@ public class WxPayController extends BaseController {
         }
         return ajax;
     }
+
+    /**
+     * 微信文本内容安全识别
+     *
+     * @return
+     */
+    @PostMapping("/msgSecCheck")
+    public AjaxResult msgSecCheck(@RequestBody AppletSessionDTO dto) {
+        return wxPayService.msgSecCheck(dto);
+    }
 }

ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java

@@ -93,6 +93,10 @@ public class Constants
      * 令牌
      */
     public static final String TOKEN = "token";
+    /**
+     * 微信小程序ACCESS_TOKEN
+     */
+    public static final String WX_ACCESS_TOKEN = "wx_access_token";
     /**
      * 微信登录相关信息
      */

ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java

@@ -73,6 +73,6 @@ public class UserConstants
     /**
      * 密码长度限制
      */
-    public static final int PASSWORD_MIN_LENGTH = 5;
+    public static final int PASSWORD_MIN_LENGTH = 8;
     public static final int PASSWORD_MAX_LENGTH = 20;
 }

ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java

@@ -105,8 +105,6 @@ public class SysLoginService
      *
      * @param username 用户名
      * @param password 密码
-     * @param code 验证码
-     * @param uuid 唯一标识
      * @return 结果
      */
     public String loginMiniPrograms(String username, String password)

ruoyi-system/src/main/java/com/ruoyi/system/domain/wx/AppletSessionDTO.java

@@ -18,6 +18,17 @@ public class AppletSessionDTO {
 
     // 绑定手机号
     private String phoneNumber;
+    //内容
+    private String content;
+
+
+    public String getContent() {
+        return content;
+    }
+
+    public void setContent(String content) {
+        this.content = content;
+    }
 
     public String getOpenId() {
         return openId;

ruoyi-system/src/main/java/com/ruoyi/system/service/IWxPayService.java

@@ -27,4 +27,11 @@ public interface IWxPayService {
     void payNotify(HttpServletRequest request);
 
     AppletSessionDTO jscode2Session(AppletLoginForm form);
+
+    /**
+     * 根获取微信文本内容安全识别
+     *
+     * @return
+     */
+    AjaxResult msgSecCheck(AppletSessionDTO dto);
 }

ruoyi-system/src/main/java/com/ruoyi/system/service/impl/WxPayServiceImpl.java

@@ -1,10 +1,10 @@
 package com.ruoyi.system.service.impl;
 
 
-
-
 import com.alibaba.fastjson.JSONObject;
+import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.redis.RedisCache;
 import com.ruoyi.common.exception.ServiceException;
 import com.ruoyi.common.utils.sign.Base64;
 import com.ruoyi.system.domain.wx.*;
@@ -20,7 +20,9 @@ import com.wechat.pay.java.service.payments.jsapi.model.Amount;
 import com.wechat.pay.java.service.payments.jsapi.model.Payer;
 import com.wechat.pay.java.service.payments.jsapi.model.PrepayRequest;
 import com.wechat.pay.java.service.payments.jsapi.model.PrepayResponse;
+import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.omg.CORBA.TIMEOUT;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 import utils.AppletDecryptDataUtil;
@@ -31,10 +33,15 @@ import javax.annotation.Resource;
 import javax.servlet.ServletInputStream;
 import javax.servlet.http.HttpServletRequest;
 import java.io.BufferedReader;
+import java.io.IOException;
 import java.io.InputStreamReader;
+import java.util.HashMap;
+import java.util.Map;
 import java.util.UUID;
+import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
+
 import static com.wechat.pay.java.core.http.Constant.*;
 
 /**
@@ -45,24 +52,34 @@ import static com.wechat.pay.java.core.http.Constant.*;
 @Service
 public class WxPayServiceImpl implements IWxPayService {
 
-    private  final String JSCODE_SESSION_API = "https://api.weixin.qq.com/sns/jscode2session?appid=APPID&secret=SECRET&js_code=JSCODE&grant_type=authorization_code";
+    private final String JSCODE_SESSION_API = "https://api.weixin.qq.com/sns/jscode2session?appid=APPID&secret=SECRET&js_code=JSCODE&grant_type=authorization_code";
+    //获取微信AccessToken接口地址实例勿改
+    private static final String ACCESS_TOKEN = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=APPID&secret=APPSECRET";
+    //文本内容安全识别
+    private static final String MSGSECCHECK = "https://api.weixin.qq.com/wxa/msg_sec_check?access_token=ACCESS_TOKEN";
+
 
     /**
      * 小程序appId
      */
     @Value("${wx.appId}")
-    private  String appId;
+    private String appId;
 
     /**
      * 小程序密钥
      */
     @Value("${wx.appSecret}")
-    private  String appSecret;
+    private String appSecret;
 
     @Resource
     private WxPayV3Bean wxPayV3Bean;
+
+    @Resource
+    private RedisCache redisCache;
+
     /**
      * 创建微信预支付订单
+     *
      * @param req
      * @return
      */
@@ -84,13 +101,13 @@ public class WxPayServiceImpl implements IWxPayService {
             PrepayRequest request = new PrepayRequest();
             Amount amount = new Amount();
             //元转分
-            amount.setTotal(req.getTotalPrice()*100);
+            amount.setTotal(req.getTotalPrice() * 100);
             request.setAmount(amount);
             request.setAppid(wxPayV3Bean.getAppId());
             request.setMchid(wxPayV3Bean.getMchId());
             request.setDescription(req.getGoodsName());
             request.setNotifyUrl(wxPayV3Bean.getNotifyUrl());
-            request.setOutTradeNo("DMGT"+System.currentTimeMillis());
+            request.setOutTradeNo("DMGT" + System.currentTimeMillis());
             request.setAttach(req.getOrderType());
             Payer payer = new Payer();
             payer.setOpenid(req.getOpenId());
@@ -109,7 +126,7 @@ public class WxPayServiceImpl implements IWxPayService {
             vo.setPrepayId(response.getPrepayId());
             //todo 存储预支付订单信息
             return AjaxResult.success(vo);
-        }catch (ServiceException e){
+        } catch (ServiceException e) {
             System.out.println("创建微信预支付订单失败");
 
         }
@@ -118,6 +135,7 @@ public class WxPayServiceImpl implements IWxPayService {
 
     /**
      * 微信支付回调
+     *
      * @param request
      * @return
      */
@@ -157,7 +175,7 @@ public class WxPayServiceImpl implements IWxPayService {
             String signature = request.getHeader(WECHAT_PAY_SIGNATURE);
             // 如果已经初始化了 RSAAutoCertificateConfig，可直接使用
             // 没有的话，则构造一个
-           // log.error(com.alibaba.fastjson2.JSON.toJSONString(wxPayV3Bean));
+            // log.error(com.alibaba.fastjson2.JSON.toJSONString(wxPayV3Bean));
             NotificationConfig config = new RSAAutoCertificateConfig.Builder()
                     .merchantId(wxPayV3Bean.getMchId())
                     .privateKeyFromPath(wxPayV3Bean.getKeyPath())
@@ -166,7 +184,7 @@ public class WxPayServiceImpl implements IWxPayService {
                     .build();
             // 初始化 NotificationParser
             NotificationParser parser = new NotificationParser(config);
-            RequestParam requestParam=new RequestParam.Builder()
+            RequestParam requestParam = new RequestParam.Builder()
                     .serialNumber(serialNo)
                     .nonce(nonce)
                     .signature(signature)
@@ -182,6 +200,7 @@ public class WxPayServiceImpl implements IWxPayService {
             System.out.println("获取微信支付回调失败");
         }
     }
+
     /**
      * 根据code获取小程序openid和unionid
      *
@@ -223,6 +242,42 @@ public class WxPayServiceImpl implements IWxPayService {
         return appletSession;
     }
 
+    /**
+     * 根获取微信文本内容安全识别
+     * @return
+     */
+    @Override
+    public AjaxResult msgSecCheck(AppletSessionDTO dto) {
+        Object accessToken =null;
+        try {
+            //从redis中获取
+             accessToken = redisCache.getCacheObject(Constants.WX_ACCESS_TOKEN);
+            if (ObjectUtils.isEmpty(accessToken)){
+                String result = HttpClientUtils.doGet(ACCESS_TOKEN.replace("APPID", appId)
+                        .replace("SECRET", appSecret)
+                );
+                JSONObject jsonObject = JSONObject.parseObject(result);
+                accessToken = jsonObject.get("access_token");
+                redisCache.setCacheObject(Constants.WX_ACCESS_TOKEN,accessToken,Constants.CAPTCHA_EXPIRATION, TimeUnit.HOURS);
+            }
+            Map<String,String> map = new HashMap(4);
+            map.put("content",dto.getContent());
+            map.put("version","2");
+            map.put("openid",dto.getOpenId());
+            map.put("scene","2");
+            String msgsecCheck = HttpClientUtils.doPost(MSGSECCHECK.replace("ACCESS_TOKEN", (String) accessToken), map);
+            JSONObject msgsecCheckResult = JSONObject.parseObject(msgsecCheck);
+            Object result = msgsecCheckResult.get("result");
+            Object label = JSONObject.parseObject((String) result).get("label");
+            if (!"100".equals(label)){
+                return AjaxResult.error("含有违规信息");
+            }
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+        return AjaxResult.success();
+    }
+
     /**
      * 手机号解密
      */