苹果登录接口1调试通过

server/src/main/java/com/pica/cloud/account/account/server/controller/LoginController.java

@@ -217,7 +217,7 @@ public class LoginController extends AccountBaseController {
     }
 
     @ApiOperation(value = "苹果授权登录")
-    @GetMapping("/login/apple")
+    @PostMapping("/login/apple")
     public PicaResponse appleAuth(@RequestBody EncryptEntity entity) throws Exception{
         BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
         request.setProductType(super.getProductType());

server/src/main/java/com/pica/cloud/account/account/server/enums/AccountExceptionEnum.java

@@ -33,7 +33,7 @@ public enum AccountExceptionEnum {
     PICA_PASSWORD_RULE_ERROR("216525","该手机号{mobile}尚未设置密码，请先设置密码。"),
     PICA_PWD_MISMATCH_4("216526", "密码错误,请重试"),
     PICA_PWD_MISMATCH_5("216527", "该账号{mobile}的密码错误次数已达上限请24小时后再试，或请使用其他登录方式或找回密码"),
-    PICA_APPLE_TOKEN_ERROR("216528", "微信登录授权identifyToken不正确"),
+    PICA_APPLE_TOKEN_ERROR("216528", "Apple登录授权token不正确"),
     PICA_APPLE_BIND_OTHER("216529", "该Apple账号已绑定其他账户"),
     PICA_MOBILE_BIND_OTHER("216530", "该手机号已绑定其他Apple账号"),
 

server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginServiceImpl.java

@@ -24,14 +24,13 @@ import com.pica.cloud.account.account.server.util.AESUtil;
 import com.pica.cloud.account.account.server.util.AccountUtils;
 import com.pica.cloud.account.account.server.util.TokenUtils;
 import com.pica.cloud.account.account.server.util.WeChatUtils;
-import com.pica.cloud.account.account.server.vo.OneClickLoginResultVo;
 import com.pica.cloud.foundation.encryption.common.constants.EncryptConstants;
 import com.pica.cloud.foundation.encryption.util.EncryptUtils;
 import com.pica.cloud.foundation.entity.PicaException;
 import com.pica.cloud.foundation.entity.PicaResultCode;
 import com.pica.cloud.foundation.redis.ICacheClient;
-import com.pica.cloud.foundation.utils.utils.HttpClientUtil;
 import com.pica.cloud.foundation.utils.utils.ValidateUtils;
+import com.pica.cloud.patient.smartcontract.common.utils.HttpClientCloudUtils;
 import io.jsonwebtoken.*;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang3.StringUtils;
@@ -42,13 +41,6 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
-
-import javax.servlet.http.HttpServletRequest;
-import java.io.BufferedReader;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.net.HttpURLConnection;
-import java.net.URL;
 import java.security.PublicKey;
 import java.util.Date;
 import java.util.HashMap;
@@ -606,14 +598,13 @@ public class LoginServiceImpl implements LoginService {
     @Override
     public LoginResult loginByApple(BaseRequest request) {
         //  入参非空判断
-        if (StringUtils.isEmpty(request.getIdentifyToken()) ||
-                StringUtils.isEmpty(request.getAppleUserId()) ||
-                StringUtils.isEmpty(request.getAppleId())) {
+        if (StringUtils.isEmpty(request.getIdentifyToken())) {
             throw new PicaException(AccountExceptionEnum.PICA_PARAMS_ERROR.getCode(),
                     AccountExceptionEnum.PICA_PARAMS_ERROR.getMessage());
         }
         //  identifyToken校验
-        if(!checkIdentifyToken(request.getIdentifyToken())){
+        if(!checkIdentifyToken(request)){
+            logger.info(JSON.toJSONString(request));
             throw new PicaException(
                     AccountExceptionEnum.PICA_APPLE_TOKEN_ERROR.getCode(),
                     AccountExceptionEnum.PICA_APPLE_TOKEN_ERROR.getMessage());
@@ -663,13 +654,14 @@ public class LoginServiceImpl implements LoginService {
      * @Params [identifyToekn]
      * @Return boolean false:未通过token校验，true:通过校验
      */
-    private boolean checkIdentifyToken(String identifyToken) {
+    private boolean checkIdentifyToken(BaseRequest request) {
+        String identifyToken = request.getIdentifyToken();
         logger.info("checkIdentifyToken-identifyToken:{}", identifyToken);
         //  向苹果后台获取公钥参数
         String appleResp = null;
         try {
-            appleResp = HttpClientUtil.getHttpExecute("https://appleid.apple.com/auth/keys");
-            logger.info("checkIdentifyToken-appleResp:{}", appleResp);
+            appleResp = HttpClientCloudUtils.getHttpExecute("https://appleid.apple.com/auth/keys");
+            //logger.info("checkIdentifyToken-appleResp:{}", appleResp);
         } catch (Exception e) {
             throw new PicaException("获取公钥失败", e.getMessage());
         }
@@ -677,7 +669,7 @@ public class LoginServiceImpl implements LoginService {
         String keys = jsonObject.getString("keys");
         JSONArray arr = JSONObject.parseArray(keys);
         JSONObject jsonObject1 = JSONObject.parseObject(arr.getString(0));
-        logger.info("checkIdentifyToken-jsonObject1:{}", jsonObject1);
+        //logger.info("checkIdentifyToken-jsonObject1:{}", jsonObject1);
 
         //  通过架包生成publicKey
         PublicKey publicKey;
@@ -689,10 +681,18 @@ public class LoginServiceImpl implements LoginService {
         }
         //  分割前台传过来的identifyToken（jwt格式的token）用base64解码使用
         if (identifyToken.split("\\.").length > 1) {
+            String aud;
+            String sub;
+            try {
                 String claim = new String(Base64.decodeBase64(identifyToken.split("\\.")[1]));
-            logger.info("checkIdentifyToken-claim:{}", claim);
-            String aud = JSONObject.parseObject(claim).get("aud").toString();
-            String sub = JSONObject.parseObject(claim).get("sub").toString();
+                //logger.info("checkIdentifyToken-claim:{}", claim);
+                aud = JSONObject.parseObject(claim).get("aud").toString();
+                sub = JSONObject.parseObject(claim).get("sub").toString();
+                //  appleUserId从token中解码取出后赋值
+                request.setAppleUserId(sub);
+            } catch (Exception e) {
+                throw new PicaException("token格式错误", e.getMessage());
+            }
             return this.verify(publicKey, identifyToken, aud, sub);
         }
         return false;
@@ -713,9 +713,8 @@ public class LoginServiceImpl implements LoginService {
         jwtParser.requireSubject(subject);
         try {
             Jws<Claims> claim = jwtParser.parseClaimsJws(jwt);
-            logger.info("apple-verify-claim:{}", JSON.toJSONString(claim));
-            logger.info("apple-verify-claim.getBody:{}",
-                    JSON.toJSONString(claim.getBody()));
+            //logger.info("apple-verify-claim:{}", JSON.toJSONString(claim));
+            //logger.info("apple-verify-claim.getBody:{}", JSON.toJSONString(claim.getBody()));
             if (claim != null && claim.getBody().containsKey("auth_time")) {
                 return true;
             }