SpringBoot集成身份证认证

1. 身份认证

此处我们升级为自动的认证过程,无需人工参与

1.1 功能展示

我们输入真实姓名和身份证号就能验证,其技术在于阿里云的身份认证接口.

springcloud身份验证用什么框架 springboot身份验证_ci

https://market.aliyun.com/products/57000002/cmapi022049.html?spm=5176.730005-56956004.productlist.d_cmapi022049.744d123e6WmvqO&innerSource=search#sku=yuncode1604900000

springcloud身份验证用什么框架 springboot身份验证_身份认证_02

我们通过用户输入的真实姓名和身份证号就能验证用户信息.

1.2 购买API

springcloud身份验证用什么框架 springboot身份验证_身份认证_03

注意:没有登录阿里云,会提示我们登录阿里云网站,正常登录即可.

springcloud身份验证用什么框架 springboot身份验证_ide_04


springcloud身份验证用什么框架 springboot身份验证_ide_05

购买成功的结果:

AppKey

203866940

AppSecret

KF6LRDKejSejx2vfyLqiLP7bVvWOZYCp

AppCode

39e89acacec14a9d80782d8aa2893295

1.3 API文档

springcloud身份验证用什么框架 springboot身份验证_spring boot_06

1.4 集成身份认证

IdProperties:

@ConfigurationProperties(prefix = "identify")
@Data
public class IdProperties {

   /**
    * 对应你购买的appKey
    */
   private String appKey ;

   /**
    * 对应你购买的appSecret
    */
   private String appSecret ;


   /**
    * 对应你购买的appCode
    */
   private String appCode ;

   /**
    * 认证的url地址
    */
   private String url ;
}

IdAutoConfiguration(check方法就是身份证认证的接口代码):

@Configuration
@EnableConfigurationProperties(IdProperties.class)
public class IdAutoConfiguration {

   private static IdProperties  idProperties;

   /**
    * 发请求的工具
    */
   private static RestTemplate restTemplate = new RestTemplate() ;

   public IdAutoConfiguration(IdProperties idProperties){
       IdAutoConfiguration.idProperties = idProperties ;
   }

   /**
    * 用户信息的实名认证
    * @param realName
    * 用户的真实信息
    * @param cardNum
    * 用户的身份证号
    * @return
    * 验证的结果
    */
   public static boolean check(String realName ,String cardNum){

       /**
        * 本次请求我们是AppCode的形式验证: Authorization:APPCODE 你自己的AppCode
        *  -H Authorization:APPCODE 你自己的AppCode
        */
       HttpHeaders httpHeaders = new HttpHeaders();
       httpHeaders.add("Authorization","APPCODE "+idProperties.getAppCode());

       ResponseEntity<String> responseEntity = restTemplate.exchange(
               //%s 是变量,
               String.format(idProperties.getUrl(), cardNum, realName),
               HttpMethod.GET,
               new HttpEntity<>(null, httpHeaders),
               String.class
       );
// https://market.aliyun.com/products/57000002/cmapi022049.html?spm=5176.2020520132.101.2.2fe57218VVSjB0#sku=yuncode1604900000
       if(responseEntity.getStatusCode()== HttpStatus.OK){
           String body = responseEntity.getBody();
           JSONObject jsonObject = JSON.parseObject(body);
           String status = jsonObject.getString("status");
           if("01".equals(status)){ // 验证成功
               return true ;
           }
       }
       return  false ;
   }
}

1.5 完成身份认证

UserAuthForm:

@Data
@ApiModel(value = "用户的身份认证信息")
public class UserAuthForm extends GeetestForm{


   @NotBlank
   @ApiModelProperty(value = "用户的真实名称")
   private String realName ;

   @NotNull
   @ApiModelProperty(value = "用户的证件类型")
   private Integer idCardType ;

   @NotBlank
   @ApiModelProperty(value = "用户的证件号码")
   private String idCard ;

}

UserController:

@PostMapping("/authAccount")
@ApiOperation(value = "用户的实名认证")
@ApiImplicitParams({
       @ApiImplicitParam(name = "" ,value = "")
})
public R identifyCheck(@RequestBody  UserAuthForm userAuthForm){
   String idStr = SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString();
   boolean isOk = userService.identifyVerify(Long.valueOf(idStr),userAuthForm) ;
   if(isOk){
       return R.ok() ;
   }
   return R.fail("认证失败") ;
}

UserService:

/**
* 用户的实名认证
* @param id 用户的Id
* @param userAuthForm
* 认证的表单数据
* @return
*  认证的结果
*/
boolean identifyVerify(IdentityAuth identityAuth);

UserServiceImpl:

/**
     * 用户身份认证
     * @param identityAuth
     * @return
     */
    @Transactional
    @Override
    public Boolean identifyVerify(IdentityAuth identityAuth) {
        Assert.notNull(identityAuth, "认证的用户不存在");

        String userIdStr = SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString();
        Long userId = Long.valueOf(userIdStr);
        User user = this.getById(userId);
        Assert.notNull(user, "非法用户");

        if (user.getAuthStatus() != 0) {
            throw new InvalidParameterException("该用户已经认证成功!");
        }

        // 极验的二次校验
        GeetestForm geetestForm = new GeetestForm(identityAuth.getGeetest_challenge(), identityAuth.getGeetest_validate(), identityAuth.getGeetest_seccode(), identityAuth.getUuid());
        geetestForm.check(redisTemplate, geetestLib);

        // 身份认证
        boolean check = IdAutoProperties.check(identityAuth.getRealName(), identityAuth.getIdCard());

        if (!check) {
            throw new InvalidParameterException("参数异常!");
        }

        user.setRealName(identityAuth.getRealName());
        user.setIdCard(identityAuth.getIdCard());
        user.setId(userId);
        user.setAuthStatus((byte)1);
        user.setAuthtime(new Date());
        user.setIdCardType(identityAuth.getIdCardType());

        return this.updateById(user);
    }

2. 重启测试

springcloud身份验证用什么框架 springboot身份验证_ide_07