package service import ( "encoding/base64" "encoding/hex" "encoding/json" "io" "log" "net/http" "qnc-server/config" "qnc-server/db" "qnc-server/model/model" "qnc-server/model/request" "qnc-server/utils" "strings" "time" ) type AntiFraudService struct { } const RetCodeSuccess = "000000" const RetCodeEmpty = "100000" func (a *AntiFraudService) ReqYuShan(data *model.AntiFraudReqPayload) (plainText []byte, err error) { currentTime := time.Now() unixMilliseconds := currentTime.UnixNano() / int64(time.Millisecond) requestSN, _ := utils.GenerateRandomString() apiKey := config.ConfigData.Antifraud.ApiKey acctId := config.ConfigData.Antifraud.AcctId httpUrl := config.ConfigData.Antifraud.HttpUrl // 根据 ProdID 动态构建请求数据 reqData := map[string]interface{}{ "prod_id": data.ProdID, "req_time": unixMilliseconds, "request_sn": requestSN, "req_data": map[string]interface{}{}, } for _, param := range model.AntiFraudProdIDParams[data.ProdID] { switch param { case "cardNo": reqData["req_data"].(map[string]interface{})["cardNo"] = data.CardNo case "name": reqData["req_data"].(map[string]interface{})["name"] = data.Name case "mobile": reqData["req_data"].(map[string]interface{})["mobile"] = data.Mobile case "type": reqData["req_data"].(map[string]interface{})["type"] = 3 case "keyWord": reqData["req_data"].(map[string]interface{})["keyWord"] = data.CardNo } } messageBytes, err := json.Marshal(reqData) if err != nil { return } key, err := hex.DecodeString(apiKey) if err != nil { return } //加密 cipherText := utils.AES_CBC_Encrypt(messageBytes, key) content := base64.StdEncoding.EncodeToString(cipherText) respStr, err := httpDo(httpUrl, content, acctId) if err != nil { return } //解密 sDec, err := base64.StdEncoding.DecodeString(respStr) if err != nil { if utils.IsJSON(respStr) { return []byte(respStr), nil } return } plainText = utils.AES_CBC_Decrypt(sDec, key) return } // post请求 func httpDo(url string, content string, acctId string) (stringBody string, err error) { client := &http.Client{} req, err := http.NewRequest("POST", url, strings.NewReader(content)) if err != nil { return } req.Header.Set("Content-Type", "application/json") req.Header.Set("ACCT_ID", acctId) resp, err := client.Do(req) if err != nil { return } defer resp.Body.Close() body, err := io.ReadAll(resp.Body) if err != nil { return } return string(body), nil } // 对返回信息进行处理,返回一份完整的报告 func (a *AntiFraudService) DataAnalysis(antiFraud model.AntiFraud) (report model.AntiFraudReport) { // 反欺诈评分(标准简版),分值越低风险越高 var fraudScoreResp model.YuShanResponse[model.FraudScoreRetData] err := json.Unmarshal([]byte(antiFraud.FraudScoreResp), &fraudScoreResp) if err != nil { log.Printf("fraudScoreResp Unmarshal error:%v", err) } if fraudScoreResp.Retcode == RetCodeSuccess { report.FraudScore.Score = utils.ConvertScore(fraudScoreResp.Retdata.BjScore, 300, 850) } else { log.Printf("fraudScoreResp error:%s", fraudScoreResp.Retmsg) } // 综合风险评估 var riskAssessmentResp model.YuShanResponse[model.RiskAssessmentRetData] err = json.Unmarshal([]byte(antiFraud.RiskAssessmentResp), &riskAssessmentResp) if err != nil { log.Printf("riskAssessmentResp Unmarshal error:%v", err) } if riskAssessmentResp.Retcode == RetCodeSuccess { report.RiskAssessment.Score = utils.ConvertScore(riskAssessmentResp.Retdata.BjScore, 300, 850) } else { log.Printf("riskAssessmentResp error:%s", riskAssessmentResp.Retmsg) } // 风险手机号列表核验 var mobileRiskCheckResp model.YuShanResponse[map[string]interface{}] err = json.Unmarshal([]byte(antiFraud.MobileRiskCheckResp), &mobileRiskCheckResp) if err != nil { log.Printf("mobileRiskCheckResp Unmarshal error:%v", err) } if mobileRiskCheckResp.Retcode == RetCodeSuccess { report.MobileRiskCheck = mobileRiskCheckResp.Retdata } else { log.Printf("mobileRiskCheckResp error:%s", mobileRiskCheckResp.Retmsg) } // 风险人员V2 RiskPersonV2Resp var riskPersonV2Resp model.YuShanResponse[map[string]interface{}] err = json.Unmarshal([]byte(antiFraud.RiskPersonV2Resp), &riskPersonV2Resp) if err != nil { log.Printf("riskPersonV2Resp Unmarshal error:%v", err) } if riskPersonV2Resp.Retcode == RetCodeSuccess { report.RiskPersonV2 = riskPersonV2Resp.Retdata } else { log.Printf("riskPersonV2Resp error:%s", riskPersonV2Resp.Retmsg) } // 反诈反赌核验 AntiFraudGamblingResp var antiFraudGamblingResp model.YuShanResponse[map[string]interface{}] err = json.Unmarshal([]byte(antiFraud.AntiFraudGamblingResp), &antiFraudGamblingResp) if err != nil { log.Printf("antiFraudGamblingResp Unmarshal error:%v", err) } if antiFraudGamblingResp.Retcode == RetCodeSuccess { report.AntiFraudGambling = antiFraudGamblingResp.Retdata } else { log.Printf("antiFraudGamblingResp error:%s", antiFraudGamblingResp.Retmsg) } // 电信诈骗名单 TelecomFraudListResp var telecomFraudListResp model.YuShanResponse[map[string]interface{}] err = json.Unmarshal([]byte(antiFraud.TelecomFraudListResp), &telecomFraudListResp) if err != nil { log.Printf("telecomFraudListResp Unmarshal error:%v", err) } if telecomFraudListResp.Retcode == RetCodeSuccess { report.TelecomFraudList = telecomFraudListResp.Retdata } else { log.Printf("telecomFraudListResp error:%s", telecomFraudListResp.Retmsg) } // 个人可信度 PersonalCredibilityResp var personalCredibilityResp model.YuShanResponse[map[string]interface{}] err = json.Unmarshal([]byte(antiFraud.PersonalCredibilityResp), &personalCredibilityResp) if err != nil { log.Printf("personalCredibilityResp Unmarshal error:%v", err) } if personalCredibilityResp.Retcode == RetCodeSuccess { report.PersonalCredibility = personalCredibilityResp.Retdata } else { log.Printf("personalCredibilityResp error:%s", personalCredibilityResp.Retmsg) } return report } func (a *AntiFraudService) GetAntifraud(reqBody request.AntiFraudQueryReq) (af model.AntiFraud) { db.DB.Where("card_no = ? AND name = ? AND mobile = ?", reqBody.CardNo, reqBody.Name, reqBody.Mobile).First(&af) return } func (a *AntiFraudService) QueryAntifraudOrder(orderID uint) (antifraud []model.AntiFraud, err error) { err = db.DB.Where("order_id = ?", orderID).Find(&antifraud).Error if err != nil { log.Printf("query antifraud order failed: %v", err) } return }