v0.1

2025-07-28 01:46:39 +08:00
parent b03129667a
commit 357639462a
219 changed files with 21634 additions and 8138 deletions
--- a/internal/infrastructure/external/esign/certification_esign_service.go
+++ b/internal/infrastructure/external/esign/certification_esign_service.go
@@ -7,9 +7,9 @@ import (

 	"go.uber.org/zap"

+	"tyapi-server/internal/domains/certification/entities/value_objects"
 	"tyapi-server/internal/domains/certification/enums"
 	"tyapi-server/internal/domains/certification/repositories"
-	"tyapi-server/internal/domains/certification/value_objects"
 	"tyapi-server/internal/shared/esign"
 )

@@ -250,13 +250,19 @@ func (s *CertificationEsignService) HandleContractSignCallback(
 	}

 	if success {
-		// 合同签署成功，认证完成
+		// 合同签署成功，更新合同URL
+		if err := s.commandRepo.UpdateContractInfo(ctx, cert.ID, cert.ContractFileID, cert.EsignFlowID, signedFileURL, cert.ContractSignURL); err != nil {
+			s.logger.Error("更新合同URL失败", zap.Error(err))
+			return fmt.Errorf("更新合同URL失败: %w", err)
+		}
+
+		// 更新状态到合同已签署
 		if err := s.commandRepo.UpdateStatus(ctx, cert.ID, enums.StatusContractSigned); err != nil {
 			s.logger.Error("更新认证状态失败", zap.Error(err))
 			return fmt.Errorf("更新认证状态失败: %w", err)
 		}

-		s.logger.Info("认证流程完成", zap.String("certification_id", cert.ID))
+		s.logger.Info("合同签署成功", zap.String("certification_id", cert.ID))
 	} else {
 		// 合同签署失败
 		if err := s.commandRepo.UpdateStatus(ctx, cert.ID, enums.StatusContractRejected); err != nil {
--- a/internal/infrastructure/external/westdex/crypto.go
+++ b/internal/infrastructure/external/westdex/crypto.go
@@ -0,0 +1,160 @@
+package westdex
+
+import (
+	"bytes"
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/md5"
+	"crypto/sha1"
+	"encoding/base64"
+	"encoding/hex"
+)
+
+const (
+	KEY_SIZE = 16 // AES-128, 16 bytes
+)
+
+// Encrypt encrypts the given data using AES encryption in ECB mode with PKCS5 padding
+func Encrypt(data, secretKey string) (string, error) {
+	key := generateAESKey(KEY_SIZE*8, []byte(secretKey))
+	ciphertext, err := aesEncrypt([]byte(data), key)
+	if err != nil {
+		return "", err
+	}
+	return base64.StdEncoding.EncodeToString(ciphertext), nil
+}
+
+// Decrypt decrypts the given base64-encoded string using AES encryption in ECB mode with PKCS5 padding
+func Decrypt(encodedData, secretKey string) ([]byte, error) {
+	ciphertext, err := base64.StdEncoding.DecodeString(encodedData)
+	if err != nil {
+		return nil, err
+	}
+	key := generateAESKey(KEY_SIZE*8, []byte(secretKey))
+	plaintext, err := aesDecrypt(ciphertext, key)
+	if err != nil {
+		return nil, err
+	}
+	return plaintext, nil
+}
+
+// generateAESKey generates a key for AES encryption using a SHA-1 based PRNG
+func generateAESKey(length int, password []byte) []byte {
+	h := sha1.New()
+	h.Write(password)
+	state := h.Sum(nil)
+
+	keyBytes := make([]byte, 0, length/8)
+	for len(keyBytes) < length/8 {
+		h := sha1.New()
+		h.Write(state)
+		state = h.Sum(nil)
+		keyBytes = append(keyBytes, state...)
+	}
+
+	return keyBytes[:length/8]
+}
+
+// aesEncrypt encrypts plaintext using AES in ECB mode with PKCS5 padding
+func aesEncrypt(plaintext, key []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	paddedPlaintext := pkcs5Padding(plaintext, block.BlockSize())
+	ciphertext := make([]byte, len(paddedPlaintext))
+	mode := newECBEncrypter(block)
+	mode.CryptBlocks(ciphertext, paddedPlaintext)
+	return ciphertext, nil
+}
+
+// aesDecrypt decrypts ciphertext using AES in ECB mode with PKCS5 padding
+func aesDecrypt(ciphertext, key []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	plaintext := make([]byte, len(ciphertext))
+	mode := newECBDecrypter(block)
+	mode.CryptBlocks(plaintext, ciphertext)
+	return pkcs5Unpadding(plaintext), nil
+}
+
+// pkcs5Padding pads the input to a multiple of the block size using PKCS5 padding
+func pkcs5Padding(src []byte, blockSize int) []byte {
+	padding := blockSize - len(src)%blockSize
+	padtext := bytes.Repeat([]byte{byte(padding)}, padding)
+	return append(src, padtext...)
+}
+
+// pkcs5Unpadding removes PKCS5 padding from the input
+func pkcs5Unpadding(src []byte) []byte {
+	length := len(src)
+	unpadding := int(src[length-1])
+	return src[:(length - unpadding)]
+}
+
+// ECB mode encryption/decryption
+type ecb struct {
+	b         cipher.Block
+	blockSize int
+}
+
+func newECB(b cipher.Block) *ecb {
+	return &ecb{
+		b:         b,
+		blockSize: b.BlockSize(),
+	}
+}
+
+type ecbEncrypter ecb
+
+func newECBEncrypter(b cipher.Block) cipher.BlockMode {
+	return (*ecbEncrypter)(newECB(b))
+}
+
+func (x *ecbEncrypter) BlockSize() int { return x.blockSize }
+
+func (x *ecbEncrypter) CryptBlocks(dst, src []byte) {
+	if len(src)%x.blockSize != 0 {
+		panic("crypto/cipher: input not full blocks")
+	}
+	if len(dst) < len(src) {
+		panic("crypto/cipher: output smaller than input")
+	}
+	for len(src) > 0 {
+		x.b.Encrypt(dst, src[:x.blockSize])
+		src = src[x.blockSize:]
+		dst = dst[x.blockSize:]
+	}
+}
+
+type ecbDecrypter ecb
+
+func newECBDecrypter(b cipher.Block) cipher.BlockMode {
+	return (*ecbDecrypter)(newECB(b))
+}
+
+func (x *ecbDecrypter) BlockSize() int { return x.blockSize }
+
+func (x *ecbDecrypter) CryptBlocks(dst, src []byte) {
+	if len(src)%x.blockSize != 0 {
+		panic("crypto/cipher: input not full blocks")
+	}
+	if len(dst) < len(src) {
+		panic("crypto/cipher: output smaller than input")
+	}
+	for len(src) > 0 {
+		x.b.Decrypt(dst, src[:x.blockSize])
+		src = src[x.blockSize:]
+		dst = dst[x.blockSize:]
+	}
+}
+
+
+// Md5Encrypt 用于对传入的message进行MD5加密
+func Md5Encrypt(message string) string {
+	hash := md5.New()
+	hash.Write([]byte(message))              // 将字符串转换为字节切片并写入
+	return hex.EncodeToString(hash.Sum(nil)) // 将哈希值转换为16进制字符串并返回
+}
--- a/internal/infrastructure/external/westdex/westdex_service.go
+++ b/internal/infrastructure/external/westdex/westdex_service.go
@@ -0,0 +1,206 @@
+package westdex
+
+import (
+	"bytes"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"strconv"
+	"time"
+	"tyapi-server/internal/shared/crypto"
+)
+
+var (
+	ErrDatasource = errors.New("数据源异常")
+	ErrSystem     = errors.New("系统异常")
+)
+
+type WestResp struct {
+	Message   string `json:"message"`
+	Code      string `json:"code"`
+	Data      string `json:"data"`
+	ID        string `json:"id"`
+	ErrorCode *int   `json:"error_code"`
+	Reason    string `json:"reason"`
+}
+type G05HZ01WestResp struct {
+	Message   string          `json:"message"`
+	Code      string          `json:"code"`
+	Data      json.RawMessage `json:"data"`
+	ID        string          `json:"id"`
+	ErrorCode *int            `json:"error_code"`
+	Reason    string          `json:"reason"`
+}
+
+type WestConfig struct {
+	Url            string
+	Key            string
+	SecretId       string
+	SecretSecondId string
+}
+
+type WestDexService struct {
+	config WestConfig
+}
+
+// NewWestDexService 是一个构造函数，用于初始化 WestDexService
+func NewWestDexService(url, key, secretId, secretSecondId string) *WestDexService {
+	return &WestDexService{
+		config: WestConfig{
+			Url:            url,
+			Key:            key,
+			SecretId:       secretId,
+			SecretSecondId: secretSecondId,
+		},
+	}
+}
+
+// CallAPI 调用西部数据的 API
+func (w *WestDexService) CallAPI(code string, reqData map[string]interface{}) (resp []byte, err error) {
+	// 生成当前的13位时间戳
+	timestamp := strconv.FormatInt(time.Now().UnixNano()/int64(time.Millisecond), 10)
+
+	// 构造请求URL
+	reqUrl := fmt.Sprintf("%s/%s/%s?timestamp=%s", w.config.Url, w.config.SecretId, code, timestamp)
+
+	jsonData, marshalErr := json.Marshal(reqData)
+	if marshalErr != nil {
+		return nil, fmt.Errorf("%w: %s", ErrSystem, marshalErr.Error())
+	}
+
+	// 创建HTTP POST请求
+	req, newRequestErr := http.NewRequest("POST", reqUrl, bytes.NewBuffer(jsonData))
+	if newRequestErr != nil {
+		return nil, fmt.Errorf("%w: %s", ErrSystem, newRequestErr.Error())
+	}
+
+	// 设置请求头
+	req.Header.Set("Content-Type", "application/json")
+
+	// 发送请求
+	client := &http.Client{}
+	httpResp, clientDoErr := client.Do(req)
+	if clientDoErr != nil {
+		return nil, fmt.Errorf("%w: %s", ErrSystem, clientDoErr.Error())
+	}
+	defer func(Body io.ReadCloser) {
+		closeErr := Body.Close()
+		if closeErr != nil {
+		}
+	}(httpResp.Body)
+
+	// 检查请求是否成功
+	if httpResp.StatusCode == 200 {
+		// 读取响应体
+		bodyBytes, ReadErr := io.ReadAll(httpResp.Body)
+		if ReadErr != nil {
+			return nil, fmt.Errorf("%w: %s", ErrSystem, ReadErr.Error())
+		}
+
+		// 手动调用 json.Unmarshal 触发自定义的 UnmarshalJSON 方法
+		var westDexResp WestResp
+		UnmarshalErr := json.Unmarshal(bodyBytes, &westDexResp)
+		if UnmarshalErr != nil {
+			return nil, UnmarshalErr
+		}
+		if westDexResp.Code != "00000" && westDexResp.Code != "200" && westDexResp.Code != "0" {
+			if westDexResp.Data == "" {
+				return nil, fmt.Errorf("%w: %s", ErrSystem, westDexResp.Message)
+			}
+			decryptedData, DecryptErr := crypto.WestDexDecrypt(westDexResp.Data, w.config.Key)
+			if DecryptErr != nil {
+				return nil, fmt.Errorf("%w: %s", ErrSystem, DecryptErr.Error())
+			}
+			return decryptedData, fmt.Errorf("%w: %s", ErrDatasource, westDexResp.Message)
+		}
+		if westDexResp.Data == "" {
+			return nil, fmt.Errorf("%w: %s", ErrSystem, westDexResp.Message)
+		}
+		decryptedData, DecryptErr := crypto.WestDexDecrypt(westDexResp.Data, w.config.Key)
+		if DecryptErr != nil {
+			return nil, fmt.Errorf("%w: %s", ErrSystem, DecryptErr.Error())
+		}
+
+		return decryptedData, nil
+	}
+
+	return nil, fmt.Errorf("%w: 西部请求失败Code: %d", ErrSystem, httpResp.StatusCode)
+}
+
+// G05HZ01CallAPI 调用西部数据的 G05HZ01 API
+func (w *WestDexService) G05HZ01CallAPI(code string, reqData map[string]interface{}) (resp []byte, err error) {
+	// 生成当前的13位时间戳
+	timestamp := strconv.FormatInt(time.Now().UnixNano()/int64(time.Millisecond), 10)
+
+	// 构造请求URL
+	reqUrl := fmt.Sprintf("%s/%s/%s?timestamp=%s", w.config.Url, w.config.SecretSecondId, code, timestamp)
+
+	jsonData, marshalErr := json.Marshal(reqData)
+	if marshalErr != nil {
+		return nil, fmt.Errorf("%w: %s", ErrSystem, marshalErr.Error())
+	}
+
+	// 创建HTTP POST请求
+	req, newRequestErr := http.NewRequest("POST", reqUrl, bytes.NewBuffer(jsonData))
+	if newRequestErr != nil {
+		return nil, fmt.Errorf("%w: %s", ErrSystem, newRequestErr.Error())
+	}
+
+	// 设置请求头
+	req.Header.Set("Content-Type", "application/json")
+
+	// 发送请求
+	client := &http.Client{}
+	httpResp, clientDoErr := client.Do(req)
+	if clientDoErr != nil {
+		return nil, fmt.Errorf("%w: %s", ErrSystem, clientDoErr.Error())
+	}
+	defer func(Body io.ReadCloser) {
+		closeErr := Body.Close()
+		if closeErr != nil {
+			// 忽略
+		}
+	}(httpResp.Body)
+
+	if httpResp.StatusCode == 200 {
+		bodyBytes, ReadErr := io.ReadAll(httpResp.Body)
+		if ReadErr != nil {
+			return nil, fmt.Errorf("%w: %s", ErrSystem, ReadErr.Error())
+		}
+		var westDexResp G05HZ01WestResp
+		UnmarshalErr := json.Unmarshal(bodyBytes, &westDexResp)
+		if UnmarshalErr != nil {
+			return nil, fmt.Errorf("%w: %s", ErrSystem, UnmarshalErr.Error())
+		}
+		if westDexResp.Code != "0000" {
+			if westDexResp.Data == nil {
+				return nil, fmt.Errorf("%w: %s", ErrSystem, westDexResp.Message)
+			} else {
+				return westDexResp.Data, fmt.Errorf("%w: %s", ErrSystem, string(westDexResp.Data))
+			}
+		}
+		if westDexResp.Data == nil {
+			return nil, fmt.Errorf("%w: %s", ErrSystem, westDexResp.Message)
+		}
+		return westDexResp.Data, nil
+	} else {
+		return nil, fmt.Errorf("%w: 西部请求失败Code: %d", ErrSystem, httpResp.StatusCode)
+	}
+}
+
+func (w *WestDexService) Encrypt(data string) (string, error) {
+	encryptedValue, err := crypto.WestDexEncrypt(data, w.config.Key)
+	if err != nil {
+		return "", ErrSystem
+	}
+	return encryptedValue, nil
+}
+func (w *WestDexService) Md5Encrypt(data string) string {
+	return Md5Encrypt(data)
+}
+
+func (w *WestDexService) GetConfig() WestConfig {
+	return w.config
+}
--- a/internal/infrastructure/external/yushan/yushan_service.go
+++ b/internal/infrastructure/external/yushan/yushan_service.go
@@ -0,0 +1,205 @@
+package yushan
+
+import (
+	"bytes"
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/rand"
+	"encoding/base64"
+	"encoding/hex"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/tidwall/gjson"
+)
+
+var (
+	ErrDatasource = errors.New("数据源异常")
+	ErrNotFound   = errors.New("查询为空")
+	ErrSystem     = errors.New("系统异常")
+)
+
+type YushanConfig struct {
+	URL    string
+	ApiKey string
+	AcctID string
+}
+
+type YushanService struct {
+	config YushanConfig
+}
+
+// NewWestDexService 是一个构造函数，用于初始化 WestDexService
+func NewYushanService(url, apiKey, acctID string) *YushanService {
+	return &YushanService{
+		config: YushanConfig{
+			URL:    url,
+			ApiKey: apiKey,
+			AcctID: acctID,
+		},
+	}
+}
+
+// CallAPI 调用西部数据的 API
+func (y *YushanService) CallAPI(code string, params map[string]interface{}) (respBytes []byte, err error) {
+	// 获取当前时间戳
+	unixMilliseconds := time.Now().UnixNano() / int64(time.Millisecond)
+
+	// 生成请求序列号
+	requestSN, _ := y.GenerateRandomString()
+
+	// 构建请求数据
+	reqData := map[string]interface{}{
+		"prod_id":    code,
+		"req_time":   unixMilliseconds,
+		"request_sn": requestSN,
+		"req_data":   params,
+	}
+
+	// 将请求数据转换为 JSON 字节数组
+	messageBytes, err := json.Marshal(reqData)
+	if err != nil {
+		return nil, fmt.Errorf("%w: %s", ErrSystem, err.Error())
+	}
+
+	// 获取 API 密钥
+	key, err := hex.DecodeString(y.config.ApiKey)
+	if err != nil {
+		return nil, fmt.Errorf("%w: %s", ErrSystem, err.Error())
+	}
+
+	// 使用 AES CBC 加密请求数据
+	cipherText := y.AES_CBC_Encrypt(messageBytes, key)
+
+	// 将加密后的数据编码为 Base64 字符串
+	content := base64.StdEncoding.EncodeToString(cipherText)
+
+	// 发起 HTTP 请求
+	client := &http.Client{}
+	req, err := http.NewRequest("POST", y.config.URL, strings.NewReader(content))
+	if err != nil {
+		return nil, fmt.Errorf("%w: %s", ErrSystem, err.Error())
+	}
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("ACCT_ID", y.config.AcctID)
+
+	// 执行请求
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("%w: %s", ErrSystem, err.Error())
+	}
+	defer resp.Body.Close()
+
+	// 读取响应体
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	var respData []byte
+
+	if IsJSON(string(body)) {
+		respData = body
+	} else {
+		sDec, err := base64.StdEncoding.DecodeString(string(body))
+		if err != nil {
+			return nil, fmt.Errorf("%w: %s", ErrSystem, err.Error())
+		}
+		respData = y.AES_CBC_Decrypt(sDec, key)
+	}
+	retCode := gjson.GetBytes(respData, "retcode").String()
+
+	if retCode == "100000" {
+		// retcode 为 100000，表示查询为空
+		return nil, ErrNotFound
+	} else if retCode == "000000" {
+		// retcode 为 000000，表示有数据，返回 retdata
+		retData := gjson.GetBytes(respData, "retdata")
+		if !retData.Exists() {
+			return nil, fmt.Errorf("%w: %s", ErrDatasource, "羽山请求retdata为空")
+		}
+		return []byte(retData.Raw), nil
+	} else {
+		return nil, fmt.Errorf("%w: %s", ErrDatasource, "羽山请求未知的状态码")
+	}
+
+}
+
+// GenerateRandomString 生成一个32位的随机字符串订单号
+func (y *YushanService) GenerateRandomString() (string, error) {
+	// 创建一个16字节的数组
+	bytes := make([]byte, 16)
+	// 读取随机字节到数组中
+	if _, err := rand.Read(bytes); err != nil {
+		return "", err
+	}
+	// 将字节数组编码为16进制字符串
+	return hex.EncodeToString(bytes), nil
+}
+
+// AEC加密（CBC模式）
+func (y *YushanService) AES_CBC_Encrypt(plainText []byte, key []byte) []byte {
+	//指定加密算法，返回一个AES算法的Block接口对象
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		panic(err)
+	}
+	//进行填充
+	plainText = Padding(plainText, block.BlockSize())
+	//指定初始向量vi,长度和block的块尺寸一致
+	iv := []byte("0000000000000000")
+	//指定分组模式，返回一个BlockMode接口对象
+	blockMode := cipher.NewCBCEncrypter(block, iv)
+	//加密连续数据库
+	cipherText := make([]byte, len(plainText))
+	blockMode.CryptBlocks(cipherText, plainText)
+	//返回base64密文
+	return cipherText
+}
+
+// AEC解密（CBC模式）
+func (y *YushanService) AES_CBC_Decrypt(cipherText []byte, key []byte) []byte {
+	//指定解密算法，返回一个AES算法的Block接口对象
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		panic(err)
+	}
+	//指定初始化向量IV,和加密的一致
+	iv := []byte("0000000000000000")
+	//指定分组模式，返回一个BlockMode接口对象
+	blockMode := cipher.NewCBCDecrypter(block, iv)
+	//解密
+	plainText := make([]byte, len(cipherText))
+	blockMode.CryptBlocks(plainText, cipherText)
+	//删除填充
+	plainText = UnPadding(plainText)
+	return plainText
+} // 对明文进行填充
+func Padding(plainText []byte, blockSize int) []byte {
+	//计算要填充的长度
+	n := blockSize - len(plainText)%blockSize
+	//对原来的明文填充n个n
+	temp := bytes.Repeat([]byte{byte(n)}, n)
+	plainText = append(plainText, temp...)
+	return plainText
+}
+
+// 对密文删除填充
+func UnPadding(cipherText []byte) []byte {
+	//取出密文最后一个字节end
+	end := cipherText[len(cipherText)-1]
+	//删除填充
+	cipherText = cipherText[:len(cipherText)-int(end)]
+	return cipherText
+}
+
+// 判断字符串是否为 JSON 格式
+func IsJSON(s string) bool {
+	var js interface{}
+	return json.Unmarshal([]byte(s), &js) == nil
+}