主要就是官方的这个图:
前端调用接口,得到腾讯发过来的几个数据,前端把这几个数据给后端,后端拿到这些数据后传给腾讯,让其判断是否正常,以及其他属性。
程序运行截图如下:
点击登录后,拖动正确进行跳转,拖动错误就重新输入
看看后台的打印:
这个是腾讯反馈的数据,response为1说明是正常,风险等级为0
程序结构如下:
源码如下:
LoginServlet.java
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URLEncoder;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
@WebServlet(value = "/login")
public class LoginServlet extends HttpServlet{
private static final String APP_ID = "xxxxxxxxxx";
private static final String APP_SECRET = "xxxxxxxxxx**";
private static final String VERIFY_URI = "https://ssl.captcha.qq.com/ticket/verify?aid=%s&AppSecretKey=%s&Ticket=%s&Randstr=%s&UserIP=%s";
public static int verifyTicket(String ticket, String rand, String userIp) {
CloseableHttpClient httpclient = HttpClients.createDefault();
HttpGet httpGet;
CloseableHttpResponse response = null;
try {
httpGet = new HttpGet(String.format(VERIFY_URI,
APP_ID,
APP_SECRET,
URLEncoder.encode(ticket, "UTF-8"),
URLEncoder.encode(rand, "UTF-8"),
URLEncoder.encode(userIp, "UTF-8")
));
response = httpclient.execute(httpGet);
HttpEntity entity = response.getEntity();
if (entity != null) {
String res = EntityUtils.toString(entity);
System.out.println(res); // 临时输出
JSONObject result = JSON.parseObject(res);
// 返回码
int code = result.getInteger("response");
// 恶意等级
int evilLevel = result.getInteger("evil_level");
// 验证成功
if (code == 1) return evilLevel;
}
} catch (java.io.IOException e) {
// 忽略
} finally {
try {
response.close();
} catch (Exception ignore) {
}
}
return -1;
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doPost(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
//验证
String ticket = request.getParameter("Ticket");
String randstr = request.getParameter("Randstr");
String userIP = request.getRemoteAddr();
verifyTicket(ticket, randstr, userIP);
response.sendRedirect("success.jsp");
}
}
web.xml
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<display-name>Archetype Created Web Application</display-name>
</web-app>
index.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>qq</title>
<script src="https://ssl.captcha.qq.com/TCaptcha.js"></script>
<script type="text/javascript">
function vail(){
var vailCode = new TencentCaptcha('2047017221', function(res){
if(res.ret == 0){
var form = document.getElementById("form1");
var ticketInput = document.getElementById("Ticket");
var randstrInput = document.getElementById("Randstr");
ticketInput.value = res.ticket;
randstrInput.value = res.randstr;
// console.log("res.ticket:" + res.ticket);
// console.log("res.randstr:" + res.randstr);
form.submit();
}
else{
alert("验证出错!");
}
});
vailCode.show();
}
</script>
</head>
<body>
<form id="form1" method="post" action="login">
<div>
<input id="Ticket" name="Ticket" type="hidden" value="">
<input id="Randstr" name="Randstr" type="hidden" value="">
<input type="button" value="登录" id="btnOK" οnclick="vail()" />
</div>
</form>
</body>
</html>
success.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<h1>SUCCESS</h1>
</body>
</html>
porn.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.example</groupId>
<artifactId>wxDemo</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>war</packaging>
<dependencies>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.62</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
<version>4.4.5</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.11</version>
</dependency>
</dependencies>
</project>