一、服务端代码
1、去geetest官网注册并获取id和key 并引入新建geetestlib工具类
在github中clone出最新Demo项目,快速搭建本地应用:
git clone https://github.com/GeeTeam/gt-java-sdk.git
前往 项目主页
引用SDK
将SDK中的目录下的 src/com 目录复制到你的项目中
import com.geetest.sdk.java.GeetestLib;
public class GeetestLib {
protected final String verName = "3.2.0";// SDK版本编号
protected final String sdkLang = "java";// SD的语言类型
protected final String apiUrl = "http://api.geetest.com"; //极验验证API URL
protected final String baseUrl = "api.geetest.com";
protected final String registerUrl = "/register.php"; //register url
protected final String validateUrl = "/validate.php"; //validate url
/**
* 极验验证二次验证表单数据 chllenge
*/
public static final String FN_GEETEST_CHALLENGE = "geetest_challenge";
/**
* 极验验证二次验证表单数据 validate
*/
public static final String FN_GEETEST_VALIDATE = "geetest_validate";
/**
* 极验验证二次验证表单数据 seccode
*/
public static final String FN_GEETEST_SECCODE = "geetest_seccode";
/**
* 公钥
*/
private String CAPTCHAID = "";
/**
* 私钥
*/
private String PRIVATEKEY = "";
private String USERID = "";
private String RESPONSESTR = "";
/**
* 调试开关,是否输出调试日志
*/
public boolean debugCode = true;
/**
* 极验验证API服务状态Session Key
*/
public String gtServerStatusSessionKey = "gt_server_status";
/**
* 带参数构造函数
*
* @param captchaId
* @param privateKey
*/
public GeetestLib(String captchaId, String privateKey) {
this.CAPTCHAID = captchaId;
this.PRIVATEKEY = privateKey;
}
/**
* 获取本次验证初始化返回字符串
*
* @return 初始化结果
*/
public String getResponseStr() {
return RESPONSESTR;
}
public String getVersionInfo() {
return verName;
}
/**
* 预处理失败后的返回格式串
*
* @return
*/
private String getFailPreProcessRes() {
Long rnd1 = Math.round(Math.random() * 100);
Long rnd2 = Math.round(Math.random() * 100);
String md5Str1 = md5Encode(rnd1 + "");
String md5Str2 = md5Encode(rnd2 + "");
String challenge = md5Str1 + md5Str2.substring(0, 2);
return String.format(
"{\"success\":%s,\"gt\":\"%s\",\"challenge\":\"%s\"}", 0,
this.CAPTCHAID, challenge);
}
/**
* 预处理成功后的标准串
*
*/
private String getSuccessPreProcessRes(String challenge) {
gtlog("challenge:" + challenge);
return String.format(
"{\"success\":%s,\"gt\":\"%s\",\"challenge\":\"%s\"}", 1,
this.CAPTCHAID, challenge);
}
/**
* 验证初始化预处理
*
* @return 1表示初始化成功,0表示初始化失败
*/
public int preProcess() {
if (registerChallenge() != 1) {
this.RESPONSESTR = this.getFailPreProcessRes();
return 0;
}
return 1;
}
/**
* 验证初始化预处理
*
* @param userid
* @return 1表示初始化成功,0表示初始化失败
*/
public int preProcess(String userid){
this.USERID = userid;
return this.preProcess();
}
/**
* 用captchaID进行注册,更新challenge
*
* @return 1表示注册成功,0表示注册失败
*/
private int registerChallenge() {
try {
String GET_URL = apiUrl + registerUrl+"?gt=" + this.CAPTCHAID;
if (this.USERID != ""){
GET_URL = GET_URL + "&user_id=" + this.USERID;
this.USERID = "";
}
gtlog("GET_URL:" + GET_URL);
String result_str = readContentFromGet(GET_URL);
gtlog("register_result:" + result_str);
if (32 == result_str.length()) {
this.RESPONSESTR = this.getSuccessPreProcessRes(this.md5Encode(result_str + this.PRIVATEKEY));
return 1;
} else {
gtlog("gtServer register challenge failed");
return 0;
}
} catch (Exception e) {
gtlog("exception:register api");
}
return 0;
}
/**
* 发送请求,获取服务器返回结果
*
* @param getURL
* @return 服务器返回结果
* @throws IOException
*/
private String readContentFromGet(String getURL) throws IOException {
URL getUrl = new URL(getURL);
HttpURLConnection connection = (HttpURLConnection) getUrl
.openConnection();
connection.setConnectTimeout(2000);// 设置连接主机超时(单位:毫秒)
connection.setReadTimeout(2000);// 设置从主机读取数据超时(单位:毫秒)
// 建立与服务器的连接,并未发送数据
connection.connect();
// 发送数据到服务器并使用Reader读取返回的数据
StringBuffer sBuffer = new StringBuffer();
InputStream inStream = null;
byte[] buf = new byte[1024];
inStream = connection.getInputStream();
for (int n; (n = inStream.read(buf)) != -1;) {
sBuffer.append(new String(buf, 0, n, "UTF-8"));
}
inStream.close();
connection.disconnect();// 断开连接
return sBuffer.toString();
}
/**
* 判断一个表单对象值是否为空
*
* @param gtObj
* @return
*/
protected boolean objIsEmpty(Object gtObj) {
if (gtObj == null) {
return true;
}
if (gtObj.toString().trim().length() == 0) {
return true;
}
return false;
}
/**
* 检查客户端的请求是否合法,三个只要有一个为空,则判断不合法
*
* @param request
* @return
*/
private boolean resquestIsLegal(String challenge, String validate, String seccode) {
if (objIsEmpty(challenge)) {
return false;
}
if (objIsEmpty(validate)) {
return false;
}
if (objIsEmpty(seccode)) {
return false;
}
return true;
}
/**
* 服务正常的情况下使用的验证方式,向gt-server进行二次验证,获取验证结果
*
* @param challenge
* @param validate
* @param seccode
* @return 验证结果,1表示验证成功0表示验证失败
*/
public int enhencedValidateRequest(String challenge, String validate, String seccode) {
if (!resquestIsLegal(challenge, validate, seccode)) {
return 0;
}
gtlog("request legitimate");
String host = baseUrl;
String path = validateUrl;
int port = 80;
String query = String.format("seccode=%s&sdk=%s", seccode,
(this.sdkLang + "_" + this.verName));
String response = "";
if (this.USERID != ""){
query = query + "&user_id=" + this.USERID;
this.USERID = "";
}
gtlog(query);
try {
if (validate.length() <= 0) {
return 0;
}
if (!checkResultByPrivate(challenge, validate)) {
return 0;
}
gtlog("checkResultByPrivate");
response = postValidate(host, path, query, port);
gtlog("response: " + response);
} catch (Exception e) {
e.printStackTrace();
}
gtlog("md5: " + md5Encode(seccode));
if (response.equals(md5Encode(seccode))) {
return 1;
} else {
return 0;
}
}
/**
* 服务正常的情况下使用的验证方式,向gt-server进行二次验证,获取验证结果
*
* @param challenge
* @param validate
* @param seccode
* @param userid
* @return 验证结果,1表示验证成功0表示验证失败
*/
public int enhencedValidateRequest(String challenge, String validate, String seccode, String userid) {
this.USERID = userid;
return this.enhencedValidateRequest(challenge, validate, seccode);
}
/**
* failback使用的验证方式
*
* @param challenge
* @param validate
* @param seccode
* @return 验证结果,1表示验证成功0表示验证失败
*/
public int failbackValidateRequest(String challenge, String validate, String seccode) {
gtlog("in failback validate");
if (!resquestIsLegal(challenge, validate, seccode)) {
return 0;
}
gtlog("request legitimate");
String[] validateStr = validate.split("_");
String encodeAns = validateStr[0];
String encodeFullBgImgIndex = validateStr[1];
String encodeImgGrpIndex = validateStr[2];
gtlog(String.format(
"encode----challenge:%s--ans:%s,bg_idx:%s,grp_idx:%s",
challenge, encodeAns, encodeFullBgImgIndex, encodeImgGrpIndex));
int decodeAns = decodeResponse(challenge, encodeAns);
int decodeFullBgImgIndex = decodeResponse(challenge, encodeFullBgImgIndex);
int decodeImgGrpIndex = decodeResponse(challenge, encodeImgGrpIndex);
gtlog(String.format("decode----ans:%s,bg_idx:%s,grp_idx:%s", decodeAns,
decodeFullBgImgIndex, decodeImgGrpIndex));
int validateResult = validateFailImage(decodeAns,decodeFullBgImgIndex, decodeImgGrpIndex);
return validateResult;
}
/**
*
* @param ans
* @param full_bg_index
* @param img_grp_index
* @return
*/
private int validateFailImage(int ans, int full_bg_index,
int img_grp_index) {
final int thread = 3;// 容差值
String full_bg_name = md5Encode(full_bg_index + "").substring(0, 9);
String bg_name = md5Encode(img_grp_index + "").substring(10, 19);
String answer_decode = "";
// 通过两个字符串奇数和偶数位拼接产生答案位
for (int i = 0; i < 9; i++) {
if (i % 2 == 0) {
answer_decode += full_bg_name.charAt(i);
} else if (i % 2 == 1) {
answer_decode += bg_name.charAt(i);
} else {
gtlog("exception");
}
}
String x_decode = answer_decode.substring(4, answer_decode.length());
int x_int = Integer.valueOf(x_decode, 16);// 16 to 10
int result = x_int % 200;
if (result < 40) {
result = 40;
}
if (Math.abs(ans - result) <= thread) {
return 1;
} else {
return 0;
}
}
/**
* 解码随机参数
*
* @param encodeStr
* @param challenge
* @return
*/
private int decodeResponse(String challenge, String string) {
if (string.length() > 100) {
return 0;
}
int[] shuzi = new int[] { 1, 2, 5, 10, 50 };
String chongfu = "";
HashMap<String, Integer> key = new HashMap<String, Integer>();
int count = 0;
for (int i = 0; i < challenge.length(); i++) {
String item = challenge.charAt(i) + "";
if (chongfu.contains(item) == true) {
continue;
} else {
int value = shuzi[count % 5];
chongfu += item;
count++;
key.put(item, value);
}
}
int res = 0;
for (int j = 0; j < string.length(); j++) {
res += key.get(string.charAt(j) + "");
}
res = res - decodeRandBase(challenge);
return res;
}
/**
* 输入的两位的随机数字,解码出偏移量
*
* @param randStr
* @return
*/
private int decodeRandBase(String challenge) {
String base = challenge.substring(32, 34);
ArrayList<Integer> tempArray = new ArrayList<Integer>();
for (int i = 0; i < base.length(); i++) {
char tempChar = base.charAt(i);
Integer tempAscii = (int) (tempChar);
Integer result = (tempAscii > 57) ? (tempAscii - 87)
: (tempAscii - 48);
tempArray.add(result);
}
int decodeRes = tempArray.get(0) * 36 + tempArray.get(1);
return decodeRes;
}
/**
* 输出debug信息,需要开启debugCode
*
* @param message
*/
public void gtlog(String message) {
if (debugCode) {
System.out.println("gtlog: " + message);
}
}
protected boolean checkResultByPrivate(String challenge, String validate) {
String encodeStr = md5Encode(PRIVATEKEY + "geetest" + challenge);
return validate.equals(encodeStr);
}
/**
* 貌似不是Post方式,后面重构时修改名字
*
* @param host
* @param path
* @param data
* @param port
* @return
* @throws Exception
*/
protected String postValidate(String host, String path, String data,
int port) throws Exception {
String response = "error";
InetAddress addr = InetAddress.getByName(host);
Socket socket = new Socket(addr, port);
BufferedWriter wr = new BufferedWriter(new OutputStreamWriter(
socket.getOutputStream(), "UTF8"));
wr.write("POST " + path + " HTTP/1.0\r\n");
wr.write("Host: " + host + "\r\n");
wr.write("Content-Type: application/x-www-form-urlencoded\r\n");
wr.write("Content-Length: " + data.length() + "\r\n");
wr.write("\r\n"); // 以空行作为分割
// 发送数据
wr.write(data);
wr.flush();
// 读取返回信息
BufferedReader rd = new BufferedReader(new InputStreamReader(
socket.getInputStream(), "UTF-8"));
String line;
while ((line = rd.readLine()) != null) {
response = line;
}
wr.close();
rd.close();
socket.close();
return response;
}
/**
* md5 加密
*
* @time 2014年7月10日 下午3:30:01
* @param plainText
* @return
*/
private String md5Encode(String plainText) {
String re_md5 = new String();
try {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(plainText.getBytes());
byte b[] = md.digest();
int i;
StringBuffer buf = new StringBuffer("");
for (int offset = 0; offset < b.length; offset++) {
i = b[offset];
if (i < 0)
i += 256;
if (i < 16)
buf.append("0");
buf.append(Integer.toHexString(i));
}
re_md5 = buf.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return re_md5;
}
}
/********************************/
新建一个controller 并使用ajax实时校验
* 从geetest网站获取的KEY和ID
*/
private static final String CAPTCHA_ID = “自己申请”;
private static final String CAPTCHA_KEY = “自己去官网免费申请”;
/**
* @Title: verifyCaptchaCode
* @Description: TODO(图片验证码二次验证返回结果)
* @param @param request
* @param @param response
* @param @throws IOException 参数
* @return void 返回类型
* @throws
*/
@RequestMapping(value = "/verifyCaptchaCode")
@ResponseBody
public void verifyCaptchaCode(HttpServletRequest request, HttpServletResponse response) throws IOException {
GeetestLib gtSdk = new GeetestLib(CAPTCHA_ID, CAPTCHA_KEY);
String challenge = request.getParameter(GeetestLib.FN_GEETEST_CHALLENGE);
String validate = request.getParameter(GeetestLib.FN_GEETEST_VALIDATE);
String seccode = request.getParameter(GeetestLib.FN_GEETEST_SECCODE);
NotifyMsg msg = new NotifyMsg();
/****************************/
// 从session中获取gt-server状态
int gt_server_status_code = (Integer) request.getSession().getAttribute(gtSdk.gtServerStatusSessionKey);
// 从session中获取userid
String userid = SessionUtil.getAttr(request, "USERID").toString();
int gtResult = 0;
if (gt_server_status_code == 1) {
// gt-server正常,向gt-server进行二次验证
gtResult = gtSdk.enhencedValidateRequest(challenge, validate, seccode, userid);
log.info("gtResult:" + gtResult);
} else {
// gt-server非正常情况下,进行failback模式验证
log.info("failback:use your own server captcha validate");
gtResult = gtSdk.failbackValidateRequest(challenge, validate, seccode);
log.info("gtResult:" + gtResult);
}
if (gtResult != 1) {
// 验证成功
msg.init(1, "验证失败");
}
MethodUtil.toJsonMsg(response, msg.getKey(), msg.getMsg());
}
/**
* @Title: startValidate
* @Description: TODO(图片验证码初始验证返回输出验证码)
* @param @param request
* @param @param response 参数
* @return void 返回类型
* @throws
*/
@RequestMapping(value = "/startCaptcha")
@ResponseBody
public void startValidate(HttpServletRequest request, HttpServletResponse response) {
GeetestLib gtSdk = new GeetestLib(CAPTCHA_ID, CAPTCHA_KEY);
String resStr = "{}";
// 自定义userid
String userid = "CaptchaCode";
// 进行验证预处理
int gtServerStatus = gtSdk.preProcess(userid);
// 将服务器状态设置到session中
request.getSession().setAttribute(gtSdk.gtServerStatusSessionKey, gtServerStatus);
// 将userid设置到session中
SessionUtil.setAttr(request, "USERID", userid);
resStr = gtSdk.getResponseStr();
MethodUtil.toJsonPrint(response, resStr);
}
二、客户端代码
注意,如果您的网站使用https,则只需要将引入极验库的地方换成https协议即可,不需要更改其它地方。例如SDK中的demo要使用https,则将以下代码:
更换成以下代码即可:
这里的话我们新建一个login.jsp 具体代码省略
下面是JS脚本放在最末尾