feat(app): 添加微信小程序内容安全检测功能

- 集成 WxMpUtil 工具类用于微信小程序消息安全检测
- 在用户更新昵称时添加内容安全校验逻辑
- 使用景区配置的微信小程序 AppId 和 AppSecret 进行检测
- 当昵称包含违规内容时抛出参数错误异常
- 实现 msgSecCheck 方法调用微信小程序内容安全接口
- 添加 MSG_SEC_CHECK_URL 常量定义检测接口地址

src/main/java/com/ycwl/basic/service/mobile/impl/AppMemberServiceImpl.java

@@ -19,6 +19,7 @@ import com.ycwl.basic.service.mobile.AppMemberService;
 import com.ycwl.basic.utils.ApiResponse;
 import com.ycwl.basic.utils.JwtTokenUtil;
 import com.ycwl.basic.utils.SnowFlakeUtil;
+import com.ycwl.basic.utils.WxMpUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -139,6 +140,19 @@ public class AppMemberServiceImpl implements AppMemberService {
 
     @Override
     public ApiResponse<?> update(WeChatUserInfoUpdateDTO userInfoUpdateDTO) {
+        if (StringUtils.isNotBlank(userInfoUpdateDTO.getNickname())) {
+            Long userId = Long.parseLong(BaseContextHandler.getUserId());
+            MemberRespVO member = memberMapper.getById(userId);
+            if (member != null && member.getScenicId() != null) {
+                MpConfigEntity scenicMpConfig = scenicRepository.getScenicMpConfig(member.getScenicId());
+                if (scenicMpConfig != null) {
+                    boolean checkResult = WxMpUtil.msgSecCheck(scenicMpConfig.getAppId(), scenicMpConfig.getAppSecret(), userInfoUpdateDTO.getNickname(), member.getOpenId(), 1);
+                    if (!checkResult) {
+                        throw new AppException(BizCodeEnum.PARAM_ERROR.getCode(), "昵称包含违规内容，请修改");
+                    }
+                }
+            }
+        }
         MemberEntity memberEntity = new MemberEntity();
         memberEntity.setId(Long.parseLong(BaseContextHandler.getUserId()));
         memberEntity.setNickname(userInfoUpdateDTO.getNickname());

src/main/java/com/ycwl/basic/utils/WxMpUtil.java

@@ -2,6 +2,7 @@ package com.ycwl.basic.utils;
 
 import cn.hutool.http.HttpResponse;
 import cn.hutool.http.HttpUtil;
+import org.apache.commons.lang3.Strings;
 
 import java.util.HashMap;
 import java.io.File;
@@ -19,6 +20,7 @@ public class WxMpUtil {
     private static final String ACCESS_TOKEN_URL = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=%s&secret=%s";
     private static final String STABLE_ACCESS_TOKEN_URL = "https://api.weixin.qq.com/cgi-bin/stable_token?grant_type=client_credential&appid=%s&secret=%s&force_refresh=false";
     public static final String  GET_USER_PHONE_URL = "https://api.weixin.qq.com/wxa/business/getuserphonenumber?access_token=%s";
+    private static final String MSG_SEC_CHECK_URL = "https://api.weixin.qq.com/wxa/msg_sec_check?access_token=%s";
     private static final Map<String, String> tokens = new ConcurrentHashMap<>();
     private static final Map<String, Date> expireTimes = new ConcurrentHashMap<>();
     private static final ReentrantLock lock = new ReentrantLock();
@@ -140,6 +142,30 @@ public class WxMpUtil {
         }
     }
 
+    public static boolean msgSecCheck(String appId, String appSecret, String content, String openId, int scene) {
+        String url = String.format(MSG_SEC_CHECK_URL, getAccessToken(appId, appSecret));
+        Map<String, Object> json = new HashMap<>();
+        json.put("content", content);
+        json.put("version", 2);
+        json.put("scene", scene);
+        json.put("openid", openId);
+
+        String response = HttpUtil.post(url, JacksonUtil.toJSONString(json));
+        Map<String, Object> jsonObject = JacksonUtil.parseObject(response, Map.class);
+        Object errcode = jsonObject.get("errcode");
+        boolean success = errcode != null && (Integer) errcode == 0;
+        if (!success) {
+            // 接口调用失败，认为检测成功。
+            return true;
+        }
+        Map<String, Object> result = JacksonUtil.getObject(response, "result", Map.class);
+        if (result == null) {
+            return false;
+        }
+        String suggest = result.getOrDefault("suggest", "").toString();
+        return Strings.CI.equals(suggest, "pass");
+    }
+
     public static void main(String[] args) throws Exception {
         generateWXAQRCode("wxe7ff26af70bfc37c", "5252fbbc68513bc77b7cc0052b9f9695", "trial", "pages/home/index?scenicId=3930324797233434624&morphId=22", "zt_p_t.jpg");
     }