如果微信官方文档已能为您提供帮助,请忽略本文。
登录微信公众平台后台管理界面,左侧菜单开发->基本配置。
填写URL(服务器地址)、Token(令牌)、EncodingAESKey(消息加解***)、明文加密。
填写完以上信息,验证时微信会发送一个get请求到填写的URL,开发者需要接收该请求并校验是否来自微信,如果是来自微信,返回请求中echostr参数内容(不校验直接返回也可以通过,校验是为了确保请求来自微信,而不是其它途径)。
WechatController.java
package com.blacklist.cotroller;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Scope;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import com.blacklist.server.WechatService;
@RestController
@SpringBootApplication
@RequestMapping("/wechat")
@Scope("prototype")
public class WechatController {
@Autowired
private WechatService wechatService;
@RequestMapping(method = { RequestMethod.POST, RequestMethod.GET }, produces = "text/html;charset=UTF-8")
@ResponseBody
public void index(HttpServletRequest request, HttpServletResponse response)
throws IOException {
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
boolean isGet = request.getMethod().toLowerCase().equals("get");
if (isGet) {
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
String echostr = request.getParameter("echostr");
if (wechatService.validate(signature, timestamp, nonce)) {
response.getWriter().write(echostr);
}
}
}
}
WechatService.java
package com.blacklist.server;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import com.blacklist.config.WechatConfig;
import com.blacklist.utils.SHA1;
@Service
public class WechatService {
private static Logger log = LoggerFactory.getLogger(WechatService.class);
public boolean validate(String signature, String timestamp, String nonce) {
List<String> list = new ArrayList<String>();
list.add(timestamp);
list.add(nonce);
list.add(WechatConfig.token);
Collections.sort(list);
String temp = String.join("", list);
if (signature.equals(SHA1.str2SHA1(temp))) {
return true;
}
return false;
}
}
SHA1.java
package com.blacklist.utils;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class SHA1 {
/**
* SHA1加密
* */
public static String str2SHA1(String str) {
try {
MessageDigest digest = MessageDigest.getInstance("SHA-1");
digest.update(str.getBytes());
byte[] msgDigest = digest.digest();
StringBuffer sb = new StringBuffer();
for (int i = 0; i < msgDigest.length; i++) {
String shaHex = Integer.toHexString(msgDigest[i] & 0xFF);
if (shaHex.length() < 2) {
sb.append(0);
}
sb.append(shaHex);
}
return sb.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return "";
}
}
验证,至此,接入完成。
转载请注明来源【IT黑名单】