微信公众号无法使用post方法校验

  • 服务器日志
    图1
  • 服务器返回结果
java.lang.NullPointerException
    java.util.ComparableTimSort.countRunAndMakeAscending(ComparableTimSort.java:320)
    java.util.ComparableTimSort.sort(ComparableTimSort.java:188)
    java.util.Arrays.sort(Arrays.java:1246)
    space.zdq.util.SignUtil.checkSignature(SignUtil.java:30)
    space.zdq.servlet.CoreServlet.doPost(CoreServlet.java:61)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
    org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
  • 源代码
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String signature = request.getParameter("signature");
        String timestamp = request.getParameter("timestamp");
        String nonce = request.getParameter("nonce");
        String echostr = request.getParameter("echostr");
        PrintWriter out = response.getWriter();
            if (SignUtil.checkSignature(signature, timestamp, nonce)) {
            out.print(echostr);
        }
        out.close();
        out = null;
    }
    public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String signature = request.getParameter("signature");
        String timestamp = request.getParameter("timestamp");
        String nonce = request.getParameter("nonce");
        PrintWriter out = response.getWriter();
        if (SignUtil.checkSignature(signature, timestamp, nonce)) {
            String respXml = CoreService.processRequest(request);
            out.print(respXml);
            System.out.println(respXml);
        }
        out.close();
        out = null;
    }
    public static boolean checkSignature(String signature, String timestamp, String nonce) {
            String[] paramArr = new String[] { token, timestamp, nonce };
        System.out.println(paramArr);
        Arrays.sort(paramArr);
        String content = paramArr[0].concat(paramArr[1]).concat(paramArr[2]);
        String ciphertext = null;
        try {
            MessageDigest md = MessageDigest.getInstance("SHA-1");
            byte[] digest = md.digest(content.toString().getBytes());
            ciphertext = byteToStr(digest);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        return ciphertext != null ? ciphertext.equals(signature.toUpperCase()) : false;
    }

解决办法:将doPost方法中的数据校验去掉即SignUtil.checkSignature(signature, timestamp, nonce);
猜想:可能是post数据包中没有这几个数据?正在学习Linux系统下抓包。等分析完包的内容就可以知道结果了。拭目以待吧。
今天查看tomcat logs时,发现手机端发送的post头部都会有 signature、echostr、timestap,而使用微信在线接口调试工具这几个参数都没有,只有一个空空的头部。这就是问题的所在。
将上述语句去掉后然后出现如下问题:

java
java.lang.NoClassDefFoundError: com/thoughtworks/xstream/io/HierarchicalStreamDriver
space.zdq.service.CoreService.processRequest(CoreService.java:29)
space.zdq.servlet.CoreServlet.doPost(CoreServlet.java:64)
javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

解决办法

评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值