分类:
版权声明:本文为博主原创文章,未经博主允许不得转载。
微信公众号是开发者或商家在微信公众平台上申请的应用账号.
在接入自己开发的微信公众号服务器时,需要提供Url
、Token
、消息加密密钥
:
- Url 是微信公众号接收微信系统推送的地址(只支持80端口)
- Token 用来验证安全性(接入时微信系统会向URL发送GET请求验证)
- 消息加密密钥 用作消息体加密密钥
详情可参见微信公众平台开发文档
接入微信公众平台时,微信系统会发送GET请求对服务器进行验证.该请求携带signature
、
timestamp
、nonce
、echostr
四个参数(具体意义参见官方文档).加密流程如下:
<code class="hljs livecodeserver has-numbering" style="display: block; padding: 0px; color: inherit; box-sizing: border-box; font-family: "Source Code Pro", monospace;font-size:undefined; white-space: pre; border-radius: 0px; word-wrap: normal; background: transparent;"><span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1.</span>将<span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">token</span>、timestamp、nonce三个参数进行字典序排序 <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">2.</span>将三个参数字符串拼接成一个字符串进行sha1加密 <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">3.</span>开发者获得加密后的字符串可与signature对比,标识该请求来源于微信</code><ul class="pre-numbering" style="box-sizing: border-box; position: absolute; width: 50px; top: 0px; left: 0px; margin: 0px; padding: 6px 0px 40px; border-right: 1px solid rgb(221, 221, 221); list-style: none; text-align: right; background-color: rgb(238, 238, 238);"><li style="box-sizing: border-box; padding: 0px 5px;">1</li><li style="box-sizing: border-box; padding: 0px 5px;">2</li><li style="box-sizing: border-box; padding: 0px 5px;">3</li></ul><ul class="pre-numbering" style="box-sizing: border-box; position: absolute; width: 50px; top: 0px; left: 0px; margin: 0px; padding: 6px 0px 40px; border-right: 1px solid rgb(221, 221, 221); list-style: none; text-align: right; background-color: rgb(238, 238, 238);"><li style="box-sizing: border-box; padding: 0px 5px;">1</li><li style="box-sizing: border-box; padding: 0px 5px;">2</li><li style="box-sizing: border-box; padding: 0px 5px;">3</li></ul>
<code class="hljs python has-numbering" style="display: block; padding: 0px; color: inherit; box-sizing: border-box; font-family: "Source Code Pro", monospace;font-size:undefined; white-space: pre; border-radius: 0px; word-wrap: normal; background: transparent;"><span class="hljs-function" style="box-sizing: border-box;"><span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">def</span> <span class="hljs-title" style="box-sizing: border-box;">sign</span><span class="hljs-params" style="color: rgb(102, 0, 102); box-sizing: border-box;">(data)</span>:</span> arr = [weChat[<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">'token'</span>], data[<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">'timestamp'</span>], data[<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">'nonce'</span>]] arr = sorted(arr) tempStr = <span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">''</span>.join(arr) data = tempStr.encode(<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">'UTF-8'</span>) <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">return</span> sha1(data).hexdigest()</code><ul class="pre-numbering" style="box-sizing: border-box; position: absolute; width: 50px; top: 0px; left: 0px; margin: 0px; padding: 6px 0px 40px; border-right: 1px solid rgb(221, 221, 221); list-style: none; text-align: right; background-color: rgb(238, 238, 238);"><li style="box-sizing: border-box; padding: 0px 5px;">1</li><li style="box-sizing: border-box; padding: 0px 5px;">2</li><li style="box-sizing: border-box; padding: 0px 5px;">3</li><li style="box-sizing: border-box; padding: 0px 5px;">4</li><li style="box-sizing: border-box; padding: 0px 5px;">5</li><li style="box-sizing: border-box; padding: 0px 5px;">6</li></ul><ul class="pre-numbering" style="box-sizing: border-box; position: absolute; width: 50px; top: 0px; left: 0px; margin: 0px; padding: 6px 0px 40px; border-right: 1px solid rgb(221, 221, 221); list-style: none; text-align: right; background-color: rgb(238, 238, 238);"><li style="box-sizing: border-box; padding: 0px 5px;">1</li><li style="box-sizing: border-box; padding: 0px 5px;">2</li><li style="box-sizing: border-box; padding: 0px 5px;">3</li><li style="box-sizing: border-box; padding: 0px 5px;">4</li><li style="box-sizing: border-box; padding: 0px 5px;">5</li><li style="box-sizing: border-box; padding: 0px 5px;">6</li></ul>
以上代码使用Token
对数据进行加密,返回加密后的结果.在获取到signature
字段后比较是否相同,若相同则原样返回echostr
字段,否则返回异常或其它结果.
校验成功后,微信公众号收到消息或其它事件推送将会把数据使用POST请求发送到配置的URL
上,可根据微信官方文档进行后续开发.
author:Memory_Leak