微信给出的demo,下载地址:https://wximg.gtimg.com/shake_tv/mpwiki/cryptoDemo.zip
其中接口接收参数
@RequestBody String xml, @RequestParam(value = "signature", required = false) String signature, @RequestParam(value = "timestamp", required = false) String timeStamp, @RequestParam(value = "nonce", required = false) String nonce, @RequestParam(value = "msg_signature", required = false) String msgSignature
xml解析
AuthorizationCallBackBean bean = (AuthorizationCallBackBean) XmlParseUtil.xmlToBean(xml, AuthorizationCallBackBean.class);
encrypt解析,方法decryptMsg 原postData改成解析后的encrypt
WXBizMsgCrypt pc = new WXBizMsgCrypt(token, encodingAesKey, appId); String afterEncrpt = pc.decryptMsg(msgSignature, timeStamp, nonce, bean.getEncrypt());
必须要引用
<dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> <version>1.9</version> </dependency>
否则报错
Last encoded character (before the paddings if any) is a valid base 64 alphabet but not a possible value. Expected the discarded bits to be zero.
如果有报错
java.security.InvalidKeyException: Illegal key size
请参考 https://www.cnblogs.com/gdayq/p/5919252.html
解决方案如下:
处理办法: 在官方网站下载JCE无限制权限策略文件
JDK7的下载地址: http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
JDK8的下载地址: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
下载后解压,可以看到local_policy.jar和US_export_policy.jar以及readme.txt
如果安装了JRE,将两个jar文件放到%JRE_HOME%\lib\security目录下覆盖原来的文件
如果安装了JDK,还要将两个jar文件也放到%JDK_HOME%\jre\lib\security目录下覆盖原来文件
解析的结果
<xml><AppId><![CDATA[AppId]]></AppId>
<CreateTime>CreateTime</CreateTime>
<InfoType><![CDATA[component_verify_ticket]]></InfoType>
<ComponentVerifyTicket><![CDATA[ticket@@@ComponentVerifyTicket]]></ComponentVerifyTicket>
</xml>
将需要的信息保存即可。