最近在做公众号页面,写登录时发现跟小程序登录不太一样,申请公众号又比较麻烦,测试阶段就使用微信测试公众号进行开发跟测试,需要申请为微信开发者。
微信验证开发者需要开发者拥有自己的服务器,微信官网会发送指定的验证参数至开发者的服务器,开发者需要编写接口进行接收并验证返回,下面是具体业务逻辑实现…
public void get(HttpServletRequest request, HttpServletResponse response) throws Exception {
//从request中获取微信发送的参数信息
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
String echostr = request.getParameter("echostr");
PrintWriter out = response.getWriter();
//CheckUtil为工具类
if (CheckUtil.checkSignature(signature, timestamp, nonce)) {
//如果校验成功,将得到的随机字符串原路返回
out.print(echostr);
}
}
工具类具体业务逻辑实现
public class CheckUtil {
public static final String token = "xiaolong"; **//开发者自行定义Token 再微信开发者页面Tonken栏填写**
public static boolean checkSignature(String signature,String timestamp,String nonce){
//1.定义数组存放tooken,timestamp,nonce
String[] arr = {token,timestamp,nonce};
//2.对数组进行倒叙排序
Arrays.sort(arr);
//3.生成字符串
StringBuffer sb = new StringBuffer();
for(String s : arr){
sb.append(s);
}
//4.sha1加密
String temp = getSha1(sb.toString());
//5.将加密后的字符串,与微信传来的加密签名比较,返回结果
return temp.equals(signature);
}
public static String getSha1(String str){
if(str==null||str.length()==0){
return null;
}
char hexDigits[] = {'0','1','2','3','4','5','6','7','8','9',
'a','b','c','d','e','f'};
try {
MessageDigest mdTemp = MessageDigest.getInstance("SHA1");
mdTemp.update(str.getBytes("UTF-8"));
byte[] md = mdTemp.digest();
int j = md.length;
char buf[] = new char[j*2];
int k = 0;
for (int i = 0; i < j; i++) {
byte byte0 = md[i];
buf[k++] = hexDigits[byte0 >>> 4 & 0xf];
buf[k++] = hexDigits[byte0 & 0xf];
}
return new String(buf);
} catch (Exception e) {
return null;
}
}
}