微信的服务直达功能需要用户在小程序消息推送系统里面配置配置url来接收微信端传过来的数据,配置里面需要我们验证是否是微信请求过来的数据,如果不加以验证会出现Token校验失败
以下是我们服务端的代码,注意:代码中的token需要和配置的token一致,EncodingAESKey随机生成就可以了
import org.apache.catalina.servlet4preview.http.HttpServletRequest;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
@RequestMapping("/directService")
public class DirectServiceController {
private static final String token = "123456";
@GetMapping("/query")
@ResponseBody
public String query(HttpServletRequest request) {
//GET请求用来验证是否是微信发过来的请求
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
String echostr = request.getParameter("echostr");
if (SHA1.checkSignature(token, signature, timestamp, nonce)){
//签名如果验证通过,需要将echostr直接返回
return echostr;
}
return null;
}
@PostMapping("/query")
@ResponseBody
public String query(){
//POST请求来处理业务代码这里省略...
return null;
}
}
校验签名工具类:
import java.security.MessageDigest;
import java.util.Arrays;
public class SHA1 {
public static boolean checkSignature(String token, String signature,String timestamp,
String nonce){
String[] arr=new String[]{token,timestamp,nonce};
// 将token、timestamp、nonce三个参数进行字典序排序
Arrays.sort(arr);
StringBuffer buf=new StringBuffer();
for(int i=0;i<arr.length;i++){
buf.append(arr[i]);
}
String temp=getSha1(buf.toString());
return temp.equals(signature);
}
public static String getSha1(String str){
if(null==str || str.length()==0){
return null;
}
char hexDigits[]={'0','1','2','3','4','5','6','7','8','9',
'a','b','c','d','e','f'};
try{
MessageDigest mdTemp=MessageDigest.getInstance("SHA1");
mdTemp.update(str.getBytes("UTF-8"));
byte[] md=mdTemp.digest();
int j=md.length;
char[] buf=new char[j*2];
int k=0;
for(int i=0;i<j;i++){
byte byTemp=md[i];
buf[k++]=hexDigits[byTemp >>> 4 & 0xf];
buf[k++]=hexDigits[byTemp & 0xf];
}
return new String(buf);
}catch(Exception e){
return null;
}
}
}