如何将我们自己的服务端与微信平台对接
一:接入流程分析参考官方文档
https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/Access_Overview.html
参考文档接入概述分别由以下几部分完成
1、填写服务器配置
2、验证服务器地址的有效性
3、依据接口文档实现业务逻辑
按照流程第一部是先填写服务器配置,但是我们通常都是先做第二步(编写代码验证服务器地址的有效性)
理解:微信服务器发送GET请求到服务器地址到填写的URL上,带有请求参数,需要后台进行后台验证,并返回echostr参数,也可以不用验证直接返回echostr字符串(不符合安全要求)。我们下载微信的示例验证代码进行修改
Controller的写法
@RestController
public class WeixinController {
@GetMapping(value = "hello")
public String hello(){
return "hello";
}
private static final String TOKEN = "Abin";
@GetMapping(value = "/")
public String checkName(@RequestParam(name = "signature")String signature,
@RequestParam(name = "timestamp")String timestamp,
@RequestParam(name = "nonce")String nonce,
@RequestParam(name = "echostr")String echostr){
System.out.println("---------------开始校验-------------");
System.out.println("参数signature="+signature);
System.out.println("参数timestamp="+timestamp);
System.out.println("参数nonce="+nonce);
System.out.println("参数echostr="+echostr);
String str = SignUtil.getSHA1(TOKEN,timestamp,nonce);
if (str!=null && str!="" && str.equals(signature)) {
return echostr;
}else {
return "";
}
}
}
#getSHA1方法是验证方法
public static String getSHA1(String token,String timestamp,String nonce){
try {
String[] array = new String[]{token,timestamp,nonce};
StringBuffer sb = new StringBuffer();
//字符串排序
Arrays.sort(array);
for(int i=0;i<3;i++){
sb.append(array[i]);
}
String str = sb.toString();
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.update(str.getBytes());
byte[] digest = md.digest();
StringBuffer hexstr = new StringBuffer();
String shaHex = "";
for (int i = 0; i < digest.length; i++) {
shaHex = Integer.toHexString(digest[i] & 0xFF);
if (shaHex.length() < 2) {
hexstr.append(0);
}
hexstr.append(shaHex);
}
return hexstr.toString();
}catch (Exception e){
e.printStackTrace();
return "";
}
}