1、封装微信加密认证工具类
public class CheckUtil {
public static final String tooken = "pxtoken";
public static boolean checkSignature(String signature, String timestamp, String nonce) {
String[] arr = new String[]{tooken, timestamp, nonce};
Arrays.sort(arr);
StringBuffer sb = new StringBuffer();
for (String s : arr) {
sb.append(s);
}
String temp = getSha1(sb.toString());
logger.info("\n----------执行微信签名加密认证---------------"+temp.equals(signature));
System.out.println("----------执行微信签名加密认证---------------"+temp.equals(signature));
return temp.equals(signature);
}
public static String getSha1(String str) {
if (str == null || str.length() == 0) {
return null;
}
char hexDigits[] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
'a', 'b', 'c', 'd', 'e', 'f'};
try {
MessageDigest mdTemp = MessageDigest.getInstance("SHA1");
mdTemp.update(str.getBytes("UTF-8"));
byte[] md = mdTemp.digest();
int j = md.length;
char buf[] = new char[j * 2];
int k = 0;
for (int i = 0; i < j; i++) {
byte byte0 = md[i];
buf[k++] = hexDigits[byte0 >>> 4 & 0xf];
buf[k++] = hexDigits[byte0 & 0xf];
}
return new String(buf);
} catch (Exception e) {
return null;
}
}
}
2、Controller层的代码
@Controller
public class Uhtml {
@ResponseBody
@GetMapping(value = "/wx/check",produces = "text/plain;charset=utf-8")
public void wxCheck(@RequestParam(name = "signature", required = false) String signature,
@RequestParam(name = "timestamp", required = false) String timestamp,
@RequestParam(name = "nonce", required = false) String nonce,
@RequestParam(name = "echostr", required = false) String echostr,
HttpServletResponse response){
System.out.println("-----------验证微信订阅号信息开始------------");
logger.info("\n-----------验证微信订阅号信息开始------------");
try {
System.out.println("signature = "+signature);
logger.info("\nsignature = "+signature);
System.out.println("timestamp = "+timestamp);
logger.info("\ntimestamp = "+timestamp);
System.out.println("nonce = "+nonce);
logger.info("\nnonce = "+nonce);
System.out.println("echostr = "+echostr);
logger.info("\nechostr = "+echostr);
if (CheckUtil.checkSignature(signature, timestamp, nonce)) {
System.out.println("-----------验证微信订阅号信息结束------------");
logger.info("\n-----------验证微信订阅号信息结束------------");
BufferedOutputStream out = new BufferedOutputStream(response.getOutputStream());
out.write(echostr.getBytes());
out.flush();
out.close();
}else{
System.out.println("-----------不是微信服务器发送过来的请求------------");
logger.info("\n-----------不是微信服务器发送过来的请求------------");
}
}catch (Exception e){
e.printStackTrace();
}
}
}
3、为了避免修改代码后频繁的部署测试,我选用的是natapp实现内网穿透,natapp下载地址:https://natapp.cn/,根据自己实际情况下载对应版本。
4、下载完natapp客户端之后,还需要下载一个config.ini文件,如下图:
5、安装完之后需要先登录natapp,https://natapp.cn/官网右上角有登录,登进去之后购买免费隧道,如下图:
6、购买完之后点击我的隧道就可以查看到隧道信息,如下图:
7、进行隧道配置,如下图:
8、复制隧道authtoken,打开下载好的config.ini,将token复制到指定位置,如下图:
9、最后再双击下载好的natapp.exe客户端启动,至此我们已经实现了内网穿透,可以通过本地映射出来的地址进行外网访问,如图所示:
10、最后一步就是登录微信公众号平台就可以进行微信公众号接入的配置了,URL填写自己编写的公众号接入接口地址,token比自己代码中设置的常量保持一致,加密规则可以使用随机生成,因为这里点击提交后,微信服务会去调用我们填写的接口地址进行认证(需外网,所以先实现内网穿透)如下图: