微信公众号开发配置
前提:当从公众号开发页面访问自定义服务器时,服务器有反应。 此时页面会弹出配置失败,要想配置成功,必须通过验证 返回 随机码。
配置是访问doGet();
|
//wechat请求会带如下参数 public void doGet(HttpServletRequest request, HttpServletResponse response) String signture = request.getParameter("signature"); String timestamp = request.getParameter("timestamp"); String nonce = request.getParameter("nonce"); String echostr = request.getParameter("echostr"); /* System.out.println("时间戳timestamp"+request.getParameter("timestamp")); System.out.println("微信加密签名signature"+request.getParameter("signature")); System.out.println("随机数nonce"+request.getParameter("nonce")); System.out.println("随机字符串echostr"+request.getParameter("echostr")); */ //调用该方法,验证签名是否一致 boolean flag = MyService.wechatCheck(signture, timestamp, nonce); if(flag){ //返回随机字符串,wechat服务端接收到随机字符串机会认证通过 System.out.println("success"); response.getWriter().print(echostr); }else{ System.out.println("fail"); }
//此token必须与wechat端的token一致 static final String TOKEN = "lz"; public static Boolean wechatCheck(String signture , String timestamp , String nonce){
//将token\nance\timestamp进行排序、合并为一个字符串,在调用sha1加密 String[] strs = {TOKEN , nonce , timestamp}; Arrays.sort(strs); String str = strs[0] + strs[1] +strs[2]; String mySign = sha1(str);
//判断加密对象是否与signture一致 return mySign.equals(signture); } private static String sha1(String str) { StringBuilder sb = new StringBuilder(); try { //获取加密对象 MessageDigest md = MessageDigest.getInstance("sha1"); //加密 byte[] digest = md.digest(str.getBytes()); char[] chars = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
for(byte b:digest){ sb.append(chars[(b>>4)&15]); sb.append(chars[b&15]); } } catch (NoSuchAlgorithmException e) { e.printStackTrace(); }
return sb.toString(); |
