从零开发微信公众号系列 【二】开发者基本配置和接入指南
如果微信官方文档已能为您提供帮助,请忽略本文。
登录微信公众平台后台管理界面,左侧菜单开发->基本配置。
填写URL(服务器地址)、Token(令牌)、EncodingAESKey(消息加解***)、明文加密。
填写完以上信息,验证时微信会发送一个get请求到填写的URL,开发者需要接收该请求并校验是否来自微信,如果是来自微信,返回请求中echostr参数内容(不校验直接返回也可以通过,校验是为了确保请求来自微信,而不是其它途径)。
WechatController.java
package com.blacklist.cotroller;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Scope;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import com.blacklist.server.WechatService;
@RestController
@SpringBootApplication
@RequestMapping("/wechat")
@Scope("prototype")
public class WechatController {
@Autowired
private WechatService wechatService;
@RequestMapping(method = { RequestMethod.POST, RequestMethod.GET }, produces = "text/html;charset=UTF-8")
@ResponseBody
public void index(HttpServletRequest request, HttpServletResponse response)
throws IOException {
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
boolean isGet = request.getMethod().toLowerCase().equals("get");
if (isGet) {
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
String echostr = request.getParameter("echostr");
if (wechatService.validate(signature, timestamp, nonce)) {
response.getWriter().write(echostr);
}
}
}
}
WechatService.java
package com.blacklist.server; import java.util.ArrayList; import java.util.Collections; import java.util.List; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; import com.blacklist.config.WechatConfig; import com.blacklist.utils.SHA1; @Service public class WechatService { private static Logger log = LoggerFactory.getLogger(WechatService.class); public boolean validate(String signature, String timestamp, String nonce) { List<String> list = new ArrayList<String>(); list.add(timestamp); list.add(nonce); list.add(WechatConfig.token); Collections.sort(list); String temp = String.join("", list); if (signature.equals(SHA1.str2SHA1(temp))) { return true; } return false; } }
SHA1.java
package com.blacklist.utils; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; public class SHA1 { /** * SHA1加密 * */ public static String str2SHA1(String str) { try { MessageDigest digest = MessageDigest.getInstance("SHA-1"); digest.update(str.getBytes()); byte[] msgDigest = digest.digest(); StringBuffer sb = new StringBuffer(); for (int i = 0; i < msgDigest.length; i++) { String shaHex = Integer.toHexString(msgDigest[i] & 0xFF); if (shaHex.length() < 2) { sb.append(0); } sb.append(shaHex); } return sb.toString(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } return ""; } }
验证,至此,接入完成。
转载请注明来源【IT黑名单】