开发语言java
微信开发文档要求:开发者通过检验signature对请求进行校验(下面有校验方式)。若确认此次GET请求来自微信服务器,请原样返回echostr参数内容,则接入生效,成为开发者成功,否则接入失败。
然而直接return echostr出去一直提示配置失败
最后,将return echostr;改成下面:
responseUtil(response, echostr);private void responseUtil(HttpServletResponse response, String value){
try {
PrintWriter pw = response.getWriter();
pw.write(value);
pw.flush();
} catch (IOException e) {
e.printStackTrace();
}
}结果提示配置成功!
完整代码如下:
@SuppressWarnings({ "rawtypes" })
@ApiResponses(value = {@ApiResponse(code = 200, message = "请求成功")})
@ApiOperation(value = "微信公众号信号接口", notes = "微信公众号信号接口", response = String.class)
@ResponseBody
@RequestMapping(value = "/checkSignature", method = {RequestMethod.GET})
public String checkSignature(@ApiParam(value = "signature") @RequestParam() String signature,
@ApiParam(value = "timestamp") @RequestParam() String timestamp,
@ApiParam(value = "nonce") @RequestParam() String nonce,
@ApiParam(value = "echostr") @RequestParam() String echostr,
HttpServletResponse response) {
logger.info("微信公众号信号接口");
try {
String[] strings = new String[]{CfgKey.WX_OFFICIAL_TOKEN, timestamp, nonce};
StringBuilder builder = new StringBuilder();
Arrays.sort(strings);
for(String string : strings) {
builder.append(string);
}
//sha1
String res = sha1(builder.toString())
logger.info("加密后:"+res);
if(signature.equalsIgnoreCase(res)){
logger.info("成功 --> signature: " + signature);
responseUtil(response, echostr);
}
logger.info("失败");
return "";
} catch (Exception e) {
e.printStackTrace();
return "";
}
}