1、服务接口配置
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.12</version>
</dependency>
weixin.token = test
package com.vim.common.properties;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.PropertySource;
import org.springframework.stereotype.Component;
@Component
@ConfigurationProperties(prefix = "weixin")
@PropertySource("classpath:weixin.properties")
public class WeixinConfig {
private String token;
public String getToken() {
return token;
}
public void setToken(String token) {
this.token = token;
}
}
package com.vim.common.utils;
import com.vim.common.properties.WeixinConfig;
import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import javax.annotation.PostConstruct;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.List;
@Component
public class WeixinUtils {
private static WeixinUtils weixinUtils;
@Autowired
private WeixinConfig config;
@PostConstruct
public void init() {
weixinUtils = this;
}
/**
* 签名校验
* @param signature
* @param timestamp
* @param nonce
*/
public static boolean checkSignature(String signature, String timestamp, String nonce) {
List<String> params = new ArrayList<String>();
params.add(weixinUtils.config.getToken());
params.add(timestamp);
params.add(nonce);
// 1. 排序
Collections.sort(params, Comparator.comparing(String::toString));
// 2. 接成一个字符串进行sha1加密
String sha1Str = DigestUtils.sha1Hex(params.get(0) + params.get(1) + params.get(2));
return sha1Str.equals(signature);
}
}
package com.vim.modules.web.controller;
import com.vim.common.utils.WeixinUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
/**
* 微信服务器接入
*/
@Controller
@RequestMapping(value = "/server")
public class ServerConfigController {
@RequestMapping(method = RequestMethod.GET)
public void get(HttpServletRequest request, HttpServletResponse response) {
try {
PrintWriter pw = response.getWriter();
//消息来源可靠性验证
String signature = request.getParameter("signature"); // 微信加密签名
String echostr = request.getParameter("echostr"); // 随机字符串
//将token、timestamp、nonce三个参数进行字典序排序
String timestamp = request.getParameter("timestamp"); // 时间戳
String nonce = request.getParameter("nonce"); // 随机数
if(WeixinUtils.checkSignature(signature, timestamp, nonce)){
pw.print(echostr);
}
}catch (Exception e){
e.printStackTrace();
}
}
@RequestMapping(method = RequestMethod.POST)
public void post(HttpServletRequest request, HttpServletResponse response){
}
}
package com.vim;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
@SpringBootApplication
@EnableConfigurationProperties
public class WeixinApplication {
public static void main(String[] args) {
SpringApplication.run(WeixinApplication.class, args);
}
}