Section 03-WeChat Official Account Verification
table of Contents
1. Create a Springboot web project
1. Create a Springboot web project
- New Project
- Parameter setting
- Choose what springboot embeds
- After setting up, if there is a Servlet created, it needs to be configured
To use Servlet, ServletComponentScan must be configured. The path of Servlet is configured in basePackages.
2. Write verification program
- The first is to fill in the URL
What I received above is /wx
So what I configure on the WeChat official account is the URL of ngrok
http://missgxl.free.idcfengye.com + /wx/
- Write verification information
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// System.out.println("get");
//微信平台接入验证
/**
*
* signature 微信加密签名,signature结合了开发者填写的token参数和请求中的timestamp参数、nonce参数。
* timestamp 时间戳
* nonce 随机数
* echostr 随机字符串
*/
String signature = (String) req.getParameter("signature");
String timestamp = (String) req.getParameter("timestamp");
String nonce = (String) req.getParameter("nonce");
String echostr = (String) req.getParameter("echostr");
// 能获取到了配置信息
// 按照规则进行校验
if (WxutilService.check(timestamp,nonce,signature)){
System.out.println("接入成功");
PrintWriter out = resp.getWriter();
//原样返回echostr完成接入校验
out.write(echostr);
out.flush();
out.close();
}else {
System.out.println("接入失败");
}
}
- Information verification process
private static final String TOKEN = "xx"; //在测试公众号上填写的Token
public static boolean check(String timestamp, String nonce, String signature) {
// 1)将token、timestamp、nonce三个参数进行字典序排序
String [] strs = new String[]{TOKEN,timestamp,nonce};
Arrays.sort(strs);
// 2)将三个参数字符串拼接成一个字符串进行sha1加密
String str = strs[0]+strs[1]+strs[2];
String mysig = sha1(str);
System.out.println(mysig);
System.out.println(signature);
// 3)开发者获得加密后的字符串可与signature对比,标识该请求来源于微信
return mysig.equalsIgnoreCase(signature);
}
// 进行sha1加密
private static String sha1(String str) {
try {
//获取加密对象
MessageDigest md = MessageDigest.getInstance("sha1");
//进行加密操作
byte[] digest =md.digest(str.getBytes());
char[] chars = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
StringBuilder sb = new StringBuilder();
// 处理加密结果
// 处理详解 获取的byte是8位, 8位带代表两个字节所以有高4位和低四位分开处理
// 四位二进制代表 0-15
for (byte b : digest){
// 首先进行第四位的处理
sb.append(chars[(b>>4)&15]);
// 然后进行高四位的处理
sb.append(chars[(b)&15]);
}
return sb.toString();
}catch (Exception e){
}
return "0";
}
- It can be configured after verification through WeChat