1. WeChat public account configuration
2.java side verification
/** * WeChat official account verification * @return */ @RequestMapping ( value = "/wechatAuth" ) @ResponseBody public String wechatAuth (String signature , String timestamp , String nonce , String echostr) { //Get the custom token configured by the WeChat server String token = PropertiesUtil2.getPropertyFile("/wechat-context.properties").getProperty("wechatToken"); String sig = null; try { sig = SHA1.getSHA1(token,timestamp,nonce,""); } catch (AesException e) { e.printStackTrace(); } logger.info(sig+","+signature+","+timestamp+","+nonce+","+echostr); if(signature.equals(sig)){ return echostr; }else{ return "error"; } }
package aes ; import java.security.MessageDigest ; import java.util.Arrays ; /** * SHA1 class * * Calculate the message signature interface of the public platform. */ public class SHA1 { public final static int ComputeSignatureError = -40003; /** * Generate secure signature with SHA1 algorithm * @param token ticket * @param timestamp timestamp * @param nonce random string * @param encrypt ciphertext * @return secure signature * @throws AesException * / public static String getSHA1 ( String token , String timestamp , String nonce , String encrypt) throws AesException{ try { String[] array = new String[] { token, timestamp, nonce, encrypt }; StringBuffer sb = new StringBuffer(); // 字符串排序 Arrays.sort(array); for (int i = 0; i < 4; i++) { sb.append(array[i]); } String str = sb.toString(); // SHA1签名生成 MessageDigest md = MessageDigest.getInstance("SHA-1"); md.update(str.getBytes()); byte[] digest = md.digest(); StringBuffer hexstr = new StringBuffer(); String shaHex = ""; for (int i = 0; i < digest.length; i++) { shaHex = Integer.toHexString(digest[i] & 0xFF); if (shaHex.length() < 2) { hexstr.append(0); } hexstr.append(shaHex); } return hexstr.toString(); } catch (Exception e) { e.printStackTrace(); throw new AesException(ComputeSignatureError); } } }
Note: If it is troublesome, return the encrypt field directly. . .