版权声明:转载请注明:beOkWithAnything总结 https://blog.csdn.net/swq463/article/details/86410091
@ResponseBody
@RequestMapping(value = "/f")
public void getUser(Model model, HttpServletRequest request,
HttpServletResponse response) throws IOException {
PrintWriter print;
/*
* 规则描述:
*1. 将token、timestamp、nonce三个参数进行字典序排序
*2. 将三个参数字符串拼接成一个字符串进行sha1加密
*3. 开发者获得加密后的字符串可与signature对比,标识该请求来源于微信
*/
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
String echostr = request.getParameter("echostr");
String token = "beokwithanything";
List<String> a = new ArrayList<String>();
a.add(token);
a.add(timestamp);
a.add(nonce);
Collections.sort(a);
String hashcode = DigestUtils.shaHex(a.get(0)+a.get(1)+a.get(2));
System.out.println(signature);
System.out.println(hashcode);
// 通过检验signature对请求进行校验:
// 若校验成功则原样返回 echostr,表示接入成功,否则接入失败
if (hashcode.equals(signature)){
print = response.getWriter();
print.write(echostr);
print.flush();
}
}