1、申请微信公众号,并成为开发者,完善头像和简介。
2、在页面左侧“开发”下点击“基本配置”:
3、出现如下页面
需要填写四处:
url:即后台代码中接收并处理微信传入四个参数(signature、timestamp、nonce、echostr)对应的url。
Token:后台用于和timestamp、nonce按字典排序的字符串名称。
密钥:随机生成即可。
消息加解密方式:安全模式。
4、编写服务端java代码,这里使用springmvc。首先,web.xml的配置
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" id="WebApp_ID" version="3.1">
<display-name>notebook</display-name>
<!-- 配置springmvc的分发器 -->
<servlet>
<servlet-name>notebook</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>notebook</servlet-name>
<!-- 只拦截.do结尾的请求,所以静态资源解析器可以不配置 -->
<url-pattern>*.do</url-pattern>
</servlet-mapping>
</web-app>
接着,springmvc配置文件notebook.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<context:component-scan base-package="service"></context:component-scan>
<context:component-scan base-package="login.controller"></context:component-scan>
<mvc:annotation-driven />
<!-- 配置视图解析器 -->
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/views/"/>
<property name="suffix" value=".jsp"/>
</bean>
<!-- 配置文上传管理器 -->
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
<property name="defaultEncoding" value="UTF-8"></property>
<property name="maxUploadSize" value="10240000"></property>
</bean>
<!-- 配置静态文件解析器 -->
<mvc:resources location="/" mapping="/**"/>
</beans>
然后,编写控制器
package login.controller;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import service.Service;
import service.ServiceImf;
@Controller
@RequestMapping(value="/login")
public class Login {
private Service service;
@Autowired
public void setService(ServiceImf service){
this.service = service;
}
/**
* 微信平台接入
*/
@RequestMapping(value="loginByWechat.do",method=RequestMethod.GET)
public void loginByWechat(HttpServletRequest request,HttpServletResponse
response){
//获取微信后台传入的四个参数
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
String echostr = request.getParameter("echostr");
boolean flag = service.checkSignature(signature, timestamp, nonce);
System.out.println(flag);
PrintWriter p = null;
try {
p = response.getWriter();
if(flag){
p.print(echostr);//注意此处必须返回echostr以完成验证
}
} catch (IOException e) {
e.printStackTrace();
}
}
}
Service代码:
package service;
import java.util.Arrays;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import entity.User;
@Component
public class ServiceImf implements Service{
private UtilService shalUtil;
@Autowired
public void setShalUtil(UtilService shalUtil){
this.shalUtil = shalUtil;
}
//微信公众平台登录的签名校验
private static final String token="wechatofjaybill";
@Override
public boolean checkSignature(String signature,String timestamp,String nonce) {
//1、排序
String [] arr = new String[]{token,timestamp,nonce};
Arrays.sort(arr);
//2、生成新的字符串
StringBuffer content = new StringBuffer();
for(int i=0;i<arr.length;i++){
content.append(arr[i]);
}
//3、shal加密
String temp = shalUtil.getSha1(content.toString());
return temp.equals(signature);
}
}
package service;
import java.security.MessageDigest;
import org.springframework.stereotype.Component;
@Component
public class UtilService {
//shal加密算法
public String getSha1(String str){
if (null == str || 0 == str.length())
return null;
char[] hexDigits = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
'a', 'b', 'c', 'd', 'e', 'f'};
try {
MessageDigest mdTemp = MessageDigest.getInstance("SHA1");
mdTemp.update(str.getBytes("UTF-8"));
byte[] md = mdTemp.digest();
int j = md.length;
char[] buf = new char[j * 2];
int k = 0;
for (int i = 0; i < j; i++) {
byte byte0 = md[i];
buf[k++] = hexDigits[byte0 >>> 4 & 0xf];
buf[k++] = hexDigits[byte0 & 0xf];
}
return new String(buf);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
}
5、最后,在第3点那个页面提交,即可完成验证。