BAE接入微信-JAVA版

BAE接入微信-JAVA版-附源码

介入微信主要是3个步骤

加密/校验流程:
1. 将token、timestamp、nonce三个参数进行字典序排序
2. 将三个参数字符串拼接成一个字符串进行sha1加密
3. 开发者获得加密后的字符串可与signature对比,标识该请求来源于微信
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp)
            throws ServletException, IOException
    {
        String signature = req.getParameter("signature");
        String timestamp = req.getParameter("timestamp");
        String nonce = req.getParameter("nonce");
        String echostring = req.getParameter("echostr");
        String token = "YourToken"; // Note: 改成你自己的Token
        if (signature == null || timestamp == null || nonce == null
                || echostring == null)
        {
            write(resp, "Error parameter count.");
            return;
        }
        // 1. 将token、timestamp、nonce三个参数进行字典序排序
        String[] strArr = new String[] { token, timestamp, nonce };
        java.util.Arrays.sort(strArr);
        // 2. 将三个参数字符串拼接成一个字符串进行sha1加密
        StringBuffer sb = new StringBuffer();
        for (String str : strArr)
        {
            sb.append(str);
        }
        MessageDigest mdSha1 = null;
        try
        {
            mdSha1 = MessageDigest.getInstance("SHA-1");
        }
        catch (NoSuchAlgorithmException e)
        {
            e.printStackTrace();
        }
        mdSha1.update(sb.toString().getBytes());
        byte[] codedBytes = mdSha1.digest();
        String codedString = new BigInteger(1, codedBytes).toString(16);
        // 3. 开发者获得加密后的字符串可与signature对比,标识该请求来源于微信
        if (codedString.equals(signature))
        {
            write(resp, echostring);
            return;
        }
        else
        {
            write(resp, "Check error.");
            return;
        }
    }

猜你喜欢

转载自zhoujianboy.iteye.com/blog/1893947

相关文章