BAE接入微信-JAVA版-附源码
介入微信主要是3个步骤
加密/校验流程: 1. 将token、timestamp、nonce三个参数进行字典序排序 2. 将三个参数字符串拼接成一个字符串进行sha1加密 3. 开发者获得加密后的字符串可与signature对比,标识该请求来源于微信
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException
{
String signature = req.getParameter("signature");
String timestamp = req.getParameter("timestamp");
String nonce = req.getParameter("nonce");
String echostring = req.getParameter("echostr");
String token = "YourToken"; // Note: 改成你自己的Token
if (signature == null || timestamp == null || nonce == null
|| echostring == null)
{
write(resp, "Error parameter count.");
return;
}
// 1. 将token、timestamp、nonce三个参数进行字典序排序
String[] strArr = new String[] { token, timestamp, nonce };
java.util.Arrays.sort(strArr);
// 2. 将三个参数字符串拼接成一个字符串进行sha1加密
StringBuffer sb = new StringBuffer();
for (String str : strArr)
{
sb.append(str);
}
MessageDigest mdSha1 = null;
try
{
mdSha1 = MessageDigest.getInstance("SHA-1");
}
catch (NoSuchAlgorithmException e)
{
e.printStackTrace();
}
mdSha1.update(sb.toString().getBytes());
byte[] codedBytes = mdSha1.digest();
String codedString = new BigInteger(1, codedBytes).toString(16);
// 3. 开发者获得加密后的字符串可与signature对比,标识该请求来源于微信
if (codedString.equals(signature))
{
write(resp, echostring);
return;
}
else
{
write(resp, "Check error.");
return;
}
}