Rumah > Artikel > applet WeChat > 微信公众平台开发之token验证和消息处理的方法
微信公众平台开发之token验证和消息处理的方法
- 高洛峰asal
- 2017-03-23 13:10:102488semak imbas
这篇文章介绍微信公众平台开发之token验证和消息处理的方法
/**
*
* @Description: 微信消息处理以及用户分组
* @author zhangjun
* @date 2014-1-7 上午10:51:51
*/
public class WeiXinMessageAction extends BaseAction{
/**
*
*/
private static final long serialVersionUID = 1L;
private IFeWeiXinMessageService weiXinExternalService;
private String wxNo;
public String responseMessgaeInfo(){
Boolean isGet = request.getMethod().equalsIgnoreCase("GET");
if(isGet){
validateSignature();
}else{
saveWxMessage();
}
return null;
}
/**
*
* @Description: 接收post保存接受的消息 只保存MsgType类型为text信息
* @param
* @return void
* @throws
*/
private void saveWxMessage(){
InputStream inputStream;
try {
request.setCharacterEncoding("UTF-8");
Document doc = null;
SAXReader reader = new SAXReader();
inputStream = request.getInputStream();
doc = reader.read(inputStream);
Element root = doc.getRootElement();
String toUserName = root.element("ToUserName").getTextTrim();
String fromUserName = root.element("FromUserName").getTextTrim();
String content = root.element("Content").getTextTrim();
String msgType=root.element("MsgType").getTextTrim();
String msgId=root.element("MsgId").getTextTrim();
String createTime=root.element("CreateTime").getTextTrim();
//只保存文本消息
//时间
System.out.println("接收消息内容:"+content+"-----------------msgType:"+msgType);
if(WeiXinMsgType.TEXT.type.equals(msgType)){
weiXinExternalService.addWxMessage(toUserName, fromUserName, content, msgType, msgId, formatTime(createTime));
}
} catch (Exception e) {
e.printStackTrace();
}
}
/**
*
* @Description: 传入的CreateTime转换成long类型
* @param @param createTime
* @param @return
* @return Date
* @throws
*/
private Date formatTime(String createTime) {
long msgCreateTime = Long.parseLong(createTime) * 1000L;
return new Date(msgCreateTime);
}
/**
*
* @Description: 校验微信签名
* @param
* @return void
* @throws
*/
private void validateSignature(){
PrintWriter out = null;
try {
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
out = response.getWriter();
if (checkSignature(signature, timestamp, nonce)) {
out.print(request.getParameter("echostr"));
}
} catch (Exception e) {
e.printStackTrace();
} finally {
out.close();
out = null;
}
}
/**
*
* @Description: 判断token是否合法
* @param @param signature
* @param @param timestamp
* @param @param nonce
* @param @return
* @return boolean
* @throws
*/
private boolean checkSignature(String signature, String timestamp, String nonce) {
//根据微信账号获取token并校验
Map<String,Object> map=new HashMap<String,Object>();
map.put("wxNo", wxNo);
WeiXinMasterConfig masterConfig= weiXinExternalService.selectWeiXinMasterConfig(map);
if(masterConfig==null){
return false;
}
String[] arr = new String[] {masterConfig.getWxToken(), timestamp, nonce };
Arrays.sort(arr);
StringBuilder content = new StringBuilder();
for (int i = 0; i < arr.length; i++) {
content.append(arr[i]);
}
MessageDigest md = null;
String tmpStr = null;
try {
md = MessageDigest.getInstance("SHA-1");
byte[] digest = md.digest(content.toString().getBytes());
tmpStr = byteToStr(digest);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
content = null;
return tmpStr != null ? tmpStr.equals(signature.toUpperCase()) : false;
}
// 将字节转换为十六进制字符串
private static String byteToHexStr(byte ib) {
char[] Digit = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A',
'B', 'C', 'D', 'E', 'F' };
char[] ob = new char[2];
ob[0] = Digit[(ib >>> 4) & 0X0F];
ob[1] = Digit[ib & 0X0F];
String s = new String(ob);
return s;
}
// 将字节数组转换为十六进制字符串
private static String byteToStr(byte[] bytearray) {
String strDigest = "";
for (int i = 0; i < bytearray.length; i++) {
strDigest += byteToHexStr(bytearray[i]);
}
return strDigest;
}Atas ialah kandungan terperinci 微信公众平台开发之token验证和消息处理的方法. Untuk maklumat lanjut, sila ikut artikel berkaitan lain di laman web China PHP!
Kenyataan:
Kandungan artikel ini disumbangkan secara sukarela oleh netizen, dan hak cipta adalah milik pengarang asal. Laman web ini tidak memikul tanggungjawab undang-undang yang sepadan. Jika anda menemui sebarang kandungan yang disyaki plagiarisme atau pelanggaran, sila hubungi admin@php.cn
Artikel sebelumnya:微信公众账号开发者认证:uwsgi结合web.py的步骤详解Artikel seterusnya:微信公众开发使用消息接的方法