这篇文章介绍微信公众平台开发之token验证和消息处理的方法
/** * * @Description: 微信消息处理以及用户分组 * @author zhangjun * @date 2014-1-7 上午10:51:51 */ public class WeiXinMessageAction extends BaseAction{ /** * */ private static final long serialVersionUID = 1L; private IFeWeiXinMessageService weiXinExternalService; private String wxNo; public String responseMessgaeInfo(){ Boolean isGet = request.getMethod().equalsIgnoreCase("GET"); if(isGet){ validateSignature(); }else{ saveWxMessage(); } return null; } /** * * @Description: 接收post保存接受的消息 只保存MsgType类型为text信息 * @param * @return void * @throws */ private void saveWxMessage(){ InputStream inputStream; try { request.setCharacterEncoding("UTF-8"); Document doc = null; SAXReader reader = new SAXReader(); inputStream = request.getInputStream(); doc = reader.read(inputStream); Element root = doc.getRootElement(); String toUserName = root.element("ToUserName").getTextTrim(); String fromUserName = root.element("FromUserName").getTextTrim(); String content = root.element("Content").getTextTrim(); String msgType=root.element("MsgType").getTextTrim(); String msgId=root.element("MsgId").getTextTrim(); String createTime=root.element("CreateTime").getTextTrim(); //只保存文本消息 //时间 System.out.println("接收消息内容:"+content+"-----------------msgType:"+msgType); if(WeiXinMsgType.TEXT.type.equals(msgType)){ weiXinExternalService.addWxMessage(toUserName, fromUserName, content, msgType, msgId, formatTime(createTime)); } } catch (Exception e) { e.printStackTrace(); } } /** * * @Description: 传入的CreateTime转换成long类型 * @param @param createTime * @param @return * @return Date * @throws */ private Date formatTime(String createTime) { long msgCreateTime = Long.parseLong(createTime) * 1000L; return new Date(msgCreateTime); } /** * * @Description: 校验微信签名 * @param * @return void * @throws */ private void validateSignature(){ PrintWriter out = null; try { String signature = request.getParameter("signature"); String timestamp = request.getParameter("timestamp"); String nonce = request.getParameter("nonce"); out = response.getWriter(); if (checkSignature(signature, timestamp, nonce)) { out.print(request.getParameter("echostr")); } } catch (Exception e) { e.printStackTrace(); } finally { out.close(); out = null; } } /** * * @Description: 判断token是否合法 * @param @param signature * @param @param timestamp * @param @param nonce * @param @return * @return boolean * @throws */ private boolean checkSignature(String signature, String timestamp, String nonce) { //根据微信账号获取token并校验 Map<String,Object> map=new HashMap<String,Object>(); map.put("wxNo", wxNo); WeiXinMasterConfig masterConfig= weiXinExternalService.selectWeiXinMasterConfig(map); if(masterConfig==null){ return false; } String[] arr = new String[] {masterConfig.getWxToken(), timestamp, nonce }; Arrays.sort(arr); StringBuilder content = new StringBuilder(); for (int i = 0; i < arr.length; i++) { content.append(arr[i]); } MessageDigest md = null; String tmpStr = null; try { md = MessageDigest.getInstance("SHA-1"); byte[] digest = md.digest(content.toString().getBytes()); tmpStr = byteToStr(digest); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } content = null; return tmpStr != null ? tmpStr.equals(signature.toUpperCase()) : false; } // 将字节转换为十六进制字符串 private static String byteToHexStr(byte ib) { char[] Digit = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' }; char[] ob = new char[2]; ob[0] = Digit[(ib >>> 4) & 0X0F]; ob[1] = Digit[ib & 0X0F]; String s = new String(ob); return s; } // 将字节数组转换为十六进制字符串 private static String byteToStr(byte[] bytearray) { String strDigest = ""; for (int i = 0; i < bytearray.length; i++) { strDigest += byteToHexStr(bytearray[i]); } return strDigest; }
以上是微信公众平台开发之token验证和消息处理的方法的详细内容。更多信息请关注PHP中文网其他相关文章!