Commit 592ab3bd by 吕明尚

增加小程序消息校验

parent 6e9b1268
...@@ -21,6 +21,7 @@ wechat: ...@@ -21,6 +21,7 @@ wechat:
mchId: 1658895429 mchId: 1658895429
signKey: ZEKu56XCezuESfNEdM4zVZEN3cz2PuHz signKey: ZEKu56XCezuESfNEdM4zVZEN3cz2PuHz
certPath: /var/gxpt/wechat_ssl/apiclient_cert.p12 certPath: /var/gxpt/wechat_ssl/apiclient_cert.p12
token: coujio
# 开发环境配置 # 开发环境配置
server: server:
# 服务器的HTTP端口,默认为8080 # 服务器的HTTP端口,默认为8080
...@@ -197,3 +198,5 @@ meituan: ...@@ -197,3 +198,5 @@ meituan:
dianping: dianping:
appKey: a59ea57cd1eb4737 appKey: a59ea57cd1eb4737
appSecret: 0caaabb7fda1c1be46636171548dcf510d1fb706 appSecret: 0caaabb7fda1c1be46636171548dcf510d1fb706
order:
allow-refund-time: 3600
\ No newline at end of file
package share.web.controller.common;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import share.system.util.WXMsgPushUtils;
import java.util.Map;
/**
* 微信小程序 模板消息推送
**/
@RestController
@RequestMapping("/weixinpublic")
public class WxMsgPushController {
@Value("${wechat.token}")
private String token;
/**
* 正确响应微信发送的Token验证,注意 这里是 get请求
**/
@GetMapping("/verify")
public String verifyUrl(@RequestParam Map<String, String> params) throws Exception {
// 微信发送的请求中 会有四个参数
// 微信加密签名,signature结合了开发者填写的 token 参数和请求中的 timestamp 参数、nonce参数。
String signature = params.get("signature");
// 随机字符串
String echostr = params.get("echostr");
// 时间戳
String timestamp = params.get("timestamp");
// 随机数
String nonce = params.get("nonce");
// 验证
String msgSignature = WXMsgPushUtils.getSHA1(token, timestamp, nonce);
// 验证失败
if (!signature.equals(msgSignature)) {
return "false";
}
// 验证成功 将 echostr 原格式返回 ,即可完成验证
return echostr;
}
}
...@@ -54,6 +54,7 @@ public class WebConfig implements WebMvcConfigurer { ...@@ -54,6 +54,7 @@ public class WebConfig implements WebMvcConfigurer {
"/room/roomStatus", "/room/roomStatus",
"/room/roomId", "/room/roomId",
"/dict/type/**", "/dict/type/**",
"/weixinpublic/**",
"**" "**"
).addPathPatterns("/**"); ).addPathPatterns("/**");
} }
......
...@@ -21,6 +21,7 @@ wechat: ...@@ -21,6 +21,7 @@ wechat:
mchId: 1658895429 mchId: 1658895429
signKey: ZEKu56XCezuESfNEdM4zVZEN3cz2PuHz signKey: ZEKu56XCezuESfNEdM4zVZEN3cz2PuHz
certPath: /Users/project/pseer/apiclient_cert.p12 certPath: /Users/project/pseer/apiclient_cert.p12
token: coujio
# 开发环境配置 # 开发环境配置
server: server:
# 服务器的HTTP端口,默认为8080 # 服务器的HTTP端口,默认为8080
...@@ -190,14 +191,10 @@ xss: ...@@ -190,14 +191,10 @@ xss:
excludes: /system/notice excludes: /system/notice
# 匹配链接 # 匹配链接
urlPatterns: /system/*,/monitor/*,/tool/* urlPatterns: /system/*,/monitor/*,/tool/*
meituan:
developerId: 123456
signKey: abcdefghijklmnopqrstuvwxyz
appAuthToken: abcdefghijklmnopqrstuvwxyz
dianping: dianping:
appKey: a59ea57cd1eb4737 appKey: a59ea57cd1eb4737
appSecret: 0caaabb7fda1c1be46636171548dcf510d1fb706 appSecret: 0caaabb7fda1c1be46636171548dcf510d1fb706
#订单 #订单
order: order:
allow-refund-time: 3600 allow-refund-time: 3600
...@@ -99,6 +99,13 @@ ...@@ -99,6 +99,13 @@
<systemPath>${project.basedir}/src/lib/dianping-openapi-java-sdk-qa-1.1.240-sources.jar</systemPath> <systemPath>${project.basedir}/src/lib/dianping-openapi-java-sdk-qa-1.1.240-sources.jar</systemPath>
</dependency> </dependency>
<dependency> <dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.0</version>
<scope>system</scope>
<systemPath>${project.basedir}/src/lib/commons-codec-1.9.jar</systemPath>
</dependency>
<dependency>
<groupId>com.google.guava</groupId> <groupId>com.google.guava</groupId>
<artifactId>guava</artifactId> <artifactId>guava</artifactId>
<version>28.2-android</version> <version>28.2-android</version>
...@@ -128,6 +135,15 @@ ...@@ -128,6 +135,15 @@
<groupId>org.springframework.integration</groupId> <groupId>org.springframework.integration</groupId>
<artifactId>spring-integration-mqtt</artifactId> <artifactId>spring-integration-mqtt</artifactId>
</dependency> </dependency>
<dependency>
<groupId>com.github.binarywang</groupId>
<artifactId>weixin-java-miniapp</artifactId>
<version>4.5.0</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
</dependency>
</dependencies> </dependencies>
</project> </project>
\ No newline at end of file
package share.system.util;
import java.util.Arrays;
import java.security.MessageDigest;
public class WXMsgPushUtils {
/**
* 用SHA1算法生成安全签名
*/
public static String getSHA1(String... values) throws Exception {
try {
String[] array = new String[values.length];
for (int i = 0; i < values.length; i++) {
array[i] = values[i];
}
StringBuffer sb = new StringBuffer();
// 字符串排序
Arrays.sort(array);
for (int i = 0; i < values.length; i++) {
sb.append(array[i]);
}
String str = sb.toString();
// SHA1签名生成
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.update(str.getBytes());
byte[] digest = md.digest();
StringBuffer hexstr = new StringBuffer();
String shaHex = "";
for (int i = 0; i < digest.length; i++) {
shaHex = Integer.toHexString(digest[i] & 0xFF);
if (shaHex.length() < 2) {
hexstr.append(0);
}
hexstr.append(shaHex);
}
return hexstr.toString();
} catch (Exception e) {
e.printStackTrace();
throw new Exception("SHA1加密失败");
}
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment