增加小程序消息校验

share-admin/src/main/resources/application-prod.yml

@@ -21,6 +21,7 @@ wechat:
   mchId: 1658895429
   signKey: ZEKu56XCezuESfNEdM4zVZEN3cz2PuHz
   certPath: /var/gxpt/wechat_ssl/apiclient_cert.p12
+  token: coujio
 # 开发环境配置
 server:
   # 服务器的HTTP端口，默认为8080
@@ -197,3 +198,5 @@ meituan:
 dianping:
   appKey: a59ea57cd1eb4737
   appSecret: 0caaabb7fda1c1be46636171548dcf510d1fb706
+order:
+  allow-refund-time: 3600
\ No newline at end of file

share-front/src/main/java/share/web/controller/common/WxMsgPushController.java

+package share.web.controller.common;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+import share.system.util.WXMsgPushUtils;
+
+import java.util.Map;
+
+/**
+ * 微信小程序 模板消息推送
+ **/
+@RestController
+@RequestMapping("/weixinpublic")
+public class WxMsgPushController {
+    @Value("${wechat.token}")
+    private String token;
+
+    /**
+     * 正确响应微信发送的Token验证,注意 这里是 get请求
+     **/
+    @GetMapping("/verify")
+    public String verifyUrl(@RequestParam Map<String, String> params) throws Exception {
+        // 微信发送的请求中 会有四个参数
+        // 微信加密签名，signature结合了开发者填写的 token 参数和请求中的 timestamp 参数、nonce参数。
+        String signature = params.get("signature");
+        // 随机字符串
+        String echostr = params.get("echostr");
+        // 时间戳
+        String timestamp = params.get("timestamp");
+        // 随机数
+        String nonce = params.get("nonce");
+
+        // 验证
+        String msgSignature = WXMsgPushUtils.getSHA1(token, timestamp, nonce);
+
+        // 验证失败
+        if (!signature.equals(msgSignature)) {
+            return "false";
+        }
+        // 验证成功 将 echostr 原格式返回 ，即可完成验证
+        return echostr;
+    }
+}

share-front/src/main/java/share/web/core/config/WebConfig.java

@@ -54,6 +54,7 @@ public class WebConfig implements WebMvcConfigurer {
                         "/room/roomStatus",
                         "/room/roomId",
                         "/dict/type/**",
+                        "/weixinpublic/**",
                         "**"
                 ).addPathPatterns("/**");
     }

share-front/src/main/resources/application-prod.yml

@@ -21,6 +21,7 @@ wechat:
   mchId: 1658895429
   signKey: ZEKu56XCezuESfNEdM4zVZEN3cz2PuHz
   certPath: /Users/project/pseer/apiclient_cert.p12
+  token: coujio
 # 开发环境配置
 server:
   # 服务器的HTTP端口，默认为8080
@@ -190,14 +191,10 @@ xss:
   excludes: /system/notice
   # 匹配链接
   urlPatterns: /system/*,/monitor/*,/tool/*
-
-meituan:
-  developerId: 123456
-  signKey: abcdefghijklmnopqrstuvwxyz
-  appAuthToken: abcdefghijklmnopqrstuvwxyz
 dianping:
   appKey: a59ea57cd1eb4737
   appSecret: 0caaabb7fda1c1be46636171548dcf510d1fb706
 #订单
 order:
   allow-refund-time: 3600
+

share-system/pom.xml

@@ -99,6 +99,13 @@
             <systemPath>${project.basedir}/src/lib/dianping-openapi-java-sdk-qa-1.1.240-sources.jar</systemPath>
         </dependency>
         <dependency>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>1.0</version>
+            <scope>system</scope>
+            <systemPath>${project.basedir}/src/lib/commons-codec-1.9.jar</systemPath>
+        </dependency>
+        <dependency>
             <groupId>com.google.guava</groupId>
             <artifactId>guava</artifactId>
             <version>28.2-android</version>
@@ -128,6 +135,15 @@
             <groupId>org.springframework.integration</groupId>
             <artifactId>spring-integration-mqtt</artifactId>
         </dependency>
+        <dependency>
+            <groupId>com.github.binarywang</groupId>
+            <artifactId>weixin-java-miniapp</artifactId>
+            <version>4.5.0</version>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+        </dependency>
     </dependencies>
 
 </project>
\ No newline at end of file

share-system/src/main/java/share/system/util/WXMsgPushUtils.java

+package share.system.util;
+
+import java.util.Arrays;
+import java.security.MessageDigest;
+
+public class WXMsgPushUtils {
+
+    /**
+     * 用SHA1算法生成安全签名
+     */
+    public static String getSHA1(String... values) throws Exception {
+
+        try {
+            String[] array = new String[values.length];
+            for (int i = 0; i < values.length; i++) {
+                array[i] = values[i];
+            }
+
+            StringBuffer sb = new StringBuffer();
+            // 字符串排序
+            Arrays.sort(array);
+            for (int i = 0; i < values.length; i++) {
+                sb.append(array[i]);
+            }
+            String str = sb.toString();
+            // SHA1签名生成
+            MessageDigest md = MessageDigest.getInstance("SHA-1");
+            md.update(str.getBytes());
+            byte[] digest = md.digest();
+
+            StringBuffer hexstr = new StringBuffer();
+            String shaHex = "";
+            for (int i = 0; i < digest.length; i++) {
+                shaHex = Integer.toHexString(digest[i] & 0xFF);
+                if (shaHex.length() < 2) {
+                    hexstr.append(0);
+                }
+                hexstr.append(shaHex);
+            }
+            return hexstr.toString();
+        } catch (Exception e) {
+            e.printStackTrace();
+            throw new Exception("SHA1加密失败");
+        }
+
+    }
+}