网上有很多教程,这里作为本人学习笔记记录。网上教程大多是PHP版本,由于我比较喜欢Java,这里用Java进行配置。
基本步骤参考官网
填写好token和URL之后下面要求验证服务器地址有效性
下面是代码
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.xinshidaisudi.util.SignUtil;
public class CoreServlet extends HttpServlet {
/**
* Constructor of the object.
*/
public static final String token = "Token";//token 这里要跟你刚才填写的Token一致
public CoreServlet() {
super();
}
/**
* Destruction of the servlet. <br>
*/
public void destroy() {
super.destroy(); // Just puts "destroy" string in log
// Put your code here
}
/**
* The doGet method of the servlet. <br>
*
* This method is called when a form has its tag value method equals to get.
*
* @param request the request send by the client to the server
* @param response the response send by the server to the client
* @throws ServletException if an error occurred
* @throws IOException if an error occurred
*/
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
//签名
String singature = request.getParameter("signature");
//时间戳
String timestamp = request.getParameter("timestamp");
//随机数
String nonce = request.getParameter("nonce");
//随机字符串
String echostr = request.getParameter("echostr");
//System.out.println("echostr: " + singature);
//System.out.println("timestamp: " + timestamp);
//System.out.println("nonce: " + nonce);
//System.out.println("echostr: " + echostr);
// 开发者通过检验signature对请求进行校验(下面有校验方式)。
// 若确认此次GET请求来自微信服务器,请原样返回echostr参数内容,则接入生效,成为开发者成功,否则接入失败。
PrintWriter out = response.getWriter();
if(SignUtil.checkSingature(token, singature, timestamp, nonce)){
out.write(echostr);
}
out.close();
out = null;
}
/**
* The doPost method of the servlet. <br>
*
* This method is called when a form has its tag value method equals to post.
*
* @param request the request send by the client to the server
* @param response the response send by the server to the client
* @throws ServletException if an error occurred
* @throws IOException if an error occurred
*/
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
}
/**
* Initialization of the servlet. <br>
*
* @throws ServletException if an error occurs
*/
public void init() throws ServletException {
// Put your code here
}
}
SignUtil.checkSingature(token, singature, timestamp, nonce)方法:
public static boolean checkSingature(String token,String singature ,String timestamp,String nonce){
String[] arr = new String[]{token,timestamp,nonce};
Arrays.sort(arr);//进行字典排序
//将字符串拼接成一个字符串
StringBuilder strBUilder = new StringBuilder();
for(String s : arr){
strBUilder.append(s);
}
String str = strBUilder.toString();
//sha1加密
StringBuilder builder = new StringBuilder();
try {
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.update(str.getBytes());
byte[] b = md.digest();
//转换成16进制字符串
for(byte bb : b){
String s = Integer.toHexString(bb & 0xff);
if(s.length() == 1)
builder.append("0");
builder.append(s);
}
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
String result = builder.toString();//得到SHA加密后结果
//System.out.println("result: " + result);
return result != null? result.equals(singature.toLowerCase()) :false;
}
这样就完成了基本的接入。
原文:http://www.cnblogs.com/daniel-lee/p/4249126.html