标签:
controller
@RequestMapping("/weixin") @ResponseBody public String weixin(String signature,String timestamp ,String nonce,String echostr) throws NoSuchAlgorithmException { String token="umaiw"; String tmpStr= getSHA1(token, timestamp, nonce); System.out.println("+++++++++++++++++++++tmpStr "+tmpStr); System.out.println("---------------------signature "+signature); if(tmpStr.equals(signature)){ return echostr; }else{ return null; } /** * 用SHA1算法生成安全签名 * @param token 票据 * @param timestamp 时间戳 * @param nonce 随机字符串 * @param encrypt 密文 * @return 安全签名 * @throws NoSuchAlgorithmException * @throws AesException */ public String getSHA1(String token, String timestamp, String nonce) throws NoSuchAlgorithmException { String[] array = new String[] { token, timestamp, nonce }; StringBuffer sb = new StringBuffer(); // 字符串排序 Arrays.sort(array); for (int i = 0; i < 3; i++) { sb.append(array[i]); } String str = sb.toString(); // SHA1签名生成 MessageDigest md = MessageDigest.getInstance("SHA-1"); md.update(str.getBytes()); byte[] digest = md.digest(); StringBuffer hexstr = new StringBuffer(); String shaHex = ""; for (int i = 0; i < digest.length; i++) { shaHex = Integer.toHexString(digest[i] & 0xFF); if (shaHex.length() < 2) { hexstr.append(0); } hexstr.append(shaHex); } return hexstr.toString(); }
Sign.java
package com.util; import java.util.UUID; import java.util.Map; import java.util.HashMap; import java.util.Formatter; import java.util.concurrent.TimeoutException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.io.IOException; import java.io.UnsupportedEncodingException; import javax.servlet.http.HttpServletRequest; import net.rubyeye.xmemcached.exception.MemcachedException; import org.junit.Test; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; @Component("Sign") public class Sign { @Autowired private WeiXinRequest weiXinRequest; @Test public Map<String, String> test(HttpServletRequest requesturl) throws IOException, TimeoutException, InterruptedException, MemcachedException { String ticket= weiXinRequest.getWeiXinTicket(); // 注意 URL 一定要动态获取,不能 hardcode String url = requesturl.getRequestURL().toString(); Map<String, String> ret = sign(ticket, url); for (Map.Entry entry : ret.entrySet()) { System.out.println(entry.getKey() + ", " + entry.getValue()); } ret.put("appId",weiXinRequest.appId ); return ret; }; public static Map<String, String> sign(String jsapi_ticket, String url) { Map<String, String> ret = new HashMap<String, String>(); String nonce_str = create_nonce_str(); String timestamp = create_timestamp(); String string1; String signature = ""; //注意这里参数名必须全部小写,且必须有序 string1 = "jsapi_ticket=" + jsapi_ticket + "&noncestr=" + nonce_str + "×tamp=" + timestamp + "&url=" + url; System.out.println(string1); try { MessageDigest crypt = MessageDigest.getInstance("SHA-1"); crypt.reset(); crypt.update(string1.getBytes("UTF-8")); signature = byteToHex(crypt.digest()); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } ret.put("url", url); ret.put("jsapi_ticket", jsapi_ticket); ret.put("nonceStr", nonce_str); ret.put("timestamp", timestamp); ret.put("signature", signature); return ret; } private static String byteToHex(final byte[] hash) { Formatter formatter = new Formatter(); for (byte b : hash) { formatter.format("%02x", b); } String result = formatter.toString(); formatter.close(); return result; } private static String create_nonce_str() { return UUID.randomUUID().toString(); } private static String create_timestamp() { return Long.toString(System.currentTimeMillis() / 1000); } }
WeiXinRequest.java
package com.util; import java.io.IOException; import java.io.InputStreamReader; import java.net.HttpURLConnection; import java.net.URL; import java.text.SimpleDateFormat; import java.util.Date; import java.util.Map; import java.util.concurrent.TimeoutException; import javax.servlet.http.HttpServletRequest; import javax.xml.crypto.Data; import net.rubyeye.xmemcached.MemcachedClient; import net.rubyeye.xmemcached.exception.MemcachedException; import org.activiti.engine.impl.util.json.JSONObject; import org.activiti.engine.impl.util.json.JSONTokener; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import com.model.CitySession; @Component("WeiXinRequest") public class WeiXinRequest { @Autowired private MemcachedClient memcachedClient; String appId = "你扫描后登陆进去的appid 不同人不一样哦"; private String appSecret="同上"; public String getWeiXinTicket() throws IOException, TimeoutException, InterruptedException, MemcachedException { String access_token=""; String ticket=""; Object act=memcachedClient.get("access_token"); Object apiticket=memcachedClient.get("ticket"); Object expires_in ; if(null==act){ URL url = new URL( "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=" + appId + "&secret=" + appSecret); JSONObject json = getConnection(url); access_token = (String) json.getString("access_token"); expires_in= json.get("expires_in"); if (access_token == null) { return null; } memcachedClient.set("access_token", 2*60*60, access_token); }else{ access_token=(String) act; } System.out.println("access_token is =====" + access_token); if(null==apiticket){ URL url1=new URL("https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token="+access_token+"&type=jsapi"); JSONObject json1 = getConnection(url1); ticket=(String) json1.get("ticket"); }else{ ticket=(String) apiticket; } return ticket; // 断开连接 } public JSONObject getConnection(URL url) throws IOException { HttpURLConnection connection = (HttpURLConnection) url.openConnection(); connection.setDoOutput(true); connection.setDoInput(true); connection.setRequestMethod("GET"); connection.setUseCaches(false); connection.setInstanceFollowRedirects(true); connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); connection.connect(); JSONObject jsono = new JSONObject(new JSONTokener( new InputStreamReader(connection.getInputStream()))); connection.disconnect(); return jsono; } }
js发送请求的controller
/* * json数据格式测试 */ @RequestMapping(value = "/house/index1") public ModelAndView index(HttpServletRequest request, HttpServletResponse response, ModelMap modelMap, HttpSession session) throws IOException, TimeoutException, InterruptedException, MemcachedException { Map<String, String> map=sign.test(request); modelMap.addAllAttributes(map); return new ModelAndView("/views/index/weixintest",modelMap); }
java微信签名,验证微信发送的signature,还有获取access_token和ticket
标签:
原文地址:http://my.oschina.net/angleshuai/blog/410500