解决小程序，启用并设置消息推送配置校验不通过的问题。

841c031e · 如梦技术 · 25b0fd77 · 841c031e · 841c031e · 841c031e
6 changed file
--- a/README.md
+++ b/README.md
@@ -17,7 +17,7 @@ jfinal weixin 的 spring boot starter，这个starter是为了方便boot用户
 <dependency>
    <groupId>net.dreamlu</groupId>
    <artifactId>spring-boot-starter-weixin</artifactId>
-    <version>1.3.3</version>
+    <version>1.3.4</version>
 </dependency>
 ```

@@ -67,6 +67,9 @@ dream:
 - `access-token-cache`建议配置有效时间7100秒。

 ## 更新说明
+>## 2019-03-17 v1.3.4
+> 解决小程序，启用并设置消息推送配置校验不通过的问题。
+
 >## 2019-03-07 v1.3.3
 > 升级到 `gradle 5.2.1`。


--- a/spring-boot-starter-weixin/gradle.properties
+++ b/spring-boot-starter-weixin/gradle.properties
-VERSION=1.3.3
+VERSION=1.3.4
 GROUPID=net.dreamlu

 userName=chunmeng

--- a/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgController.java
+++ b/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgController.java
@@ -23,6 +23,11 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

+/**
+ * 消息控制器
+ *
+ * @author L.cm
+ */
 public abstract class MsgController {
 	private static final Log logger = LogFactory.getLog(WebUtils.class);
 	private static final String IN_MSG_WX_CACHE_KEY = "_IN_MSG_WX_CACHE_KEY_";

--- a/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgInterceptor.java
+++ b/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgInterceptor.java
 package net.dreamlu.weixin.spring;

+import com.jfinal.kit.HashKit;
 import com.jfinal.kit.StrKit;
 import com.jfinal.weixin.sdk.api.ApiConfigKit;
-import com.jfinal.weixin.sdk.kit.SignatureCheckKit;
+import com.jfinal.wxaapp.WxaConfigKit;
+import lombok.RequiredArgsConstructor;
 import net.dreamlu.weixin.annotation.WxApi;
 import net.dreamlu.weixin.properties.DreamWeixinProperties;
 import org.apache.commons.logging.Log;
@@ -13,16 +15,19 @@ import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.util.Arrays;

+/**
+ * 消息拦截器
+ *
+ * @author L.cm
+ */
+@RequiredArgsConstructor
 public class MsgInterceptor extends HandlerInterceptorAdapter {
 	private static final Log logger = LogFactory.getLog(MsgInterceptor.class);

 	private final DreamWeixinProperties weixinProperties;

-	public MsgInterceptor(DreamWeixinProperties weixinProperties) {
-		this.weixinProperties = weixinProperties;
-	}
-
 	@Override
 	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
 		// 非控制器请求直接跳出
@@ -39,29 +44,31 @@ public class MsgInterceptor extends HandlerInterceptorAdapter {
 			ApiConfigKit.setThreadLocalAppId(appId);
 			return true;
 		}
+		// 判断是否多公众号，将 appId 与当前线程绑定，以便在后续操作中方便获取ApiConfig对象：
 		Object bean = handlerMethod.getBean();
-		// 小程序直接跳出
-		if (bean instanceof DreamWxaMsgController) {
-			return true;
+		boolean isWx = bean instanceof MsgController;
+		String token;
+		if (isWx) {
+			token = ApiConfigKit.getApiConfig().getToken();
+		} else {
+			token = WxaConfigKit.getWxaConfig().getToken();
 		}
-		/**
-		 * 将 appId 与当前线程绑定，以便在后续操作中方便获取ApiConfig对象：
-		 * <pre>
-		 *     ApiConfigKit.getApiConfig();
-		 * </pre>
-		 */
-		ApiConfigKit.setThreadLocalAppId(appId);
+
 		// 如果是服务器配置请求，则配置服务器并返回
 		if (isConfigServerRequest(request)) {
-			configServer(request, response);
+			configServer(request, response, token);
 			return false;
 		}
+		// 判断是否多公众号，将 appId 与当前线程绑定，以便在后续操作中方便获取ApiConfig对象：
+		if (isWx) {
+			ApiConfigKit.setThreadLocalAppId(appId);
+		}
 		// 对开发测试更加友好
 		if (ApiConfigKit.isDevMode()) {
 			return true;
 		} else {
 			// 签名检测
-			if (checkSignature(request, response)) {
+			if (checkSignature(request, token)) {
 				return true;
 			} else {
 				WebUtils.renderText(response, "签名验证失败，请确定是微信服务器在发送消息过来");
@@ -74,7 +81,7 @@ public class MsgInterceptor extends HandlerInterceptorAdapter {
 	/**
 	 * 检测签名
 	 */
-	private boolean checkSignature(HttpServletRequest request, HttpServletResponse response) {
+	private boolean checkSignature(HttpServletRequest request, String token) {
 		String signature = request.getParameter("signature");
 		String timestamp = request.getParameter("timestamp");
 		String nonce = request.getParameter("nonce");
@@ -82,7 +89,7 @@ public class MsgInterceptor extends HandlerInterceptorAdapter {
 			logger.error("check signature failure");
 			return false;
 		}
-		if (SignatureCheckKit.me.checkSignature(signature, timestamp, nonce)) {
+		if (checkSignature(token, signature, timestamp, nonce)) {
 			return true;
 		} else {
 			logger.error("check signature failure: " +
@@ -106,13 +113,13 @@ public class MsgInterceptor extends HandlerInterceptorAdapter {
 	 * @param request  HttpServletRequest
 	 * @param response HttpServletResponse
 	 */
-	private void configServer(HttpServletRequest request, HttpServletResponse response) {
+	private void configServer(HttpServletRequest request, HttpServletResponse response, String token) {
 		// 通过 echostr 判断请求是否为配置微信服务器回调所需的 url 与 token
 		String echostr = request.getParameter("echostr");
 		String signature = request.getParameter("signature");
 		String timestamp = request.getParameter("timestamp");
 		String nonce = request.getParameter("nonce");
-		boolean isOk = SignatureCheckKit.me.checkSignature(signature, timestamp, nonce);
+		boolean isOk = checkSignature(token, signature, timestamp, nonce);
 		if (isOk && !response.isCommitted()) {
 			WebUtils.renderText(response, echostr);
 		} else {
@@ -120,6 +127,14 @@ public class MsgInterceptor extends HandlerInterceptorAdapter {
 		}
 	}

+	private boolean checkSignature(String token, String signature, String timestamp, String nonce) {
+		String[] array = new String[]{token, timestamp, nonce};
+		Arrays.sort(array);
+		String tempStr = array[0] + array[1] + array[2];
+		tempStr = HashKit.sha1(tempStr);
+		return tempStr.equalsIgnoreCase(signature);
+	}
+
 	@Override
 	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
 		super.afterCompletion(request, response, handler, ex);

--- a/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/WebUtils.java
+++ b/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/WebUtils.java
@@ -7,6 +7,11 @@ import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;

+/**
+ * web工具类
+ *
+ * @author L.cm
+ */
 class WebUtils {
 	private static final Log logger = LogFactory.getLog(WebUtils.class);


--- a/spring-boot-weixin-demo/pom.xml
+++ b/spring-boot-weixin-demo/pom.xml
@@ -33,7 +33,7 @@
 		<dependency>
 			<groupId>net.dreamlu</groupId>
 			<artifactId>spring-boot-starter-weixin</artifactId>
-			<version>1.3.3</version>
+			<version>1.3.4</version>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>