diff --git a/README.md b/README.md
index 5b1709fa011c0ac88118d18176d35a259e7d7d9c..21da26fec39e7c09e3927d8fae2af7856d292ac2 100644
--- a/README.md
+++ b/README.md
@@ -17,7 +17,7 @@ jfinal weixin 的 spring boot starter,这个starter是为了方便boot用户
net.dreamlu
spring-boot-starter-weixin
- 1.3.3
+ 1.3.4
```
@@ -67,6 +67,9 @@ dream:
- `access-token-cache`建议配置有效时间7100秒。
## 更新说明
+>## 2019-03-17 v1.3.4
+> 解决小程序,启用并设置消息推送配置校验不通过的问题。
+
>## 2019-03-07 v1.3.3
> 升级到 `gradle 5.2.1`。
diff --git a/spring-boot-starter-weixin/gradle.properties b/spring-boot-starter-weixin/gradle.properties
index 23d30a5b5be274cb77f148a0fd3dd604f38745d9..bd590a83220f1b31c99fe09223579bd3cfc1eca9 100644
--- a/spring-boot-starter-weixin/gradle.properties
+++ b/spring-boot-starter-weixin/gradle.properties
@@ -1,4 +1,4 @@
-VERSION=1.3.3
+VERSION=1.3.4
GROUPID=net.dreamlu
userName=chunmeng
diff --git a/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgController.java b/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgController.java
index 5285520d38f7ce1a278001961283dbf582623927..40f2b79cbfe1da8c09ff8979082bbe48b25d8375 100644
--- a/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgController.java
+++ b/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgController.java
@@ -23,6 +23,11 @@ import org.springframework.web.bind.annotation.RequestMapping;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+/**
+ * 消息控制器
+ *
+ * @author L.cm
+ */
public abstract class MsgController {
private static final Log logger = LogFactory.getLog(WebUtils.class);
private static final String IN_MSG_WX_CACHE_KEY = "_IN_MSG_WX_CACHE_KEY_";
diff --git a/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgInterceptor.java b/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgInterceptor.java
index b8ba92b7bd06b260a5e17dda38936f8771424f61..834f4fe74879126b6d383abf24f4122bcca0772b 100644
--- a/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgInterceptor.java
+++ b/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/MsgInterceptor.java
@@ -1,8 +1,10 @@
package net.dreamlu.weixin.spring;
+import com.jfinal.kit.HashKit;
import com.jfinal.kit.StrKit;
import com.jfinal.weixin.sdk.api.ApiConfigKit;
-import com.jfinal.weixin.sdk.kit.SignatureCheckKit;
+import com.jfinal.wxaapp.WxaConfigKit;
+import lombok.RequiredArgsConstructor;
import net.dreamlu.weixin.annotation.WxApi;
import net.dreamlu.weixin.properties.DreamWeixinProperties;
import org.apache.commons.logging.Log;
@@ -13,16 +15,19 @@ import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import java.util.Arrays;
+/**
+ * 消息拦截器
+ *
+ * @author L.cm
+ */
+@RequiredArgsConstructor
public class MsgInterceptor extends HandlerInterceptorAdapter {
private static final Log logger = LogFactory.getLog(MsgInterceptor.class);
private final DreamWeixinProperties weixinProperties;
- public MsgInterceptor(DreamWeixinProperties weixinProperties) {
- this.weixinProperties = weixinProperties;
- }
-
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 非控制器请求直接跳出
@@ -39,29 +44,31 @@ public class MsgInterceptor extends HandlerInterceptorAdapter {
ApiConfigKit.setThreadLocalAppId(appId);
return true;
}
+ // 判断是否多公众号,将 appId 与当前线程绑定,以便在后续操作中方便获取ApiConfig对象:
Object bean = handlerMethod.getBean();
- // 小程序直接跳出
- if (bean instanceof DreamWxaMsgController) {
- return true;
+ boolean isWx = bean instanceof MsgController;
+ String token;
+ if (isWx) {
+ token = ApiConfigKit.getApiConfig().getToken();
+ } else {
+ token = WxaConfigKit.getWxaConfig().getToken();
}
- /**
- * 将 appId 与当前线程绑定,以便在后续操作中方便获取ApiConfig对象:
- *
- * ApiConfigKit.getApiConfig();
- *
- */
- ApiConfigKit.setThreadLocalAppId(appId);
+
// 如果是服务器配置请求,则配置服务器并返回
if (isConfigServerRequest(request)) {
- configServer(request, response);
+ configServer(request, response, token);
return false;
}
+ // 判断是否多公众号,将 appId 与当前线程绑定,以便在后续操作中方便获取ApiConfig对象:
+ if (isWx) {
+ ApiConfigKit.setThreadLocalAppId(appId);
+ }
// 对开发测试更加友好
if (ApiConfigKit.isDevMode()) {
return true;
} else {
// 签名检测
- if (checkSignature(request, response)) {
+ if (checkSignature(request, token)) {
return true;
} else {
WebUtils.renderText(response, "签名验证失败,请确定是微信服务器在发送消息过来");
@@ -74,7 +81,7 @@ public class MsgInterceptor extends HandlerInterceptorAdapter {
/**
* 检测签名
*/
- private boolean checkSignature(HttpServletRequest request, HttpServletResponse response) {
+ private boolean checkSignature(HttpServletRequest request, String token) {
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
@@ -82,7 +89,7 @@ public class MsgInterceptor extends HandlerInterceptorAdapter {
logger.error("check signature failure");
return false;
}
- if (SignatureCheckKit.me.checkSignature(signature, timestamp, nonce)) {
+ if (checkSignature(token, signature, timestamp, nonce)) {
return true;
} else {
logger.error("check signature failure: " +
@@ -106,13 +113,13 @@ public class MsgInterceptor extends HandlerInterceptorAdapter {
* @param request HttpServletRequest
* @param response HttpServletResponse
*/
- private void configServer(HttpServletRequest request, HttpServletResponse response) {
+ private void configServer(HttpServletRequest request, HttpServletResponse response, String token) {
// 通过 echostr 判断请求是否为配置微信服务器回调所需的 url 与 token
String echostr = request.getParameter("echostr");
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
- boolean isOk = SignatureCheckKit.me.checkSignature(signature, timestamp, nonce);
+ boolean isOk = checkSignature(token, signature, timestamp, nonce);
if (isOk && !response.isCommitted()) {
WebUtils.renderText(response, echostr);
} else {
@@ -120,6 +127,14 @@ public class MsgInterceptor extends HandlerInterceptorAdapter {
}
}
+ private boolean checkSignature(String token, String signature, String timestamp, String nonce) {
+ String[] array = new String[]{token, timestamp, nonce};
+ Arrays.sort(array);
+ String tempStr = array[0] + array[1] + array[2];
+ tempStr = HashKit.sha1(tempStr);
+ return tempStr.equalsIgnoreCase(signature);
+ }
+
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
super.afterCompletion(request, response, handler, ex);
diff --git a/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/WebUtils.java b/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/WebUtils.java
index b8f210d7e0cab23641b746536f76841fb7dcb5fb..03ae1b0541313e95f5e1ecc4159a29b50341ec88 100644
--- a/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/WebUtils.java
+++ b/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/WebUtils.java
@@ -7,6 +7,11 @@ import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
+/**
+ * web工具类
+ *
+ * @author L.cm
+ */
class WebUtils {
private static final Log logger = LogFactory.getLog(WebUtils.class);
diff --git a/spring-boot-weixin-demo/pom.xml b/spring-boot-weixin-demo/pom.xml
index c2f6b1bfa06256de8da14c489261a04ba745bc9d..f9e989f1ed84a9b4633864913c75db5f968f2b01 100644
--- a/spring-boot-weixin-demo/pom.xml
+++ b/spring-boot-weixin-demo/pom.xml
@@ -33,7 +33,7 @@
net.dreamlu
spring-boot-starter-weixin
- 1.3.3
+ 1.3.4
org.springframework.boot