From 841c031e003774bb6a7aacfd8fe3880bdd335391 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=A6=82=E6=A2=A6=E6=8A=80=E6=9C=AF?= <596392912@qq.com>
Date: Sun, 17 Mar 2019 00:11:52 +0800
Subject: [PATCH] =?UTF-8?q?=E8=A7=A3=E5=86=B3=E5=B0=8F=E7=A8=8B=E5=BA=8F?=
=?UTF-8?q?=EF=BC=8C=E5=90=AF=E7=94=A8=E5=B9=B6=E8=AE=BE=E7=BD=AE=E6=B6=88?=
=?UTF-8?q?=E6=81=AF=E6=8E=A8=E9=80=81=E9=85=8D=E7=BD=AE=E6=A0=A1=E9=AA=8C?=
=?UTF-8?q?=E4=B8=8D=E9=80=9A=E8=BF=87=E7=9A=84=E9=97=AE=E9=A2=98=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
README.md | 5 +-
spring-boot-starter-weixin/gradle.properties | 2 +-
.../dreamlu/weixin/spring/MsgController.java | 5 ++
.../dreamlu/weixin/spring/MsgInterceptor.java | 57 ++++++++++++-------
.../net/dreamlu/weixin/spring/WebUtils.java | 5 ++
spring-boot-weixin-demo/pom.xml | 2 +-
6 files changed, 52 insertions(+), 24 deletions(-)
diff --git a/README.md b/README.md
index 5b1709f..21da26f 100644
--- a/README.md
+++ b/README.md
@@ -17,7 +17,7 @@ jfinal weixin 的 spring boot starter,这个starter是为了方便boot用户
- * ApiConfigKit.getApiConfig(); - *- */ - ApiConfigKit.setThreadLocalAppId(appId); + // 如果是服务器配置请求,则配置服务器并返回 if (isConfigServerRequest(request)) { - configServer(request, response); + configServer(request, response, token); return false; } + // 判断是否多公众号,将 appId 与当前线程绑定,以便在后续操作中方便获取ApiConfig对象: + if (isWx) { + ApiConfigKit.setThreadLocalAppId(appId); + } // 对开发测试更加友好 if (ApiConfigKit.isDevMode()) { return true; } else { // 签名检测 - if (checkSignature(request, response)) { + if (checkSignature(request, token)) { return true; } else { WebUtils.renderText(response, "签名验证失败,请确定是微信服务器在发送消息过来"); @@ -74,7 +81,7 @@ public class MsgInterceptor extends HandlerInterceptorAdapter { /** * 检测签名 */ - private boolean checkSignature(HttpServletRequest request, HttpServletResponse response) { + private boolean checkSignature(HttpServletRequest request, String token) { String signature = request.getParameter("signature"); String timestamp = request.getParameter("timestamp"); String nonce = request.getParameter("nonce"); @@ -82,7 +89,7 @@ public class MsgInterceptor extends HandlerInterceptorAdapter { logger.error("check signature failure"); return false; } - if (SignatureCheckKit.me.checkSignature(signature, timestamp, nonce)) { + if (checkSignature(token, signature, timestamp, nonce)) { return true; } else { logger.error("check signature failure: " + @@ -106,13 +113,13 @@ public class MsgInterceptor extends HandlerInterceptorAdapter { * @param request HttpServletRequest * @param response HttpServletResponse */ - private void configServer(HttpServletRequest request, HttpServletResponse response) { + private void configServer(HttpServletRequest request, HttpServletResponse response, String token) { // 通过 echostr 判断请求是否为配置微信服务器回调所需的 url 与 token String echostr = request.getParameter("echostr"); String signature = request.getParameter("signature"); String timestamp = request.getParameter("timestamp"); String nonce = request.getParameter("nonce"); - boolean isOk = SignatureCheckKit.me.checkSignature(signature, timestamp, nonce); + boolean isOk = checkSignature(token, signature, timestamp, nonce); if (isOk && !response.isCommitted()) { WebUtils.renderText(response, echostr); } else { @@ -120,6 +127,14 @@ public class MsgInterceptor extends HandlerInterceptorAdapter { } } + private boolean checkSignature(String token, String signature, String timestamp, String nonce) { + String[] array = new String[]{token, timestamp, nonce}; + Arrays.sort(array); + String tempStr = array[0] + array[1] + array[2]; + tempStr = HashKit.sha1(tempStr); + return tempStr.equalsIgnoreCase(signature); + } + @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { super.afterCompletion(request, response, handler, ex); diff --git a/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/WebUtils.java b/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/WebUtils.java index b8f210d..03ae1b0 100644 --- a/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/WebUtils.java +++ b/spring-boot-starter-weixin/src/main/java/net/dreamlu/weixin/spring/WebUtils.java @@ -7,6 +7,11 @@ import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; +/** + * web工具类 + * + * @author L.cm + */ class WebUtils { private static final Log logger = LogFactory.getLog(WebUtils.class); diff --git a/spring-boot-weixin-demo/pom.xml b/spring-boot-weixin-demo/pom.xml index c2f6b1b..f9e989f 100644 --- a/spring-boot-weixin-demo/pom.xml +++ b/spring-boot-weixin-demo/pom.xml @@ -33,7 +33,7 @@