開發者送出資訊後,微信伺服器将發送GET請求到填寫的URL上,GET請求攜帶四個參數:
參數 | 描述 |
---|---|
signature | 微信加密簽名,signature結合了開發者填寫的token參數和請求中的timestamp參數、nonce參數。 |
timestamp | 時間戳 |
nonce | 随機數 |
echostr | 随機字元串 |
package util;
import java.security.MessageDigest;
import java.util.Arrays;
public final class MessageDigestUtil {
private MessageDigest alga;
private static MessageDigestUtil _instance ;
public static MessageDigestUtil getInstance() {
if (_instance == null ){
_instance = new MessageDigestUtil();
}
return _instance;
}
private MessageDigestUtil() {
try {
alga = MessageDigest.getInstance("SHA-1");
} catch(Exception e) {
throw new InternalError("init MessageDigest error:" + e.getMessage());
}
}
public static String byte2hex(byte[] b) {
String des = "";
String tmp = null;
for (int i = 0; i < b.length; i++) {
tmp = (Integer.toHexString(b[i] & 0xFF));
if (tmp.length() == 1) {
des += "0";
}
des += tmp;
}
return des;
}
public String encipher(String strSrc) {
String strDes = null;
byte[] bt = strSrc.getBytes();
alga.update(bt);
strDes = byte2hex(alga.digest()); //to HexString
return strDes;
}
public static void main(String[] args) {
String signature="b7982f21e7f18f640149be5784df8d377877ebf9";
String timestamp="1365760417";
String nonce="1365691777";
String[] ArrTmp = { "token", timestamp, nonce };
Arrays.sort(ArrTmp);
StringBuffer sb = new StringBuffer();
for (int i = 0; i < ArrTmp.length; i++) {
sb.append(ArrTmp[i]);
}
String pwd =MessageDigestUtil.getInstance().encipher(sb.toString());
if (signature.equals(pwd)) {
System.out.println("token 驗證成功~!");
}else {
System.out.println("token 驗證失敗~!");
}
}
}