最近接手一個公衆號,決定學習下微信開放平臺API,豐富下這個服務號。
在接入之前,首先最重要的就是閱讀微信提供的API接口文檔
一、接入操作步驟,參照接入指南,操作自己的服務號,初次接入本人選擇的是明文模式
二、在頁面中需要填寫第三方服務器一個servlet的url,用於接入驗證,下面代碼是doGet的方法,用於接收來自微信的驗證請求
sha1的簽名生成算法參考了網上代碼,如果需要刪除,請隨時聯繫我
package com.access;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collections;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class MyWeixinServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
private static final char[] HEX_DIGITS = { '0', '1', '2', '3', '4', '5',
'6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
try {
response.setCharacterEncoding("UTF-8");
request.setCharacterEncoding("UTF-8");
/****************************************準備參數*************************************************/
/**
微信接入驗證時提交的4個參數,
signature:微信加密簽名,signature結合了開發者填寫的token參數和請求中的timestamp參數、nonce參數。
timestamp:時間戳
nonce:隨機數
echostr:隨機字符串*/
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
String echostr = request.getParameter("echostr");
System.out.println("signature:"+signature);
System.out.println("timestamp:"+timestamp);
System.out.println("nonce:"+nonce);
System.out.println("echostr:"+echostr);
//自定義token
String token = "zheshiwodetoken";
/**
校驗流程如下:
1. 將token、timestamp、nonce三個參數進行字典序排序
2. 將三個參數字符串拼接成一個字符串進行sha1加密
3. 開發者獲得加密後的字符串可與signature對比,標識該請求來源於微信
*/
//構建token、timestamp、nonce的數組,並進行字典排序
ArrayList<String> arl = new ArrayList<String>();
arl.add(token);
arl.add(timestamp);
arl.add(nonce);
Collections.sort(arl);
//構建sha1字符串
String sha1 ="";
for (int i = 0; i < arl.size(); i++) {
sha1+=arl.get(i);
}
System.out.println("for sha1:"+sha1);
//使用sha1算法獲得摘要sig
MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
messageDigest.update(sha1.getBytes());
String sig = getFormattedText(messageDigest.digest());
//signature校驗
PrintWriter out = null;
if(signature.equals(sig)){
//校驗成功,返回echostr,接入成功
System.out.println("sha1: true!!!!!"+sig);
out = response.getWriter();
out.write(echostr);
out.flush();
}else{
//校驗失敗,理論上是應該報錯的,我省懶,一樣返回了echostr,這個請注意。。。
System.out.println("sha1: false!!!!!"+sig);
out = response.getWriter();
out.write(echostr);
out.flush();
}
} catch (Exception e) {
e.printStackTrace();
}
}
private static String getFormattedText(byte[] bytes) {
int len = bytes.length;
StringBuilder buf = new StringBuilder(len * 2);
// 鎶婂瘑鏂囪漿鎹㈡垚鍗佸叚榪涘埗鐨勫瓧絎︿覆褰㈠紡
for (int j = 0; j < len; j++) {
buf.append(HEX_DIGITS[(bytes[j] >> 4) & 0x0f]);
buf.append(HEX_DIGITS[bytes[j] & 0x0f]);
}
return buf.toString();
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response){
try{
InputStream is = request.getInputStream();
{
byte[] b = new byte[1024];
int len = 0;
StringBuilder builder = new StringBuilder();
while ((len = is.read(b)) != -1) {
byte[] t = new byte[len];
System.arraycopy(b, 0, t, 0, len);
builder.append(new String(t, "utf-8"));
}
System.out.println("get message:"+builder);
}
}catch (Exception e){
e.printStackTrace();
}
}
public static void main(String args[]) throws NoSuchAlgorithmException{
String a = "1426521501";
String s = "871891313";
String d = "zheshiwodetouken";
String sha1 = a + s + d;
MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
messageDigest.update(sha1.getBytes());
String sig = getFormattedText(messageDigest.digest());
System.out.println(sig);
}
}
三、之後點擊提交,就接入成功了,微信會爲你分配一個微信APPID作爲你的唯一標識,之後就可以開始調用微信提供的豐富接口了