|
|
|
@ -23,6 +23,9 @@ import javax.servlet.http.HttpServletRequest; |
|
|
|
import javax.servlet.http.HttpServletResponse; |
|
|
|
import java.awt.image.BufferedImage; |
|
|
|
import java.io.IOException; |
|
|
|
import java.security.MessageDigest; |
|
|
|
import java.security.NoSuchAlgorithmException; |
|
|
|
import java.util.Arrays; |
|
|
|
|
|
|
|
/** |
|
|
|
* @Description 通用登录接口 |
|
|
|
@ -121,4 +124,86 @@ public class LoginController { |
|
|
|
} |
|
|
|
return new Result().ok(""); |
|
|
|
} |
|
|
|
//================start test code==========
|
|
|
|
/** |
|
|
|
* 校验签名 |
|
|
|
*/ |
|
|
|
public static boolean checkSignature(String signature, String timestamp, String nonce) { |
|
|
|
System.out.println("signature:" + signature + "timestamp:" + timestamp + "nonc:" + nonce); |
|
|
|
String WECHAT_TOKEN = "1jkoyyih83nj8"; |
|
|
|
String[] arr = new String[]{WECHAT_TOKEN, timestamp, nonce}; |
|
|
|
// 将token、timestamp、nonce三个参数进行字典序排序
|
|
|
|
Arrays.sort(arr); |
|
|
|
StringBuilder content = new StringBuilder(); |
|
|
|
for (int i = 0; i < arr.length; i++) { |
|
|
|
content.append(arr[i]); |
|
|
|
} |
|
|
|
MessageDigest md = null; |
|
|
|
String tmpStr = null; |
|
|
|
|
|
|
|
try { |
|
|
|
md = MessageDigest.getInstance("SHA-1"); |
|
|
|
// 将三个参数字符串拼接成一个字符串进行sha1加密
|
|
|
|
byte[] digest = md.digest(content.toString().getBytes()); |
|
|
|
tmpStr = byteToStr(digest); |
|
|
|
} catch (NoSuchAlgorithmException e) { |
|
|
|
e.printStackTrace(); |
|
|
|
} |
|
|
|
|
|
|
|
content = null; |
|
|
|
// 将sha1加密后的字符串可与signature对比,标识该请求来源于微信
|
|
|
|
System.out.println(tmpStr.equals(signature.toUpperCase())); |
|
|
|
return tmpStr != null ? tmpStr.equals(signature.toUpperCase()) : false; |
|
|
|
} |
|
|
|
|
|
|
|
/** |
|
|
|
* 将字节数组转换为十六进制字符串 |
|
|
|
* |
|
|
|
* @param byteArray |
|
|
|
* @return |
|
|
|
*/ |
|
|
|
private static String byteToStr(byte[] byteArray) { |
|
|
|
String strDigest = ""; |
|
|
|
for (int i = 0; i < byteArray.length; i++) { |
|
|
|
strDigest += byteToHexStr(byteArray[i]); |
|
|
|
} |
|
|
|
return strDigest; |
|
|
|
} |
|
|
|
|
|
|
|
/** |
|
|
|
* 将字节转换为十六进制字符串 |
|
|
|
* |
|
|
|
* @param mByte |
|
|
|
* @return |
|
|
|
*/ |
|
|
|
private static String byteToHexStr(byte mByte) { |
|
|
|
char[] Digit = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'}; |
|
|
|
char[] tempArr = new char[2]; |
|
|
|
tempArr[0] = Digit[(mByte >>> 4) & 0X0F]; |
|
|
|
tempArr[1] = Digit[mByte & 0X0F]; |
|
|
|
|
|
|
|
String s = new String(tempArr); |
|
|
|
return s; |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
* 打开开发者模式签名认证 |
|
|
|
* @param signature |
|
|
|
* @param timestamp |
|
|
|
* @param nonce |
|
|
|
* @param echostr |
|
|
|
* @return |
|
|
|
*/ |
|
|
|
@ResponseBody |
|
|
|
@RequestMapping(value = "/service", method = RequestMethod.GET) |
|
|
|
public Object defaultView(String signature, String timestamp, String nonce, String echostr) { |
|
|
|
if (echostr == null || echostr.isEmpty()) { |
|
|
|
return nonce; |
|
|
|
} |
|
|
|
if (this.checkSignature(signature, timestamp, nonce)) { |
|
|
|
return echostr; |
|
|
|
} |
|
|
|
return nonce; |
|
|
|
} |
|
|
|
} |
|
|
|
|
jianjun
4 years ago