From 0b710bd391272b48f038d88ab10b1ac7f104bdf4 Mon Sep 17 00:00:00 2001
From: wangw <1594593906@qq.com>
Date: Mon, 20 Oct 2025 16:42:50 +0800
Subject: [PATCH] =?UTF-8?q?=E6=8E=A5=E6=94=B6=E5=88=B0=E5=BE=AE=E4=BF=A1?=
 =?UTF-8?q?=E9=AA=8C=E8=AF=81=E8=AF=B7=E6=B1=82=20=E8=BF=94=E5=9B=9E?=
 =?UTF-8?q?=E7=BA=AF=E6=96=87=E6=9C=AC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/czg/controller/NotifyController.java  | 78 +++++++++++--------
 .../service/account/util/AcAccountUtil.java   |  2 +-
 2 files changed, 48 insertions(+), 32 deletions(-)

diff --git a/cash-api/account-server/src/main/java/com/czg/controller/NotifyController.java b/cash-api/account-server/src/main/java/com/czg/controller/NotifyController.java
index ad37b509..ef1b5c73 100644
--- a/cash-api/account-server/src/main/java/com/czg/controller/NotifyController.java
+++ b/cash-api/account-server/src/main/java/com/czg/controller/NotifyController.java
@@ -2,11 +2,14 @@ package com.czg.controller;
 
 import com.czg.account.service.UserInfoService;
 import jakarta.annotation.Resource;
+import jakarta.servlet.http.HttpServletRequest;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.*;
 
+import java.io.BufferedReader;
+import java.io.IOException;
 import java.util.Arrays;
 
 /**
@@ -27,38 +30,51 @@ public class NotifyController {
     private static final String TOKEN = "DZjyHBq3nTujF0NM1dnXikU8ZCvy";
 
 
-    @GetMapping(produces = MediaType.TEXT_PLAIN_VALUE)
-    public String notify(@RequestParam String signature, @RequestParam String timestamp, @RequestParam String nonce, @RequestParam String echostr) {
-        log.info("接收到微信验证请求 - signature: {}, timestamp: {}, nonce: {}, echostr: {}",
-                signature, timestamp, nonce, echostr);
-        return echostr;
+    @RequestMapping(produces = MediaType.TEXT_PLAIN_VALUE)
+    public String notify(HttpServletRequest request,
+                         @RequestParam(required = false) String signature, // GET 必传，POST 可选，设为非必选
+                         @RequestParam(required = false) String timestamp,
+                         @RequestParam(required = false) String nonce,
+                         @RequestParam(required = false) String echostr) {
+
+        // 1. 处理 GET 请求（微信开发者验证）
+        if ("GET".equals(request.getMethod())) {
+            log.info("接收到微信验证请求 - signature: {}, timestamp: {}, nonce: {}, echostr: {}",
+                    signature, timestamp, nonce, echostr);
+            return echostr;
+        }
+
+        // 2. 处理 POST 请求（微信消息推送，如关注、消息等）
+        else if ("POST".equals(request.getMethod())) {
+            log.info("接收到微信 POST 消息请求 - signature: {}, timestamp: {}, nonce: {}",
+                    signature, timestamp, nonce);
+            // 读取 POST 请求体中的 XML 数据（微信推送的消息格式为 XML）
+            String xmlData = readPostXml(request);
+            log.info("微信 POST 消息内容: {}", xmlData);
+
+            // TODO: 后续可添加消息解析、业务处理逻辑（如关注事件、文本消息回复等）
+            // 处理完成后，微信要求返回 "SUCCESS" 或空字符串（否则会重试推送）
+            return SUCCESS;
+        }
+
+        // 3. 其他请求方式（如 PUT/DELETE），返回空字符串
+        return "";
     }
 
+    /**
+     * 工具方法：读取 POST 请求体中的 XML 数据
+     */
+    private String readPostXml(HttpServletRequest request) {
+        StringBuilder xmlSb = new StringBuilder();
+        try (BufferedReader reader = request.getReader()) {
+            String line;
+            while ((line = reader.readLine()) != null) {
+                xmlSb.append(line);
+            }
+        } catch (IOException e) {
+            log.error("读取微信 POST 消息体失败", e);
+        }
+        return xmlSb.toString();
+    }
 
-    //        // 1. 校验参数完整性
-//        if (signature == null || timestamp == null || nonce == null) {
-//            log.error("验证失败：参数不完整");
-//            return "";
-//        }
-//
-//        // 2. 将token、timestamp、nonce按字典序排序
-//        String[] arr = new String[]{TOKEN, timestamp, nonce};
-//        Arrays.sort(arr);
-//
-//        // 3. 拼接为一个字符串
-//        StringBuilder sb = new StringBuilder();
-//        for (String s : arr) {
-//            sb.append(s);
-//        }
-//
-//        // 4. SHA1加密
-//        String encryptedStr = DigestUtils.sha1Hex(sb.toString());
-//        log.info("本地加密后签名: {}", encryptedStr);
-//
-//        if (encryptedStr.equals(signature)) {
-//            return echostr;
-//        } else {
-//            log.error("签名验证失败 - 本地加密: {}, 微信签名: {}", encryptedStr, signature);
-//            return "";
-//        }
 }
diff --git a/cash-service/account-service/src/main/java/com/czg/service/account/util/AcAccountUtil.java b/cash-service/account-service/src/main/java/com/czg/service/account/util/AcAccountUtil.java
index 9cec0697..089a0b1c 100644
--- a/cash-service/account-service/src/main/java/com/czg/service/account/util/AcAccountUtil.java
+++ b/cash-service/account-service/src/main/java/com/czg/service/account/util/AcAccountUtil.java
@@ -110,7 +110,7 @@ public class AcAccountUtil {
         bodyJson.put("action_name", "QR_SCENE");
         JSONObject actionInfo = new JSONObject();
         JSONObject scene = new JSONObject();
-        scene.put("scene_id", 36449);
+        scene.put("scene_id", 333);
         actionInfo.put("scene", scene);
         bodyJson.put("action_info", actionInfo);
         System.out.println(bodyJson);