czg_team
/
cashier_server
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

验证消息

This commit is contained in:
wangw 2025-10-20 15:20:16 +08:00
parent c361fe651d
commit b6f1709219
2 changed files with 39 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
cash-api/account-server/src/main/java/com/czg/controller/NotifyController.java
View File

@ -3,12 +3,14 @@ package com.czg.controller;
import com.czg.account.service.UserInfoService; import com.czg.account.service.UserInfoService;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.RequestBody; import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.*;
import org.springframework.web.bind.annotation.RestController;
import java.util.Arrays;
/** /**
* 公众号 通知 * 公众号 通知
*
* @author ww * @author ww
* @description * @description
*/ */
@ -21,10 +23,38 @@ public class NotifyController {
@Resource @Resource
private UserInfoService userInfoService; private UserInfoService userInfoService;
private static final String TOKEN = "DZjyHBq3nTujF0NM1dnXikU8ZCvy";
@RequestMapping
public String notify(@RequestBody String str) { @GetMapping
log.info("公众号 通知:{}", str); public String notify(@RequestParam String signature, @RequestParam String timestamp, @RequestParam String nonce, @RequestParam String echostr) {
return SUCCESS; log.info("接收到微信验证请求 - signature: {}, timestamp: {}, nonce: {}, echostr: {}",
signature, timestamp, nonce, echostr);
// 1. 校验参数完整性
if (signature == null || timestamp == null || nonce == null) {
log.error("验证失败:参数不完整");
return "";
}
// 2. 将tokentimestampnonce按字典序排序
String[] arr = new String[]{TOKEN, timestamp, nonce};
Arrays.sort(arr);
// 3. 拼接为一个字符串
StringBuilder sb = new StringBuilder();
for (String s : arr) {
sb.append(s);
}
// 4. SHA1加密
String encryptedStr = DigestUtils.sha1Hex(sb.toString());
log.info("本地加密后签名: {}", encryptedStr);
if (encryptedStr.equals(signature)) {
return echostr;
} else {
log.error("签名验证失败 - 本地加密: {}, 微信签名: {}", encryptedStr, signature);
return "";
}
} }
} }

11
cash-service/account-service/src/main/java/com/czg/service/account/util/AcAccountUtil.java
View File

@ -75,7 +75,7 @@ public class AcAccountUtil {
*/ */
JSONObject respInfo = JSONObject.parseObject(resp); JSONObject respInfo = JSONObject.parseObject(resp);
if (respInfo.get("url") == null) { if (respInfo.get("url") == null) {
log.error("创建临时二维码失败, 响应内容: {}", resp); log.error("创建临时二维码失败,发送参数: {}, 响应内容: {}", bodyJson, resp);
return ""; return "";
} }
return respInfo.get("url").toString(); return respInfo.get("url").toString();
@ -102,14 +102,7 @@ public class AcAccountUtil {
} }
public static void main(String[] args) { public static void main(String[] args) {
String resp = HttpUtil.get(StrUtil.format("https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid={}&secret={}", String accessToken = "97_Kgg5H4EvOGc67n2GoR7Kqp-NuREOMuzesG0CpbNrx1JhvM6axp9Ub6OoZzBeANuQI3vExR9onbEeBhLdgiMjLjxpiwgDmXOgvZS_rEL5S766QVJQ7p2eggksyuQFPRdAEALVX";
"wx1fb600d0f5ea6279", "b4c0534c9b5e6c84a7fe5c2078dff876"));
JSONObject respInfo = JSONObject.parseObject(resp);
if (!respInfo.containsKey("access_token")) {
log.warn("公众号获取token失败, 响应内容: {}", resp);
throw new RuntimeException(resp);
}
String accessToken = respInfo.getString("access_token");
JSONObject bodyJson = new JSONObject(); JSONObject bodyJson = new JSONObject();
//二维码有效时间最大2592000仅临时二维码需要 //二维码有效时间最大2592000仅临时二维码需要
bodyJson.put("expire_seconds", "2592000"); bodyJson.put("expire_seconds", "2592000");