接口校验

This commit is contained in:
zeek 2020-03-19 21:45:56 +08:00
parent c3924471fa
commit 241efb39b7
11 changed files with 127 additions and 102 deletions

62
pom.xml
View File

@ -16,6 +16,8 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.8</maven.compiler.source> <maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target> <maven.compiler.target>1.8</maven.compiler.target>
<weixin-java-mp.version>3.7.0</weixin-java-mp.version>
</properties> </properties>
<parent> <parent>
@ -44,6 +46,11 @@
</exclusions> </exclusions>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId> <artifactId>spring-boot-starter</artifactId>
@ -68,6 +75,38 @@
</exclusions> </exclusions>
</dependency> </dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.9</version>
</dependency>
<dependency>
<groupId>com.github.binarywang</groupId>
<artifactId>weixin-java-mp</artifactId>
<version>${weixin-java-mp.version}</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
<version>2.9.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-configuration-processor</artifactId>
<optional>true</optional>
</dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-test</artifactId> <artifactId>spring-boot-test</artifactId>
@ -81,29 +120,6 @@
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency>
<groupId>com.github.binarywang</groupId>
<artifactId>weixin-java-common</artifactId>
<version>3.7.0</version>
</dependency>
<dependency>
<groupId>com.github.binarywang</groupId>
<artifactId>weixin-java-mp</artifactId>
<version>3.6.0</version>
</dependency>
<dependency>
<groupId>com.github.binarywang</groupId>
<artifactId>wx-java-mp-spring-boot-starter</artifactId>
<version>3.7.0</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.9</version>
</dependency>
<dependency> <dependency>
<groupId>junit</groupId> <groupId>junit</groupId>

View File

@ -1,59 +0,0 @@
package com.qq.weixin.mp.aes;
@SuppressWarnings("serial")
public class AesException extends Exception {
public final static int OK = 0;
public final static int ValidateSignatureError = -40001;
public final static int ParseXmlError = -40002;
public final static int ComputeSignatureError = -40003;
public final static int IllegalAesKey = -40004;
public final static int ValidateAppidError = -40005;
public final static int EncryptAESError = -40006;
public final static int DecryptAESError = -40007;
public final static int IllegalBuffer = -40008;
//public final static int EncodeBase64Error = -40009;
//public final static int DecodeBase64Error = -40010;
//public final static int GenReturnXmlError = -40011;
private int code;
private static String getMessage(int code) {
switch (code) {
case ValidateSignatureError:
return "签名验证错误";
case ParseXmlError:
return "xml解析失败";
case ComputeSignatureError:
return "sha加密生成签名失败";
case IllegalAesKey:
return "SymmetricKey非法";
case ValidateAppidError:
return "appid校验失败";
case EncryptAESError:
return "aes加密失败";
case DecryptAESError:
return "aes解密失败";
case IllegalBuffer:
return "解密后得到的buffer非法";
// case EncodeBase64Error:
// return "base64加密错误";
// case DecodeBase64Error:
// return "base64解密错误";
// case GenReturnXmlError:
// return "xml生成失败";
default:
return null; // cannot be
}
}
public int getCode() {
return code;
}
public AesException(int code) {
super(getMessage(code));
this.code = code;
}
}

View File

@ -1,4 +1,4 @@
package com.zeekling.solo.weixin; package com.zeekling.solo.wechat;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.builder.SpringApplicationBuilder; import org.springframework.boot.builder.SpringApplicationBuilder;

View File

@ -0,0 +1,47 @@
package com.zeekling.solo.wechat.conf;
import lombok.AllArgsConstructor;
import me.chanjar.weixin.mp.api.WxMpService;
import me.chanjar.weixin.mp.api.impl.WxMpServiceImpl;
import me.chanjar.weixin.mp.config.WxMpConfigStorage;
import me.chanjar.weixin.mp.config.impl.WxMpDefaultConfigImpl;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import javax.annotation.Resource;
import java.util.HashMap;
import java.util.Map;
import java.util.stream.Collectors;
/**
* @author zeekling [lingzhaohui@zeekling.cn]
* @version 1.0
* @apiNote
* @since 2020-03-18
*/
@AllArgsConstructor
@Configuration
public class WeChatBeans {
@Resource
private WeXinConfigure weXinConfigure;
@Bean
public WxMpService wxMpService() {
WxMpService service = new WxMpServiceImpl();
WxMpDefaultConfigImpl configStorage = new WxMpDefaultConfigImpl();
configStorage.setAppId(weXinConfigure.getAppId());
configStorage.setSecret(weXinConfigure.getSecret());
configStorage.setToken(weXinConfigure.getToken());
configStorage.setAesKey(weXinConfigure.getAesKey());
Map<String, WxMpConfigStorage> configStorageMap = new HashMap<>();
configStorageMap.put(weXinConfigure.getAppId(), configStorage);
service.setMultiConfigStorages(configStorageMap);
return service;
}
// public WxMpInMemoryConfigStorage
}

View File

@ -1,10 +1,8 @@
package com.zeekling.solo.weixin.conf; package com.zeekling.solo.wechat.conf;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import javax.validation.Valid;
/** /**
* @author zeekling [lingzhaohui@zeekling.cn] * @author zeekling [lingzhaohui@zeekling.cn]
* @version 1.0 * @version 1.0

View File

@ -1,9 +1,9 @@
package com.zeekling.solo.weixin.controller; package com.zeekling.solo.wechat.controller;
import com.qq.weixin.mp.aes.AesException; import com.zeekling.solo.wechat.conf.WeXinConfigure;
import com.zeekling.solo.weixin.conf.WeXinConfigure; import com.zeekling.solo.wechat.entity.Validate;
import com.zeekling.solo.weixin.entity.Validate; import com.zeekling.solo.wechat.verify.SHA1;
import com.zeekling.solo.weixin.verify.SHA1; import me.chanjar.weixin.mp.api.WxMpService;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
@ -25,8 +25,11 @@ public class WeXinController {
@Resource @Resource
private WeXinConfigure wechatConfig; private WeXinConfigure wechatConfig;
@Resource
private WxMpService wxMpService;
@RequestMapping(value = "/validate") @RequestMapping(value = "/validate")
public String validate(Validate validate) throws AesException { public String validate(Validate validate) {
String token = wechatConfig.getToken(); String token = wechatConfig.getToken();
String signature = SHA1.getSHA1(token, validate.getTimestamp(), validate.getNonce()); String signature = SHA1.getSHA1(token, validate.getTimestamp(), validate.getNonce());
// 3.字符串校验 // 3.字符串校验
@ -36,7 +39,7 @@ public class WeXinController {
return validate.getEchostr(); return validate.getEchostr();
} else { } else {
logger.error("微信-签名校验失败"); logger.error("微信-签名校验失败");
return ""; return "微信-签名校验失败";
} }
} }

View File

@ -1,4 +1,4 @@
package com.zeekling.solo.weixin.entity; package com.zeekling.solo.wechat.entity;
/** /**
* @author zeekling [lingzhaohui@zeekling.cn] * @author zeekling [lingzhaohui@zeekling.cn]
@ -16,6 +16,16 @@ public class Validate {
private String echostr; private String echostr;
private String appid;
public String getAppid() {
return appid;
}
public void setAppid(String appid) {
this.appid = appid;
}
public String getSignature() { public String getSignature() {
return signature; return signature;
} }

View File

@ -0,0 +1,12 @@
package com.zeekling.solo.wechat.service;
/**
* @author zeekling [lingzhaohui@zeekling.cn]
* @version 1.0
* @apiNote
* @since 2020-03-18
*/
public interface WeChatService {
}

View File

@ -1,6 +1,4 @@
package com.zeekling.solo.weixin.verify; package com.zeekling.solo.wechat.verify;
import com.qq.weixin.mp.aes.AesException;
import java.security.MessageDigest; import java.security.MessageDigest;
import java.util.Arrays; import java.util.Arrays;
@ -21,7 +19,7 @@ public class SHA1 {
* @param nonce 随机字符串 * @param nonce 随机字符串
* @return 安全签名 * @return 安全签名
*/ */
public static String getSHA1(String token, String timestamp, String nonce) throws AesException { public static String getSHA1(String token, String timestamp, String nonce) {
try { try {
String[] array = new String[]{token, timestamp, nonce}; String[] array = new String[]{token, timestamp, nonce};
StringBuilder sb = new StringBuilder(); StringBuilder sb = new StringBuilder();

View File

@ -2,7 +2,7 @@ server.port=9090
logging.file=/home/zeek/project/solo-weixin/logs/weixin.log logging.file=/home/zeek/project/solo-weixin/logs/weixin.log
# 公众号配置(必填) # 公众号配置(必填)
wx.mp.appId=zeekling wx.mp.appId=wxa1de154d148ffc9e
wx.mp.secret=@secret wx.mp.secret=3b988f265ea9d5056657b5f5fc3ad566
wx.mp.token=zeekling wx.mp.token=zeekling
wx.mp.aesKey=@aesKey wx.mp.aesKey=MhHpsysI44QIZkEPTiIvTf96XbEJY3QAGUHyxF1Vp9W

View File

@ -4,4 +4,4 @@
* @author zeekling [lingzhaohui@zeekling.cn] * @author zeekling [lingzhaohui@zeekling.cn]
* @since 2020-03-15 * @since 2020-03-15
*/ */
package com.zeekling.solo.weixin; package com.zeekling.solo.wechat;