1、获取微信公众号signature需要有三个参数 ---- appId 、appsecret 、 url
appId 和 appsecret 只需登录“微信公众平台”--“开发”--“基本设置”
url则是前台传过来的当前页面的地址值
2、获取微信公众号signature需要先获取三个参数 noncestr、timestamp、jsapi_ticket,以及上面的url值
由这四个参数组合后进行加密,便是signature
其中noncestr、timestamp获取很简单,只是单纯的获取随机数和时间戳
而jsapi_ticket则先需获取access_token,在获取access_token过程中就会用到上面的appId 、appsecret
获取到的jsapi_ticket以及access_token是有时间限制的,正常为7200秒,需注意!!!
粗略讲解到此结束!!!
一、先获取access_token
public String getAccessToken(String appId , String appSecret){
// 网页授权接口
String GetPageAccessTokenUrl = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid="+appId+"&secret="+appSecret;
HttpClient client = null;
String access_token = null;
int expires_in = 0;
try {
client = new DefaultHttpClient();
HttpGet httpget = new HttpGet(GetPageAccessTokenUrl);
ResponseHandlerresponseHandler = new BasicResponseHandler();
String response = client.execute(httpget, responseHandler);
JSONObject OpenidJSONO = JSONObject.fromObject(response);
access_token = String.valueOf(OpenidJSONO.get("access_token"));//获取access_token
expires_in = Integer.parseInt(String.valueOf(OpenidJSONO.get("expires_in")));//获取时间
} catch (Exception e) {
throw new CommonRuntimeException("获取AccessToken出错!");
} finally {
client.getConnectionManager().shutdown();
}
return access_token;
}
二、获取jsapi_ticket
public String getTicket(String accessToken) {
// 网页授权接口
String GetPageAccessTokenUrl = "https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token="+accessToken+"&type=jsapi";
HttpClient client = null;
String ticket = "";
int expires_in = 0;
try {
client = new DefaultHttpClient();
HttpGet httpget = new HttpGet(GetPageAccessTokenUrl);
ResponseHandlerresponseHandler = new BasicResponseHandler();
String response = client.execute(httpget, responseHandler);
JSONObject OpenidJSONO = JSONObject.fromObject(response);
ticket = String.valueOf(OpenidJSONO.get("ticket"));//获取ticket
expires_in = Integer.parseInt(String.valueOf(OpenidJSONO.get("expires_in")));//获取时间
} catch (Exception e) {
throw new CommonRuntimeException("获取Ticket出错!");
} finally {
client.getConnectionManager().shutdown();
}
return ticket;
}
三、SHA1加密,参数是由url、jsapi_ticket、noncestr、timestamp组合而成
public String SHA1(String str) {
try {
MessageDigest digest = java.security.MessageDigest
.getInstance("SHA-1"); //如果是SHA加密只需要将"SHA-1"改成"SHA"即可
digest.update(str.getBytes());
byte messageDigest[] = digest.digest();
// Create Hex String
StringBuffer hexStr = new StringBuffer();
// 字节数组转换为 十六进制 数
for (int i = 0; i < messageDigest.length; i++) {
String shaHex = Integer.toHexString(messageDigest[i] & 0xFF);
if (shaHex.length() < 2) {
hexStr.append(0);
}
hexStr.append(shaHex);
}
return hexStr.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return null;
}
四、获取 Signature
public String getSignature(String url) {
String signature = "";
String appid = *********;//微信公众号的appid
String appsecret = ***********;//微信公众号的appsecret
//获取noncestr
String noncestr = UUID.randomUUID().toString();
//获取timestamp
String timestamp = Long.toString(System.currentTimeMillis() / 1000);
//获取access_token
String access_token = getAccessToken(appid , appsecret);
//获取jspai_ticket
String jsapi_ticket = getTicket(access_token);
//将四个数据进行组合,传给SHA1进行加密
String str = "jsapi_ticket=" + jsapi_ticket +
"&noncestr=" + noncestr +
"×tamp=" + timestamp +
"&url=" + url;
//sha1加密
signature = SHA1(str);
return signature ;
}
经过上方四个步骤就可以获得signature了,但在我自己实现的过程中,遇到了一个问题,在此提醒一下
若appid、appsecret使用的是企业微信公众号,则会在获取access_token、jsapi_ticket中取得null值
报了IP地址不在于白名单中,我采取了使用个人微信公众号的解决方法,则可以正常使用。