java微信平台验证票据
- 需要下载微信平台示例代码,内容在java文件夹下
- 注意需要手动导入dist文件夹下的aes-jre包并引入commons-codec依赖
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.9</version>
</dependency>
<dependency>
<groupId>aes-jre</groupId>
<artifactId>aes-jre</artifactId>
<version>1.2</version>
<scope>system</scope>
<systemPath>${project.basedir}/src/main/resources/lib/aes-jre1.6.jar</systemPath>
<!--我的aes-jre包在src/resource/lib文件夹下-->
</dependency>
- 如果不引入aes-jre1.6.jar会导致微信服务器向我们发起调用时会 提示“回应失败”日志也查不到相关内容,但是本地调用可以查询到日志
- component_verify_ticket 的有效时间为12小时,比 component_access_token 更长,建议保存最近可用的component_verify_ticket,在 component_access_token 过期之前都可以直接使用该 component_verify_ticket 进行更新,避免出现因为 component_verify_ticket 接收失败而无法更新 component_access_token 的情况。
附上代码:
private final static Log log = LogFactory.getLog(WxTicketController.class);
@PostMapping("verify")
public String verify(HttpServletRequest request){
try {
String encodingAesKey = "微信平台开发资料提供";
String token = "微信平台开发资料提供";
String appId = "微信平台开发资料提供";
String replyMsg = request.getParameter("msg_signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
// 从请求中读取整个post数据
InputStream inputStream;
String postData = null;
inputStream = request.getInputStream();
postData=IOUtils.toString(inputStream, "UTF-8"); //获取接收到消息里的XML密文,存放在postData中
WXBizMsgCrypt wxcpt = null;
log.info("postData:"+postData);
log.info("postData:"+postData);
log.info("msg_signature:"+replyMsg);
log.info("timestamp:"+timestamp);
log.info("nonce:"+nonce);
log.info("getServetoken:"+token); //token
log.info("getServeencodingaeskey:"+encodingAesKey); //aeskey
log.info("getServeappid:"+appId); //appid
//从XML中获取<Encrypt></Encrypt>标签内的密文文本
Document document = DocumentHelper.parseText(postData);//获取xml字符串
Element rootElement = document.getRootElement();//获取根目录
String encrypt = rootElement.elementText("Encrypt");
log.info("Encrypt:"+encrypt);
//格式化密文文本,否则没有<ToUserName>标签,会解密失败,参考官方的加解密代码JAVA版本
String format = "<xml><ToUserName><![CDATA[toUser]]></ToUserName><Encrypt><![CDATA[%1$s]]></Encrypt></xml>";
String fromXML = String.format(format, encrypt);
String msg = ""; //解密后的明文
if(StringUtil.isEmpty(encrypt)) {
msg = fromXML;
} else {
wxcpt = new WXBizMsgCrypt(token,encodingAesKey,appId);
// 解密消息
msg = wxcpt.decryptMsg(replyMsg, timestamp, nonce, fromXML);
}
log.info("msg:"+msg);
//将XML格式字符串转为Map类型
Map<String, String> msgMap = XMLUtil.readStringXmlOut(msg);
String infotype = msgMap.get("InfoType"); //获取infotype,注:微信开放平台文档中标明固定为:"component_verify_ticket",但参考其他代码,还包含authorized???
log.info(infotype);
switch (infotype) {
case "component_verify_ticket": //验证票据
String ComponentVerifyTicket = msgMap.get("ComponentVerifyTicket");
redisUtil.set("ComponentVerifyTicket",ComponentVerifyTicket); //将票据值写入Redis缓存中
log.info("component_verify_ticket:" + ComponentVerifyTicket);
break;
case "unauthorized"://用户取消授权
break;
}
} catch (Exception e) {
e.printStackTrace();
return "success";
}
return "success";
}
XMLUtil.java
import org.dom4j.Document;
import org.dom4j.DocumentException;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
public class XMLUtil {
/**
* @description 将xml字符串转换成map
* @param xml
* @return Map
*/
public static Map<String,String> readStringXmlOut(String xml) {
Map<String,String> map = new HashMap<String,String>();
Document doc = null;
try {
doc = DocumentHelper.parseText(xml); // 将字符串转为XML
Element rootElt = doc.getRootElement(); // 获取根节点
List<Element> list = rootElt.elements();//获取根节点下所有节点
for (Element element : list) { //遍历节点
map.put(element.getName(), element.getText()); //节点的name为map的key,text为map的value
}
} catch (DocumentException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return map;
}
}
版权声明:本文为weixin_47820787原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。