本篇内容主要讲解“java中怎么实现token服务器验证”,感兴趣的朋友不妨来看看。本文介绍的方法操作简单快捷,实用性强。下面就让小编来带大家学习“java中怎么实现token服务器验证”吧!
网站建设哪家好,找创新互联!专注于网页设计、网站建设、微信开发、微信小程序定制开发、集团企业网站建设等服务项目。为回馈新老客户创新互联还提供了长阳免费建站欢迎大家使用!
import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; @WebServlet("/wx") public class WeixinServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String signature = req.getParameter("signature"); // 微信加密签名 String timestamp = req.getParameter("timestamp"); // 时间戳 String nonce = req.getParameter("nonce"); // 随机数 String echostr = req.getParameter("echostr"); // 随机字符串 PrintWriter out = resp.getWriter(); if (CheckUtil.checkSignature(signature, timestamp, nonce)) { out.print(echostr); } } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) { } }
CheckUtil中进行sha-1加密,对比和signature是否相同
import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Arrays; /** * 微信公众号进行服务器校验检查token方法 */ @Slf4j public class CheckUtil { // 与接口配置信息中的Token要一致 private static String token = "Token"; //校验签名 public static boolean checkSignature(String signature, String timestamp, String nonce) { log.info("signature:" + signature + "timestamp:" + timestamp + "nonc:" + nonce); System.out.println("signature:" + signature + "timestamp:" + timestamp + "nonc:" + nonce); // 将token、timestamp、nonce三个参数进行字典序排序 String[] arr = new String[]{token, timestamp, nonce}; Arrays.sort(arr); StringBuilder content = new StringBuilder(); for (String s : arr) { content.append(s); } MessageDigest md = null; String tmpStr = null; try { md = MessageDigest.getInstance("SHA-1"); // 将三个参数字符串拼接成一个字符串进行sha1加密 byte[] digest = md.digest(content.toString().getBytes()); tmpStr = CheckUtil.byteToStr(digest); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); log.error("sha-1加密发生错误:" + Arrays.toString(e.getStackTrace())); } content = null; // 将sha1加密后的字符串可与signature对比,标识该请求来源于微信 String msg = "本次校验的结果是:" + tmpStr.equals(signature.toUpperCase()); log.info(msg); return tmpStr != null ? tmpStr.equals(signature.toUpperCase()) : false; } /** * 将字节数组转换为十六进制字符串 * * @param byteArray * @return */ private static String byteToStr(byte[] byteArray) { String strDigest = ""; for (int i = 0; i < byteArray.length; i++) { strDigest += CheckUtil.byteToHexStr(byteArray[i]); } return strDigest; } /** * 将字节转换为十六进制字符串 * * @param mByte * @return */ private static String byteToHexStr(byte mByte) { char[] Digit = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'}; char[] tempArr = new char[2]; tempArr[0] = Digit[(mByte >>> 4) & 0X0F]; tempArr[1] = Digit[mByte & 0X0F]; String s = new String(tempArr); return s; } }
到此,相信大家对“java中怎么实现token服务器验证”有了更深的了解,不妨来实际操作一番吧!这里是创新互联网站,更多相关内容可以进入相关频道进行查询,关注我们,继续学习!