SignatureCheckKit.java
1.76 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
/**
* Copyright (c) 2011-2014, James Zhan 詹波 (jfinal@126.com).
*
* Licensed under the Apache License, Version 2.0 (the "License");
*/
package com.jfinal.weixin.sdk.kit;
import com.jfinal.core.Controller;
import com.jfinal.kit.HashKit;
import com.jfinal.weixin.sdk.api.ApiConfigKit;
import java.util.Arrays;
/**
* 测试用的账号:
* appID = wx9803d1188fa5fbda
* appsecret = db859c968763c582794e7c3d003c3d87
* url = http://www.jfinal.com/weixin
* token = __my__token__
*/
public class SignatureCheckKit {
public static final SignatureCheckKit me = new SignatureCheckKit();
/**
* php 示例
* <pre>
* $signature = $_GET["signature"];
$timestamp = $_GET["timestamp"];
$nonce = $_GET["nonce"];
$token = TOKEN;
$tmpArr = array($token, $timestamp, $nonce);
sort($tmpArr, SORT_STRING);
$tmpStr = implode( $tmpArr );
$tmpStr = sha1( $tmpStr );
if( $tmpStr == $signature ){
return true;
}else{
return false;
}
* </pre>
* @param signature 微信加密签名
* @param timestamp 时间戳
* @param nonce 随机字符串
* @return {boolean}
*/
public boolean checkSignature(String signature, String timestamp, String nonce) {
String TOKEN = ApiConfigKit.getApiConfig().getToken();
String array[] = {TOKEN, timestamp, nonce};
Arrays.sort(array);
String tempStr = new StringBuilder().append(array[0] + array[1] + array[2]).toString();
tempStr = HashKit.sha1(tempStr);
return tempStr.equalsIgnoreCase(signature);
}
public boolean checkSignature(Controller c) {
return checkSignature(c.getPara("signature"), c.getPara("timestamp"), c.getPara("nonce"));
}
}