@RequestMapping(
value = {"wx/todo/listByPage"},
method = RequestMethod.GET)
public void verifyUrl(HttpServletRequest request, HttpServletResponse response)
throws IOException {
// 获取url验证参数
java.util.Map<String, String> reqMap = QiYeUtil.requestServerParam(request);
System.out.println("request=" + request.getRequestURL());
PrintWriter out = response.getWriter();
ApproveAccessSecret accessSecret = new ApproveAccessSecret();
// 通过检验signature对请求进行校验,若校验成功则原样返回echostr,表示接入成功,否则接入失败
String result = null;
try {
WXBizMsgCrypt wxcpt =
new WXBizMsgCrypt(
accessSecret.getToken(), accessSecret.getEncodingAESKey(), AccessSecret.CORPID);
result =
wxcpt.VerifyURL(
reqMap.get("msg_signature"),
reqMap.get("timestamp"),
reqMap.get("nonce"),
reqMap.get("echostr"));
} catch (AesException e) {
e.printStackTrace();
}
if (result == null) {
result = accessSecret.getToken();
}
out.print(result);
out.close();
out = null;
}
@ResponseBody
@RequestMapping(value = "/wx/todo/listByPage", method = RequestMethod.POST)
public void listByPage(HttpServletRequest request, HttpServletResponse response)
throws Exception {
// 将请求、响应的编码均设置为UTF-8(防止中文乱码)
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
// 获取url验证参数
java.util.Map<String, String> reqMap = QiYeUtil.requestServerParam(request);
// 从请求中读取整个post数据
InputStream inputStream = request.getInputStream();
String postData = IOUtils.toString(inputStream, "UTF-8");
System.out.println(postData);
ApproveAccessSecret accessSecret = new ApproveAccessSecret();
//// 解密消息
String msg = "";
WXBizMsgCrypt wxcpt = null;
try {
wxcpt =
new WXBizMsgCrypt(
accessSecret.getToken(), accessSecret.getEncodingAESKey(), AccessSecret.CORPID);
msg =
wxcpt.DecryptMsg(
reqMap.get("msg_signature"),
reqMap.get("timestamp"),
reqMap.get("nonce"),
postData); // 解密消息
} catch (AesException e) {
e.printStackTrace();
}
System.out.println("msg=" + msg);
// xml请求解析
Map<String, String> requestMap = MessageUtil.parseXml(msg);
String msgType = requestMap.get("MsgType"); // 消息类型
String eventType = requestMap.get("Event"); // 事件类型
if (!(msgType.equals(MessageUtil.REQ_MESSAGE_TYPE_EVENT)
&& (eventType.equalsIgnoreCase(MessageUtil.EVENT_TYPE_VIEW)))) {
// 调用核心业务类接收消息、处理消息
String respMessage = CoreService.processRequest(msg);
System.out.println("respMessage=" + respMessage);
String encryptMsg = "";
try {
// 加密回复消息
encryptMsg = wxcpt.EncryptMsg(respMessage, reqMap.get("timestamp"), reqMap.get("nonce"));
} catch (AesException e) {
e.printStackTrace();
}
// 响应消息
PrintWriter out = response.getWriter();
out.print(encryptMsg);
out.close();
} else {
// 设置agentId
HttpSession session = request.getSession();
if (session.getAttribute("accessSecret") == null)
session.setAttribute("accessSecret", this.accessSecret);
}
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
ServletInputStream inputStream = request.getInputStream();
ServletOutputStream outputStream = response.getOutputStream();
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
String echostr = request.getParameter("echostr");
// 加密模式
String encrypt_type = request.getParameter("encrypt_type");
String msg_signature = request.getParameter("msg_signature");
WXBizMsgCrypt wxBizMsgCrypt = null;
// 加密方式
boolean isAes = "aes".equals(encrypt_type);
if (isAes) {
try {
wxBizMsgCrypt = new WXBizMsgCrypt(encodingToken, encodingAesKey, appId);
} catch (AesException e) {
e.printStackTrace();
}
}
// 首次请求申请验证,返回echostr
if (isAes && echostr != null) {
try {
echostr = URLDecoder.decode(echostr, "utf-8");
String echostr_decrypt = wxBizMsgCrypt.verifyUrl(msg_signature, timestamp, nonce, echostr);
outputStreamWrite(outputStream, echostr_decrypt);
return;
} catch (AesException e) {
e.printStackTrace();
}
} else if (echostr != null) {
outputStreamWrite(outputStream, echostr);
return;
}
EventMessage eventMessage = null;
if (isAes) {
try {
// 获取XML数据(含加密参数)
String postData = StreamUtils.copyToString(inputStream, Charset.forName("utf-8"));
// 解密XML 数据
String xmlData = wxBizMsgCrypt.decryptMsg(msg_signature, timestamp, nonce, postData);
// XML 转换为bean 对象
eventMessage = XMLConverUtil.convertToObject(EventMessage.class, xmlData);
} catch (AesException e) {
e.printStackTrace();
}
} else {
// 验证请求签名
if (!signature.equals(SignatureUtil.generateEventMessageSignature(token, timestamp, nonce))) {
System.out.println("The request signature is invalid");
return;
}
if (inputStream != null) {
// XML 转换为bean 对象
eventMessage = XMLConverUtil.convertToObject(EventMessage.class, inputStream);
}
}
String expireKey =
eventMessage.getFromUserName()
+ "__"
+ eventMessage.getToUserName()
+ "__"
+ eventMessage.getMsgId()
+ "__"
+ eventMessage.getCreateTime();
if (expireSet.contains(expireKey)) {
// 重复通知不作处理
return;
} else {
expireSet.add(expireKey);
}
// 创建回复
XMLTextMessage xmlTextMessage =
new XMLTextMessage(eventMessage.getFromUserName(), eventMessage.getToUserName(), "你好");
// 回复
xmlTextMessage.outputStreamWrite(outputStream, wxBizMsgCrypt);
}