@RequestMapping( value = {"wx/todo/listByPage"}, method = RequestMethod.GET) public void verifyUrl(HttpServletRequest request, HttpServletResponse response) throws IOException { // 获取url验证参数 java.util.Map<String, String> reqMap = QiYeUtil.requestServerParam(request); System.out.println("request=" + request.getRequestURL()); PrintWriter out = response.getWriter(); ApproveAccessSecret accessSecret = new ApproveAccessSecret(); // 通过检验signature对请求进行校验,若校验成功则原样返回echostr,表示接入成功,否则接入失败 String result = null; try { WXBizMsgCrypt wxcpt = new WXBizMsgCrypt( accessSecret.getToken(), accessSecret.getEncodingAESKey(), AccessSecret.CORPID); result = wxcpt.VerifyURL( reqMap.get("msg_signature"), reqMap.get("timestamp"), reqMap.get("nonce"), reqMap.get("echostr")); } catch (AesException e) { e.printStackTrace(); } if (result == null) { result = accessSecret.getToken(); } out.print(result); out.close(); out = null; }
@ResponseBody @RequestMapping(value = "/wx/todo/listByPage", method = RequestMethod.POST) public void listByPage(HttpServletRequest request, HttpServletResponse response) throws Exception { // 将请求、响应的编码均设置为UTF-8(防止中文乱码) request.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8"); // 获取url验证参数 java.util.Map<String, String> reqMap = QiYeUtil.requestServerParam(request); // 从请求中读取整个post数据 InputStream inputStream = request.getInputStream(); String postData = IOUtils.toString(inputStream, "UTF-8"); System.out.println(postData); ApproveAccessSecret accessSecret = new ApproveAccessSecret(); //// 解密消息 String msg = ""; WXBizMsgCrypt wxcpt = null; try { wxcpt = new WXBizMsgCrypt( accessSecret.getToken(), accessSecret.getEncodingAESKey(), AccessSecret.CORPID); msg = wxcpt.DecryptMsg( reqMap.get("msg_signature"), reqMap.get("timestamp"), reqMap.get("nonce"), postData); // 解密消息 } catch (AesException e) { e.printStackTrace(); } System.out.println("msg=" + msg); // xml请求解析 Map<String, String> requestMap = MessageUtil.parseXml(msg); String msgType = requestMap.get("MsgType"); // 消息类型 String eventType = requestMap.get("Event"); // 事件类型 if (!(msgType.equals(MessageUtil.REQ_MESSAGE_TYPE_EVENT) && (eventType.equalsIgnoreCase(MessageUtil.EVENT_TYPE_VIEW)))) { // 调用核心业务类接收消息、处理消息 String respMessage = CoreService.processRequest(msg); System.out.println("respMessage=" + respMessage); String encryptMsg = ""; try { // 加密回复消息 encryptMsg = wxcpt.EncryptMsg(respMessage, reqMap.get("timestamp"), reqMap.get("nonce")); } catch (AesException e) { e.printStackTrace(); } // 响应消息 PrintWriter out = response.getWriter(); out.print(encryptMsg); out.close(); } else { // 设置agentId HttpSession session = request.getSession(); if (session.getAttribute("accessSecret") == null) session.setAttribute("accessSecret", this.accessSecret); } }
@Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { ServletInputStream inputStream = request.getInputStream(); ServletOutputStream outputStream = response.getOutputStream(); String signature = request.getParameter("signature"); String timestamp = request.getParameter("timestamp"); String nonce = request.getParameter("nonce"); String echostr = request.getParameter("echostr"); // 加密模式 String encrypt_type = request.getParameter("encrypt_type"); String msg_signature = request.getParameter("msg_signature"); WXBizMsgCrypt wxBizMsgCrypt = null; // 加密方式 boolean isAes = "aes".equals(encrypt_type); if (isAes) { try { wxBizMsgCrypt = new WXBizMsgCrypt(encodingToken, encodingAesKey, appId); } catch (AesException e) { e.printStackTrace(); } } // 首次请求申请验证,返回echostr if (isAes && echostr != null) { try { echostr = URLDecoder.decode(echostr, "utf-8"); String echostr_decrypt = wxBizMsgCrypt.verifyUrl(msg_signature, timestamp, nonce, echostr); outputStreamWrite(outputStream, echostr_decrypt); return; } catch (AesException e) { e.printStackTrace(); } } else if (echostr != null) { outputStreamWrite(outputStream, echostr); return; } EventMessage eventMessage = null; if (isAes) { try { // 获取XML数据(含加密参数) String postData = StreamUtils.copyToString(inputStream, Charset.forName("utf-8")); // 解密XML 数据 String xmlData = wxBizMsgCrypt.decryptMsg(msg_signature, timestamp, nonce, postData); // XML 转换为bean 对象 eventMessage = XMLConverUtil.convertToObject(EventMessage.class, xmlData); } catch (AesException e) { e.printStackTrace(); } } else { // 验证请求签名 if (!signature.equals(SignatureUtil.generateEventMessageSignature(token, timestamp, nonce))) { System.out.println("The request signature is invalid"); return; } if (inputStream != null) { // XML 转换为bean 对象 eventMessage = XMLConverUtil.convertToObject(EventMessage.class, inputStream); } } String expireKey = eventMessage.getFromUserName() + "__" + eventMessage.getToUserName() + "__" + eventMessage.getMsgId() + "__" + eventMessage.getCreateTime(); if (expireSet.contains(expireKey)) { // 重复通知不作处理 return; } else { expireSet.add(expireKey); } // 创建回复 XMLTextMessage xmlTextMessage = new XMLTextMessage(eventMessage.getFromUserName(), eventMessage.getToUserName(), "你好"); // 回复 xmlTextMessage.outputStreamWrite(outputStream, wxBizMsgCrypt); }