/** 根据token计算signature验证是否为weixin服务端发送的消息 */ private static boolean checkWeixinReques(HttpServletRequest request) { String signature = request.getParameter("signature"); String timestamp = request.getParameter("timestamp"); String nonce = request.getParameter("nonce"); if (signature != null && timestamp != null && nonce != null) { String[] strSet = new String[] {TOKEN, timestamp, nonce}; java.util.Arrays.sort(strSet); String key = ""; for (String string : strSet) { key = key + string; } String pwd = WeixinUtil.sha1(key); return pwd.equals(signature); } else { return false; } }