广州市综治平台后端
blame | history | raw
xusd
2025-06-07 36306491396230522fa20585c2621a7fc899849a 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122

package cn.huge.module.wechat.miniapp.controller;


 


import cn.binarywang.wx.miniapp.bean.WxMaMessage;


import cn.binarywang.wx.miniapp.constant.WxMaConstants;


import cn.huge.module.wechat.miniapp.service.WeixinMaService;


import org.apache.commons.lang3.StringUtils;


import org.slf4j.Logger;


import org.slf4j.LoggerFactory;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.web.bind.annotation.*;


 


import java.util.Objects;


 


/**


 * @title: 微信请求验证控制器


 * @description: 微信请求验证控制器


 * @company: hugeinfo


 * @author: liyj


 * @time: 2021/02/02


 * @version: 1.0.0


 **/


@RestController


@RequestMapping("/wechat/ma/portal")


public class WxMaPortalController {


    @Autowired


    private WeixinMaService wxService;


 


    private final Logger logger = LoggerFactory.getLogger(this.getClass());


 


    @GetMapping("text/plain;charset=utf-8")


    public String authGet(@RequestParam(value = "signature", required = false) String signature,


                          @RequestParam(value = "timestamp", required = false) String timestamp,


                          @RequestParam(value = "nonce", required = false) String nonce,


                          @RequestParam(value = "echostr", required = false) String echostr) {


        this.logger.info("\n接收到来自微信服务器的认证消息:[{}, {}, {}, {}]", signature, timestamp, nonce, echostr);


 


        if (StringUtils.isAnyBlank(signature, timestamp, nonce, echostr)) {


            throw new IllegalArgumentException("请求参数非法,请核实!");


        }


 


        if (this.getWxService().checkSignature(timestamp, nonce, signature)) {


            return echostr;


        }


 


        return "非法请求";


    }


 


    @PostMapping("application/xml; charset=UTF-8")


    public String post(@RequestBody String requestBody,


                       @RequestParam(value = "signature") String signature,


                       @RequestParam(value = "encrypt_type", required = false) String encType,


                       @RequestParam(value = "msg_signature", required = false) String msgSignature,


                       @RequestParam(value = "timestamp") String timestamp,


                       @RequestParam(value = "nonce") String nonce) {


        this.logger.info(


                "\n接收微信请求:[signature=[{}], encType=[{}], msgSignature=[{}],"


                        + " timestamp=[{}], nonce=[{}], requestBody=[\n{}\n] ",


                signature, encType, msgSignature, timestamp, nonce, requestBody);


 


        if (!this.wxService.checkSignature(timestamp, nonce, signature)) {


            throw new IllegalArgumentException("非法请求,可能属于伪造的请求!");


        }


 


        final boolean isJson = Objects.equals(this.wxService.getWxMaConfig().getMsgDataFormat(),


                WxMaConstants.MsgDataFormat.JSON);


 


        if (StringUtils.isBlank(encType)) {


            // 明文传输的消息


            WxMaMessage inMessage;


            if (isJson) {


                inMessage = WxMaMessage.fromJson(requestBody);


            } else {//xml


                inMessage = WxMaMessage.fromXml(requestBody);


            }


 


            this.wxService.route(inMessage);


            return "success";


        }


 


        if ("aes".equals(encType)) {


            // 是aes加密的消息


            WxMaMessage inMessage;


            if (isJson) {


                inMessage = WxMaMessage.fromEncryptedJson(requestBody, this.wxService.getWxMaConfig());


            } else {//xml


                inMessage = WxMaMessage.fromEncryptedXml(requestBody, this.wxService.getWxMaConfig(),


                        timestamp, nonce, msgSignature);


            }


 


            this.wxService.route(inMessage);


            return "success";


        }


 


        throw new RuntimeException("不可识别的加密类型:" + encType);


    }


 


    protected WeixinMaService getWxService() {


        return this.wxService;


    }


}


/**


 * -------------------_ooOoo_-------------------


 * ------------------o8888888o------------------


 * ------------------88" . "88------------------


 * ------------------(| -_- |)------------------


 * ------------------O\  =  /O------------------


 * ---------------____/`---'\____---------------


 * -------------.'  \\|     |//  `.-------------


 * ------------/  \\|||  :  |||//  \------------


 * -----------/  _||||| -:- |||||-  \-----------


 * -----------|   | \\\  -  /// |   |-----------


 * -----------| \_|  ''\---/''  |   |-----------


 * -----------\  .-\__  `-`  ___/-. /-----------


 * ---------___`. .'  /--.--\  `. . __----------


 * ------."" '<  `.___\_<|>_/___.'  >'"".-------


 * -----| | :  `- \`.;`\ _ /`;.`/ - ` : | |-----


 * -----\  \ `-.   \_ __\ /__ _/   .-` /  /-----


 * ======`-.____`-.___\_____/___.-`____.-'======


 * -------------------`=---='


 * ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^


 * ---------佛祖保佑---hugeinfo---永无BUG----------


 */