您好,登錄后才能下訂單哦!
本篇內(nèi)容主要講解“java中怎么實現(xiàn)token服務(wù)器驗證”,感興趣的朋友不妨來看看。本文介紹的方法操作簡單快捷,實用性強。下面就讓小編來帶大家學(xué)習(xí)“java中怎么實現(xiàn)token服務(wù)器驗證”吧!
import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; @WebServlet("/wx") public class WeixinServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String signature = req.getParameter("signature"); // 微信加密簽名 String timestamp = req.getParameter("timestamp"); // 時間戳 String nonce = req.getParameter("nonce"); // 隨機數(shù) String echostr = req.getParameter("echostr"); // 隨機字符串 PrintWriter out = resp.getWriter(); if (CheckUtil.checkSignature(signature, timestamp, nonce)) { out.print(echostr); } } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) { } }
CheckUtil中進行sha-1加密,對比和signature是否相同
import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Arrays; /** * 微信公眾號進行服務(wù)器校驗檢查token方法 */ @Slf4j public class CheckUtil { // 與接口配置信息中的Token要一致 private static String token = "Token"; //校驗簽名 public static boolean checkSignature(String signature, String timestamp, String nonce) { log.info("signature:" + signature + "timestamp:" + timestamp + "nonc:" + nonce); System.out.println("signature:" + signature + "timestamp:" + timestamp + "nonc:" + nonce); // 將token、timestamp、nonce三個參數(shù)進行字典序排序 String[] arr = new String[]{token, timestamp, nonce}; Arrays.sort(arr); StringBuilder content = new StringBuilder(); for (String s : arr) { content.append(s); } MessageDigest md = null; String tmpStr = null; try { md = MessageDigest.getInstance("SHA-1"); // 將三個參數(shù)字符串拼接成一個字符串進行sha1加密 byte[] digest = md.digest(content.toString().getBytes()); tmpStr = CheckUtil.byteToStr(digest); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); log.error("sha-1加密發(fā)生錯誤:" + Arrays.toString(e.getStackTrace())); } content = null; // 將sha1加密后的字符串可與signature對比,標(biāo)識該請求來源于微信 String msg = "本次校驗的結(jié)果是:" + tmpStr.equals(signature.toUpperCase()); log.info(msg); return tmpStr != null ? tmpStr.equals(signature.toUpperCase()) : false; } /** * 將字節(jié)數(shù)組轉(zhuǎn)換為十六進制字符串 * * @param byteArray * @return */ private static String byteToStr(byte[] byteArray) { String strDigest = ""; for (int i = 0; i < byteArray.length; i++) { strDigest += CheckUtil.byteToHexStr(byteArray[i]); } return strDigest; } /** * 將字節(jié)轉(zhuǎn)換為十六進制字符串 * * @param mByte * @return */ private static String byteToHexStr(byte mByte) { char[] Digit = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'}; char[] tempArr = new char[2]; tempArr[0] = Digit[(mByte >>> 4) & 0X0F]; tempArr[1] = Digit[mByte & 0X0F]; String s = new String(tempArr); return s; } }
到此,相信大家對“java中怎么實現(xiàn)token服務(wù)器驗證”有了更深的了解,不妨來實際操作一番吧!這里是億速云網(wǎng)站,更多相關(guān)內(nèi)容可以進入相關(guān)頻道進行查詢,關(guān)注我們,繼續(xù)學(xué)習(xí)!
免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點不代表本網(wǎng)站立場,如果涉及侵權(quán)請聯(lián)系站長郵箱:is@yisu.com進行舉報,并提供相關(guān)證據(jù),一經(jīng)查實,將立刻刪除涉嫌侵權(quán)內(nèi)容。