小程序验证token 2

boman-wechat/src/main/java/com/boman/wechat/controller/PushMsgController.java → boman-wechat/src/main/java/com/boman/wechat/controller/CheckPushMsgAuthController.java

@@ -21,16 +21,16 @@ import static com.boman.wechat.utils.CheckAuthUtils.*;
  * @author zhong.h
  */
 @RestController
-@RequestMapping("/push/msg")
-public class PushMsgController {
+@RequestMapping("/check/auth")
+public class CheckPushMsgAuthController {
 
-    private static final Logger LOGGER = LoggerFactory.getLogger(PushMsgController.class);
+    private static final Logger LOGGER = LoggerFactory.getLogger(CheckPushMsgAuthController.class);
 
     @Autowired
     private WxPushService wxPushService;
 
     @GetMapping
-    public void pushMsg(HttpServletRequest request, HttpServletResponse response) {
+    public String pushMsg(HttpServletRequest request, HttpServletResponse response) {
         // 微信加密签名，signature结合了开发者填写的token参数和请求中的timestamp参数、nonce参数。
         String signature = request.getParameter(SIGNATURE);
         // 时间戳
@@ -39,21 +39,26 @@ public class PushMsgController {
         String nonce = request.getParameter(NONCE);
         // 随机字符串
         String echostr = request.getParameter(ECHOSTR);
-        LOGGER.info("method: pushMsg, signature: {}, timestamp: {}, nonce: {}, echostr: {}", signature, timestamp, nonce, echostr);
-        PrintWriter out = null;
-        try {
-            out = response.getWriter();
+        String authorization = request.getParameter(AUTHORIZATION);
+        LOGGER.info("接收来自微信的消息, signature: {}, timestamp: {}, nonce: {}, echostr: {}, authorization: {}"
+                , signature, timestamp, nonce, echostr, authorization);
+//        PrintWriter out = null;
+//        try {
+//            out = response.getWriter();
             if (checkSignature(signature, timestamp, nonce)) {
-                out.print(echostr);
-                out.flush();
+//                out.print(echostr);
+//                out.flush();
+                return echostr;
             }
-        } catch (Exception e) {
-            e.printStackTrace();
-        } finally {
-            if (Objects.nonNull(out)) {
-                out.close();
-            }
-        }
+//        } catch (Exception e) {
+//            e.printStackTrace();
+//        } finally {
+//            if (Objects.nonNull(out)) {
+//                out.close();
+//            }
+//        }
+
+        return echostr;
     }
 
     @PostMapping("/pushMsg")

boman-wechat/src/main/java/com/boman/wechat/utils/CheckAuthUtils.java

@@ -7,8 +7,6 @@ import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
 
-import static com.boman.common.core.utils.obj.ObjectUtils.*;
-
 /**
  * @author shiqian
  * @date 2021年08月04日 13:38
@@ -18,7 +16,7 @@ public class CheckAuthUtils {
     private static final Logger LOGGER = LoggerFactory.getLogger(CheckAuthUtils.class);
 
     /** 定义Token 务必与服务器保持一**/
-    private static String AUTHORIZATION = "Authorization";
+    public static String AUTHORIZATION = "Authorization";
 
     public static final String SIGNATURE = "signature";
     public static final String TIMESTAMP = "timestamp";