java source code of SignatureCheckKit

Project: jfinal-weixin (GitHub Link)

jfinal-weixin-master
- res
  - ehcache.xml
  - logback.xml
  - a_little_config.txt
- src
  - com
    - jfinal
      - weixin
        jackson.txt
        demo
        WeixinConfig.java
        WeixinPayController.java
        WeixinMsgController.java
        WeixinApiController.java
        sdk
        utils
        JsonUtils.java
        RetryUtils.java
        IOUtils.java
        kit
        MsgEncryptKit.java
        ParaMap.java
        SignatureCheckKit.java
        XmlBuilder.java
        IpKit.java
        PaymentKit.java
        jfinal
        ApiController.java
        MsgControllerAdapter.java
        ApiInterceptor.java
        MsgInterceptor.java
        MsgController.java
        api
        PaymentApi.java
        SnsAccessToken.java
        JsTicketApi.java
        SemanticApi.java
        TemplateData.java
        AccessToken.java
        JsTicket.java
        MessageApi.java
        ShorturlApi.java
        CustomServiceApi.java
        MediaFile.java
        UserApi.java
        DatacubeApi.java
        MenuApi.java
        MenuData.java
        CallbackIpApi.java
        SnsAccessTokenApi.java
        TemplateMsgApi.java
        ApiConfigKit.java
        MediaApi.java
        MediaArticles.java
        QrcodeApi.java
        AccessTokenApi.java
        GroupsApi.java
        ReturnCode.java
        ApiConfig.java
        SnsApi.java
        ApiResult.java
        encrypt
        ByteGroup.java
        WXBizMsgCrypt.java
        必读.txt
        readme.txt
        AesException.java
        PKCS7Encoder.java
        SHA1.java
        XMLParse.java
        cache
        IAccessTokenCache.java
        DefaultAccessTokenCache.java
        RedisAccessTokenCache.java
        msg
        OutMsgXmlBuilder.java
        in
        InShortVideoMsg.java
        InImageMsg.java
        InVideoMsg.java
        InMsg.java
        InTextMsg.java
        event
        InQrCodeEvent.java
        InCustomEvent.java
        InTemplateMsgEvent.java
        InMassEvent.java
        InLocationEvent.java
        InVerifyFailEvent.java
        InVerifySuccessEvent.java
        InFollowEvent.java
        InShakearoundUserShakeEvent.java
        EventInMsg.java
        InMenuEvent.java
        ScanCodeInfo.java
        InLinkMsg.java
        speech_recognition
        InSpeechRecognitionResults.java
        InLocationMsg.java
        InVoiceMsg.java
        InMsgParser.java
        out
        OutMusicMsg.java
        OutMsg.java
        OutTextMsg.java
        News.java
        OutImageMsg.java
        OutVoiceMsg.java
        OutNewsMsg.java
        OutCustomMsg.java
        OutVideoMsg.java
- pom.xml
- LICENSE
- test
  - com
    - jfinal
      - weixin
        sdk
        utils
        GsonTest.java
        api
        JsTicketApiTest.java
        ShorturlApiTest.java
        UserApiTest.java
        TemplateMsgApiTest.java
        PaymentApiTest.java
        GroupsApiTest.java
        MediaApiTest.java
        SemanticApiTest.java
        AccessTokenApiTest.java
        CustomServiceApiTest.java
        QrcodeApiTest.java
        DatacubeApiTest.java
        encrypt
        WXBizMsgCryptTest.java
        Program.java
        msg
        InMsgParserTest.java
        OutMsgXmlBuilderTest.java
        XMLMsgTest.java
- .settings
  - org.eclipse.wst.jsdt.ui.superType.container
  - org.eclipse.wst.jsdt.ui.superType.name
  - org.eclipse.wst.validation.prefs
  - org.eclipse.wst.common.project.facet.core.xml
  - org.eclipse.wst.common.component
  - .jsdtscope
  - org.eclipse.m2e.core.prefs
  - org.eclipse.jdt.core.prefs
  - org.eclipse.core.resources.prefs
- README.md
- Dockerfile
- webapp
  - img
    - images.txt
  - _back
    - 后端.txt
  - jsp
    - test.jsp
    - pay.jsp
    - js_sdk.jsp
  - WEB-INF
    - web.xml
  - js
    - js.txt
  - css
    - css.txt
  - _front
    - common
      - common.txt
    - 前端.txt
- .gitignore
- ssh
  - run.sh
  - set_root_pw.sh

/**
 * Copyright (c) 2011-2014, James Zhan 詹波 ([email protected]).
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 */

package com.jfinal.weixin.sdk.kit;

import java.util.Arrays;
import com.jfinal.core.Controller;
import com.jfinal.kit.HashKit;
import com.jfinal.weixin.sdk.api.ApiConfigKit;

/**
 * 测试用的账号：
 * appID = wx9803d1188fa5fbda
 * appsecret = db859c968763c582794e7c3d003c3d87
 * url = http://www.jfinal.com/weixin
 * token = __my__token__
 */
public class SignatureCheckKit {
	
	public static final SignatureCheckKit me = new SignatureCheckKit();
	
	/**
	 * php 示例
	 *  $signature = $_GET["signature"];
        $timestamp = $_GET["timestamp"];
        $nonce = $_GET["nonce"];	
        		
		$token = TOKEN;
		$tmpArr = array($token, $timestamp, $nonce);
		sort($tmpArr, SORT_STRING);
		$tmpStr = implode( $tmpArr );
		$tmpStr = sha1( $tmpStr );
		
		if( $tmpStr == $signature ){
			return true;
		}else{
			return false;
		}
	 * @return
	 */
	public boolean checkSignature(String signature, String timestamp, String nonce) {
		String TOKEN = ApiConfigKit.getApiConfig().getToken();
		String array[] = {TOKEN, timestamp, nonce};
		Arrays.sort(array);
		String tempStr = new StringBuilder().append(array[0] + array[1] + array[2]).toString();
		tempStr = HashKit.sha1(tempStr);
		return tempStr.equalsIgnoreCase(signature);
	}
	
	public boolean checkSignature(Controller c) {
        return checkSignature(c.getPara("signature"), c.getPara("timestamp"), c.getPara("nonce"));
	}
}