Current location - Quotes Website - Signature design - Help Java——JSP connect with WeChat public platform.
Help Java——JSP connect with WeChat public platform.
ya 178:

Isn't it said on the open platform that the sent parameters should be sorted, encrypted and compared? You didn't do it!

You see:

Website visit

After the public platform user submits the information, the WeChat server will send a GET request to the filled URL with four parameters:

-

Parameter description

Signature wechat encrypted signature

Time stamp time stamp

Random number random number

Echostr random string

-

The developer verifies the request by verifying the signature (there are verification methods below). If it is confirmed that the GET request comes from WeChat server, please return the echostr parameter content as it is, and the access will take effect, otherwise the access will fail.

Signature combines token parameters filled by developers with timestamp parameters and nonce parameters in the request.

-

Encryption/authentication process:

1. Sort the token, timestamp and nonce in dictionary order.

2. Splicing three parameter strings into one string for sha 1 encryption.

3. The encrypted string obtained by the developer can be compared with the signature, indicating that the request is from WeChat.