我看了下demo中是这样的

String signature = request.getParameter("signature");

String nonce = request.getParameter("nonce");

String timestamp = request.getParameter("timestamp");

...

WxMpXmlMessage inMessage = WxMpXmlMessage.fromEncryptedXml(

request.getInputStream(), this.configStorage, timestamp, nonce,

msgSignature);

我们项目上的

public static void handleCallbackMessage(

HttpServletRequest req, HttpServletResponse resp, MpAppCallbackMessageHandler[] handlers) throws IOException{

String msgSignature = req.getParameter("signature");

String timestamp = req.getParameter("timestamp");

String nonce = req.getParameter("nonce");

String echostr = req.getParameter("echostr");

log.info("进入回调信息处理: signature={}, timestamp={}, nonce={}, echostr={}",

msgSignature, timestamp, nonce, echostr);

String respTxt;

if (StringUtils.isNotBlank(echostr)){

respTxt = callbackAppValidate(req, msgSignature, timestamp, nonce, echostr);

}else{

InputStream in = req.getInputStream();

if (null==handlers){

handlers = new MpAppCallbackMessageHandler[]{};

}

respTxt = callbackAppMessageHandle(req, msgSignature, timestamp, nonce, in, handlers);

}

resp.getWriter().println(respTxt);

log.info("回调处理完成: "+respTxt);

}

private static String callbackAppMessageHandle(HttpServletRequest req, String msgSignature, String timestamp,

String nonce, InputStream inputStream, MpAppCallbackMessageHandler[] handlers) throws IOException {

if (handlers.length <= 0) {

return "";

}

WxMpConfigStorage config = getWxMpConfig(req);

WxMpService wxMpService = getWxMpService(req);

WxMpMessageRouter wxMpMessageRouter = new WxMpMessageRouter(wxMpService);

WxMpMessageRouterRule rule = null;

for (int i = 0; i < handlers.length; i++) {

MpAppCallbackMessageHandler h = handlers[i];

if (null == rule) {

rule = wxMpMessageRouter.rule();

}

h.defineHandler(rule, config);

rule = rule.end().rule();

}

String encryptType = StringUtils.isBlank(req.getParameter("encrypt_type"))

? "raw"

: req.getParameter("encrypt_type");

WxMpXmlMessage inMessage = null;

if ("raw".equals(encryptType)) {

inMessage = WxMpXmlMessage.fromEncryptedXml(inputStream, config, timestamp, nonce, msgSignature);

} else if ("aes".equals(encryptType)) {

inMessage = WxMpXmlMessage.fromXml(inputStream);

}

if(null == inMessage){

throw new RuntimeException("加密模式["+encryptType+"]不支持!");

}

log.info("Income message: " + inMessage);

WxMpXmlOutMessage outMessage = wxMpMessageRouter.route(inMessage);

if (outMessage != null) {

if ("raw".equals(encryptType)) {

return outMessage.toEncryptedXml(config);

} else if ("aes".equals(encryptType)) {

return outMessage.toXml();

}else{

return "";

}

} else {

return "";

}

}

用得都是me.chanjar.weixin.mp.bean.message.WxMpXmlMessage.fromEncryptedXml(InputStream, WxMpConfigStorage, String, String, String)

然后问题就出在,从微信端拿到的msgSignature,从结算结果来看,应该是

SHA1.gen(this.token, timeStamp, nonce)的结果,而不是 SHA1.gen(this.token, timeStamp, nonce, cipherText)

Logo
魔乐社区

魔乐社区(Modelers.cn) 是一个中立、公益的人工智能社区,提供人工智能工具、模型、数据的托管、展示与应用协同服务,为人工智能开发及爱好者搭建开放的学习交流平台。社区通过理事会方式运作,由全产业链共同建设、共同运营、共同享有,推动国产AI生态繁荣发展。

更多推荐

cover

替你试过了,消费级显卡可以跑的开源文生图SOTA模型,顶级渲染、高密度文本绘图

avatar 魔乐社区
cover

量化挑战赛冠军专访:4小时啃下W4A8量化,我靠的是这些经验

avatar 魔乐社区

小参数・大码力・易部署 | Qwen3.6-27B上线魔乐社区,基于昇腾的部署教程来了

继一周前模型开源发布后,千问再度开源Qwen3.6-27B —— 一个拥有270亿参数的稠密多模态模型,也是社区呼声最高的模型规格。Qwen3.6-27B 依然支持多模态思考与非思考模式,在智能体编程方面达到了旗舰级表现,全面超越前代开源旗舰 Qwen3.5-397B-A17B(总参数397B / 激活参数17B的MoE模型)。作为稠密架构,它无需MoE路由即可部署,是开发者在实用、可广泛部署规模

avatar 魔乐社区