token效验失败什么原因?
发布于 7 年前 作者 dongjuan 2537 次浏览 来自 问答

token效验失败什么原因?

1 回复

token校验失败,就是校验失败,字面意思。

[@RestController](/user/RestController)
[@RequestMapping](/user/RequestMapping)("/hello")
public class AuthController {

    @GetMapping(produces = MediaType.TEXT_PLAIN_VALUE)
    public String authGet(
            @RequestParam(name = "signature", required = false) String signature,
            @RequestParam(name = "timestamp", required = false) String timestamp,
            @RequestParam(name = "nonce", required = false) String nonce,
            @RequestParam(name = "echostr", required = false) String echostr) {
        if (this.checkSignature(timestamp, nonce, signature)) {
            return echostr;
        }
        return "非法请求";
    }

    @PostMapping(produces = MediaType.APPLICATION_XML_VALUE)
    public String post(
            @RequestBody String requestBody,
            @RequestParam(name = "msg_signature", required = false) String msgSignature,
            @RequestParam(name = "encrypt_type", required = false) String encryptType,
            @RequestParam(name = "signature", required = false) String signature,
            @RequestParam("timestamp") String timestamp,
            @RequestParam("nonce") String nonce) throws Exception {
        if (!this.checkSignature(timestamp, nonce, signature)) {
            return "";
        }
        return "success";
    }

    private boolean checkSignature(String timestamp, String nonce, String signature) {
        String token = "hello";
        String[] arr = {token, timestamp, nonce};
        Arrays.sort(arr);
        StringBuilder stringBuilder = new StringBuilder();
        for (String a : arr) {
            stringBuilder.append(a);
        }
        return DigestUtils.sha1Hex(stringBuilder.toString()).equals(signature);
    }

}
回到顶部