java WeChat official account access

Posted by yddib on Sun, 15 Mar 2020 10:00:34 +0100

a. WeChat official account

1. It is divided into service number, subscription number, applet and enterprise wechat;
2. when users send messages to WeChat official account, they send the message to WeChat server.
The administrator of the official account saves the specified rules on the management platform to the WeChat server.
WeChat server will interact with the rules area and official account according to the established rules.
3. When you develop your own program, you want the wechat server not to process the request,
Instead, we push the request to our own program to process it,
Then return the result to wechat service, which will return the result to the user;

b. Construction of development environment
1. The developed program can be accessed directly through the browser on your own computer;
There is no way to access another computer. We can connect these computers
To the same LAN, and then through ip access;
2. Other people on the Internet can't see the program we developed, so they start to send the program to the cloud server;
In the process of development, we need to connect the program with wechat server,
If wechat server can't find our program, there's no way to connect, so when developing,
We first need to do intranet penetration;
3. For the purpose of Intranet penetration, our project can be accessed by other computers on the Internet;
Intranet penetration software: peanut shell, nat123, ngrok (free, not very stable)
Principle of internal network penetration:
1. Download and register account;
2. Tunnel opening
Protocol: http
Name: write casually;
Front domain name: write freely;
Local port: localhost: 80 (local project access port)
Others do not need to be filled in;
3. Copy the tunnel id and start the ngrok client;

c. Development access
1. Development access preparation
a. login official account of WeChat public platform (need to modify Development).
b. Many functions under personal account cannot be used. Wechat provides application for test account
( - > service number –, development document –, start development –, interface test number application);
c. To access wechat public platform development, developers need to complete the following steps:
1. Fill in server configuration
2. Verify the validity of the server address
3. Implement business logic according to interface documents
2.url + project name + method name of url intranet penetration
token: need to be consistent with the code;

Related code

public String index(HttpServletRequest request) {	
    String signature = request.getParameter("signature");
    String timestamp = request.getParameter("timestamp");
    String nonce = request.getParameter("nonce");
    String echostr = request.getParameter("echostr");
    if(check(timestamp,nonce,signature,TOKEN)) {
    	 System.out.println("Access success");
    }else {
    	 System.out.println("Access failure");
	return "index";
 * Calibration parameter
 * @param timestamp
 * @param nonce
 * @param signature
 * @param token
 * @return
private boolean check(String timestamp, String nonce, String signature,String token) {
	//1. Sort the token, timestamp and nonce in dictionary order   
	  String [] str = {token,timestamp,nonce};
	  //2) Concatenate three parameter strings into a string for sha1 encryption 
	  String strs = str[0]+str[1]+str[2];
	  String mysig= sha1(strs);
	  //3) The encrypted string obtained by the developer can be compared with signature to identify that the request originates from wechat
	 return mysig.equals(signature);

private String sha1(String strs) {
	// TODO Auto-generated method stub
	try {
		//Get encrypted object
		MessageDigest md = MessageDigest.getInstance("sha1");
		//Encryption processing
	    byte[] digest = md.digest(strs.getBytes());
	    //Process encrypted results
	    char [] chars = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
	    StringBuilder sb = new StringBuilder();
	    for (byte b : digest) {
	    return sb.toString();
	} catch (NoSuchAlgorithmException e) {
		// TODO Auto-generated catch block
	return null;


Published 194 original articles, won praise 11, visited 50000+
Private letter follow

Topics: SHA1 shell network