1, Verify URL validity

Official website documents: https://developer.work.weixin.qq.com/document/path/90238

1. Read the document

When you click "save" to submit the above information, the enterprise wechat will send a verification message to the filled in URL, and the request method is GET.
After the receiving message server of the enterprise receives the authentication request, it needs to make a correct response to pass the URL authentication

2. Document analysis

As can be seen from the document, we will apply the URL configured during the service period of receiving messages in the management configuration, and the enterprise wechat will send a get request with four parameters (msg_signature, timestamp, nonce and echostr) to verify the validity of the URL

3. Description of encryption and decryption scheme

Click to enter Encryption and decryption scheme description

4. Download encryption and decryption algorithm

In view of the complexity of the encryption and decryption algorithm, the enterprise wechat provides an algorithm library. At present, there are c++/python/php/java/golang/c# and other language versions. Both provide three interfaces: decryption, encryption and URL verification, which can be downloaded by enterprises according to their own needs Download address

5. Case analysis

Open readme txt

matters needing attention
1.com\qq\weixin\mp\aes The directory is the interface required by users to access enterprise wechat, where WXBizMsgCrypt.java Documents provided WXBizMsgCrypt Class encapsulates three interfaces for users to access enterprise wechat. Other class files are used by users to realize encryption and decryption, and users do not need to care. sample.java The file provides an example of the use of the interface.
2.WXBizMsgCrypt Encapsulated VerifyURL, DecryptMsg, EncryptMsg Three interfaces are respectively used for developer verification callback url，Decryption of received user reply message and encryption process of developer reply message. Use method can refer to Sample.java Documents.
3.For the encryption and decryption protocol, please refer to the official document of enterprise wechat.
4.Please developers use jdk1.6 Version above. in the light of org.apache.commons.codec.binary.Base64，Need to import rack package commons-codec-1.9(or commons-codec-1.8 And other versions), we provide it, and the official download address is: http://commons.apache.org/proper/commons-codec/download_codec.cgi

****Please pay special attention******
5.abnormal java.security.InvalidKeyException:illegal Key Size Solutions:
Download on the official website JCE Unrestricted permission policy file( JDK7 Download address:
http://www.oracle. com/technetwork/java/javase/downloads/jce-7-download-432124. After downloading HTML, unzip it and you can see local_policy.jar and US_export_policy.jar and readme txt.  If JRE is installed, put two jar files in% JRE_ Overwrite the original file in the home% \ lib \ security directory. If JDK is installed, put the two jar files into% JDK_ Overwrite the original file in the home% \ JRE \ lib \ security directory

From readme Txt file contents are analyzed as follows:
1.com\qq\weixin\mp\aes directory provides some encryption and decryption tool classes
2.WXBizMsgCrypt is used to call back the url, decrypt the received user reply message and encrypt the developer reply message. Sample.java file is the case code
3. Dependence of commons-codec-1.9

2, Actual combat integration

2.1. Tool copy

Copy the tool classes in the directory of com\qq\weixin\mp\aes to the project's com gblfy. qywxinner. Under the qywxdecode package

2.2. Dependency introduction

In the POM of the project Introducing commons codec dependency into XML file

2.3. Case 1 integration

At project com gblfy. qywxinner. Add the callback method to the MessageController class under the controller package, and set the sample Copy the code of case 1 in the Java class, and replace the configuration information of sToken, sCorpID and sEncodingAESKey with their own

2.4. Parameter processing

Because the enterprise wechat will carry four parameters (msg_signature, timestamp, nonce and echostr) to request the address of our configuration to verify the validity of the url( http://4663588nl3.zicp.vip/message/callback )Therefore, we need to receive the parameters sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce and sVerifyEchoStr transmitted from the enterprise wechat from the callback method
The writing method is shown in the figure

2.5. Restart project

slightly

2.6. Verify URL validity

Then, do the following to save again

2.7. verification

Click Save opportunity to request the url address of our configuration, enter our callback method, perform encryption and decryption, and then return.

3, Message receiving and processing

3.1. Document reading

Receive parameters and replies from enterprise wechat
The request mode is POST, with the same address( http://4663588nl3.zicp.vip/message/callback )

3.2. Case 2 copy

At project com gblfy. qywxinner. Add the callbackData method to the MessageController class under the controller package, and set the sample Copy the code of case 2 in the Java class and replace the configuration information of sToken, sCorpID and sEncodingAESKey with their own

3.3. Parameter processing

Because the enterprise wechat will carry four parameters (msg_signature, timestamp, nonce) to request the address of our configuration to verify the validity of the url( http://4663588nl3.zicp.vip/message/callback )Therefore, we need to receive the parameters sverifymsgsig, sreqtimestamp, sreqnonce and sRespData from the enterprise wechat from the callback method, where sRespData is our message body
The writing method is shown in the figure

3.4. Restart project

slightly

3.5. send message

3.6. verification

3.7. Log monitoring

console log

decrypt decrypt Messages pushed by enterprise wechat->sMsg: <xml><ToUserName><![CDATA[wwea98220fdcd8a38d]]></ToUserName><FromUserName><![CDATA[ZeXin]]></FromUserName><CreateTime>1646043916</CreateTime><MsgType><![CDATA[text]]></MsgType><Content><![CDATA[Hello, test enterprise wechat processing messages]]></Content><MsgId>7069704788922636053</MsgId><AgentID>1000002</AgentID></xml>
Content: Hello, test enterprise wechat processing messages
 reply->data: <xml><ToUserName><![CDATA[ZeXin]]></ToUserName><FromUserName><![CDATA[ZeXin]]></FromUserName><CreateTime>1646043916</CreateTime><MsgType><![CDATA[text]]></MsgType><Content><![CDATA[this is a test]]></Content></xml>

3.8. Received reply message

4, Source sharing

4.1. Back end source code

Back end: https://gitee.com/gblfy/qywx-inner-java

4.2. Front end source code

front end: https://gitee.com/gblfy/qywx-vuejs