在微信公众号开发的其中一个步骤是微信服务器调用我们自己的网站验证身份,这一步微信服务器会传递过来4个参数,可是按照官方的写法,却无法验证通过,下面是官方的验证方法:
import hashlib import web class Handle(object): def GET(self): try: data = web.input() if len(data) == 0: return "hello, this is handle view" signature = data.signature timestamp = data.timestamp nonce = data.nonce echostr = data.echostr token = "xxxx" #请按照公众平台官网\基本配置中信息填写 list = [token, timestamp, nonce] list.sort() sha1 = hashlib.sha1() map(sha1.update, list) hashcode = sha1.hexdigest() print "handle/GET func: hashcode, signature: ", hashcode, signature if hashcode == signature: return echostr else: return "" except Exception, Argument: return Argument
网上有网友写的专门的模块,经过实际验证可行,现将这部分的代码单独抽取如下:
@http.route(‘/wechat_public_account_auth/validate‘, type=‘http‘, auth="none", methods=["GET"]) def validate_auth(self, signature, timestamp, nonce, echostr, **kw): token = "guoodoo" # 请按照公众平台官网\基本配置中信息填写 list = [token, timestamp, nonce] list_data = [] for data in list: list_data.append(self.to_binary(data)) list_data.sort() _delimiter = self.to_binary(b‘‘) str_to_sign = _delimiter.join(list_data) hashcode = hashlib.sha1(str_to_sign).hexdigest() if hashcode == signature: return echostr else: return "" def to_binary(self, value, encoding=‘utf-8‘): """Convert value to binary string, default encoding is utf-8 :param value: Value to be converted :param encoding: Desired encoding """ if not value: return b‘‘ if isinstance(value, six.binary_type): return value if isinstance(value, six.text_type): return value.encode(encoding) return self.to_text(value).encode(encoding) def to_text(self, value, encoding=‘utf-8‘): """Convert value to unicode, default encoding is utf-8 :param value: Value to be converted :param encoding: Desired encoding """ if not value: return ‘‘ if isinstance(value, six.text_type): return value if isinstance(value, six.binary_type): return value.decode(encoding) return six.text_type(value)
经过比较发现,主要的不同是对token,timestap,nonce字符串进行了编码,代码写好之后,在微信公众平台上填写相关信息进行测试,如下图所示.
全部源代码可以访问这个地址
如果通过,微信开放平台会记录下我们的信息,如果失败无法保存。