class Wechat::Callback::MessageSignature
Message Signature 是消息签名类。
Public Class Methods
create(encoded_message, token, timestamp, nonce)
click to toggle source
消息加解密 技术方案 mp.weixin.qq.com/wiki/6/90f7259c0d0739bbb41d9f4c4c8e59a2.html
为了验证消息体的合法性,公众平台新增消息体签名,开发者可用以验证消息体的真实性,并对验证通过的消息体进行解密 msg_signature = sha1(sort(token、timestamp、nonce, encoded_message))
encoded_message 前文描述密文消息体 token 公众平台上,开发者设置的 token timestamp URL上原有参数,时间戳 nonce URL上原有参数,随机数
# File lib/wechat/callback/message_signature.rb, line 19 def self.create(encoded_message, token, timestamp, nonce) assert_present! :encoded_message, encoded_message assert_present! :token, token assert_present! :timestamp, timestamp assert_present! :nonce, nonce Digest::SHA1.hexdigest [ token, timestamp, nonce, encoded_message ].sort.join end