up

weixin4j-example/src/main/java/com/foxinmy/weixin4j/example/server/handler/HelloMessageHandler.java

@@ -3,7 +3,6 @@ package com.foxinmy.weixin4j.example.server.handler;
 import org.springframework.stereotype.Component;
 
 import com.foxinmy.weixin4j.exception.WeixinException;
-import com.foxinmy.weixin4j.handler.MessageHandlerAdapter;
 import com.foxinmy.weixin4j.message.TextMessage;
 import com.foxinmy.weixin4j.request.WeixinRequest;
 import com.foxinmy.weixin4j.response.TextResponse;
@@ -19,7 +18,7 @@ import com.foxinmy.weixin4j.response.WeixinResponse;
  * @see
  */
 @Component
-public class HelloMessageHandler extends MessageHandlerAdapter<TextMessage> {
+public class HelloMessageHandler extends TextMessageHandler {
 
 	@Override
 	public boolean canHandle0(WeixinRequest request, TextMessage message)
@@ -45,6 +44,6 @@ public class HelloMessageHandler extends MessageHandlerAdapter<TextMessage> {
 	 */
 	@Override
 	public int weight() {
-		return 2;
+		return super.weight() + 1;
 	}
 }

weixin4j-server/src/main/java/com/foxinmy/weixin4j/socket/WeixinRequestHandler.java

@@ -57,6 +57,7 @@ public class WeixinRequestHandler extends
 	protected void channelRead0(ChannelHandlerContext ctx, WeixinRequest request)
 			throws WeixinException {
 		AesToken aesToken = request.getAesToken();
+		// 消息字段不完整返回400
 		if (aesToken == null
 				|| (ServerToolkits.isBlank(request.getSignature()) && ServerToolkits
 						.isBlank(request.getMsgSignature()))) {
@@ -67,28 +68,32 @@ public class WeixinRequestHandler extends
 		/**
 		 * 公众平台:无论Get,Post都带signature参数,当开启aes模式时带msg_signature参数
 		 * 企业号:无论Get,Post都带msg_signature参数
+		 * 一般来说：signature验证url上的参数签名，msg_signature验证消息体签名
 		 **/
 		if (request.getMethod() == HttpMethod.GET) {
+			// 服务器URL验证
 			if (!ServerToolkits.isBlank(request.getSignature())
 					&& MessageUtil.signature(aesToken.getToken(),
 							request.getTimeStamp(), request.getNonce()).equals(
 							request.getSignature())) {
-				ctx.write(new SingleResponse(request.getEchoStr()));
+				ctx.writeAndFlush(new SingleResponse(request.getEchoStr()));
 				return;
 			}
+			// 消息签名验证
 			if (!ServerToolkits.isBlank(request.getMsgSignature())
 					&& MessageUtil.signature(aesToken.getToken(),
 							request.getTimeStamp(), request.getNonce(),
 							request.getEchoStr()).equals(
 							request.getMsgSignature())) {
-				ctx.write(new SingleResponse(MessageUtil.aesDecrypt(null,
-						aesToken.getAesKey(), request.getEchoStr())));
+				ctx.writeAndFlush(new SingleResponse(MessageUtil.aesDecrypt(
+						null, aesToken.getAesKey(), request.getEchoStr())));
 				return;
 			}
 			ctx.writeAndFlush(resolveResponse(FORBIDDEN, request)).addListener(
 					ChannelFutureListener.CLOSE);
 			return;
 		} else if (request.getMethod() == HttpMethod.POST) {
+			// 加密模式下消息签名验证
 			if (!ServerToolkits.isBlank(request.getSignature())
 					&& !MessageUtil.signature(aesToken.getToken(),
 							request.getTimeStamp(), request.getNonce()).equals(
@@ -97,6 +102,7 @@ public class WeixinRequestHandler extends
 						.addListener(ChannelFutureListener.CLOSE);
 				return;
 			}
+			// 明文模式下消息签名验证
 			if (request.getEncryptType() == EncryptType.AES
 					&& !MessageUtil.signature(aesToken.getToken(),
 							request.getTimeStamp(), request.getNonce(),
@@ -107,6 +113,7 @@ public class WeixinRequestHandler extends
 				return;
 			}
 		} else {
+			// 访问其它URL
 			ctx.writeAndFlush(resolveResponse(METHOD_NOT_ALLOWED, request))
 					.addListener(ChannelFutureListener.CLOSE);
 			return;