Resolution of token validation failure

Token validation failed public platform Development token check failed URL token
Original http://www.cnblogs.com/txw1958/p/token-verify.html

Resolution of token validation failure

first, the origin of the problem
When using the URL and token to enable the public Platform Development Mode message interface, we will encounter the following three scenarios

1. Token check failed

Look back and check that the configuration is correct. If you are sure that the configuration is not a problem, check the following method

2. Request URL Timeout

Your server in a foreign country, or the server speed does not give force, generally more than a few times can be. If this is often the case, you need to consider replacing the server

3. Successful Submission

Congratulations, the configuration was successful.

Let's explain the first reason and how to solve it.

Second, the problem analysis

The first thing to understand is what is the URL and token, here, the URL is placed the interface program URL, this URL is generally your own server or space address. You own a directory in this space already has the interface program, you know this interface program on the Internet access address is what. Token is a token, which is a string of numbers or letters that is used for authentication when the server communicates with your server. Prevent illegal data from messing up.

And then you need to understand why the development model uses URLs and tokens, and uses URLs to allow the server to communicate with your server for the purpose of automatic replies in development mode. To achieve this communication, there must be a corresponding program for you to complete this function, and this program must have been developed and placed under the URL path, when you fill out the URL and token, the server will be with your server under the program of the authentication process, Authentication by indicating that this server is yours and that the program is not a problem. Otherwise you fill in a nonexistent URL or URL below a no corresponding interface function, it is not possible to pass.

You can use the following test first

URL: http://discuz.comli.com/test.php
Token: weixin
Message encryption Method: Clear Text mode

Third, problem solving

1. Technical Analysis method

This time we added a way to track HTTP records in our code to see if our own server had received a request without a response, or had not sent a request at all.
By invoking the system environment variable $_server, you can view the information for the HTTP request, two of which are important

Add it to the code above and write it to a local file, all the code

<?Php/*Double Studio Http://www.cnblogs.com/txw1958/CopyRight www.doucube.com All rights Reserved*/Tracehttp ();Define ("TOKEN", "Weixin");$WECHATOBJ =NewWechatcallbackapitest ();if (Isset$_get[' Echostr '])) {$wechatObjValid ();}Else{$wechatObjResponsemsg ();}Classwechatcallbackapitest{PublicfunctionValid () {$ECHOSTR =$_get["Echostr"];If$thisChecksignature ()) {Echo$echoStr;Exit; } }PrivatefunctionChecksignature () {$signature =$_get["Signature"];$timestamp =$_get["Timestamp"];$nonce =$_get["Nonce"];$token =TOKEN;$TMPARR =Array$token,$timestamp,$nonce);Sort$tmpArr);$TMPSTR =Implode ($tmpArr);$TMPSTR =SHA1 ($tmpStr);If$TMPSTR = =$signature){ReturnTrue; }Else{ReturnFalse; } }PublicfunctionResponsemsg () {$POSTSTR =$GLOBALS ["Http_raw_post_data"];if (!Empty$postStr)){$POSTOBJ =Simplexml_load_string ($POSTSTR, ' simplexmlelement ',Libxml_nocdata);$fromUsername =$postObjFromusername;$toUsername =$postObjTousername;$keyword =Trim$postObjContent);$time =Time();$TEXTTPL = "<xml> <tousername><! [cdata[%s]]></tousername> <fromusername><! [cdata[%s]]></fromusername> <CreateTime>%s</CreateTime> <msgtype><! [cdata[%s]]></msgtype> <content><! [cdata[%s]]></content> <FuncFlag>0</FuncFlag> </xml> ";If$keyword = = "?" | |$keyword = = "? ") {$msgType = "Text";$CONTENTSTR =Date ("Y-m-d h:i:s",Time());$RESULTSTR =sprintf$TEXTTPL,$fromUsername,$toUsername,$time,$msgType,$contentStr);Echo$resultStr; } }Else{echo "";Exit; } }}functionTracehttp () {Logger ("\N\NREMOTE_ADDR:").$_server["REMOTE_ADDR"]. (Strstr$_server["REMOTE_ADDR"], ' 101.226 ')? "From Weixin": "Unknown IP")); Logger ("Query_string:".$_server["Query_string"]);}function Logger ($log _content){IfIsset$_server[' Http_appname ')) {//SAE Sae_set_display_errors (False); Sae_debug ($log _content); Sae_set_display_errors (True); }else{//local  $max _size = 500000  $log _filename = "Log.xml" if (file_exists ( $log _ FileName) and (abs (filesize (  $log _filename)) >  $max _size)) {unlink (  $log _filenamefile_put_contents ( $log _filename, date (' y-m-d h:i:s ').  $log _content. " \ r \ n ",  File_append); }}?>                

Thus, when we commit, we generate a log.html file in the current directory
Open the completed URL directly in the browser and write the file once.

To open the url+log.html path directly in the browser, my record is as follows:

2013-01-30 10:15:18 2013-01-30 10:15:18 remote_addr:212.179.24.103  Unknown ip2013-01-30 10:15:18 Query_string:

Click Submit once, then generate the record once, as follows:

2013-01-30 10:15:49 2013-01-30 10:15:49 remote_addr:101.226.89.83weixin2013-01-30 10:15:49 query_string:signature=eded789463180edf6c13691398d0cb4c85fb0e23&echostr=5838479218127813673xtamp= 1359100969&nonce=1359376876

From the above can be seen, this time IP from 101.226.89.83, yes IP, I add this IP to the code to judge

Now you can detect your problem according to the following

If no log is generated:

That is, the server is not connected to you, you need to check whether the server can be accessed through the public network, the URL path exists and is correct.

If a log is generated:

If you generate logs, have REMOTE_ADDR and query_string, see if the IP is from Shanghai (currently the server is deployed in Shanghai Telecom engine room, several faults are said to be caused by Shanghai digging road), to see if the query_string format is similar to that described in the official guide, If this is not a problem, check that token is filled in with the program, and then check the program for problems.

Resolution of token validation failure