微信官方文档
developers.weixin.qq.com/doc/offiacc…
准备工作
公众测试账号获取
设置 "网页授权获取用户基本信息"
需要参数
APPID: XXXXXXX
APPSECRET: XXX
backUrl: xxxx.cn #授权回调页面域名
开始
yml添加配置
# 微信授权登录
weChat:
APPID: XXXXXXX
APPSECRET: XXX
backUrl: http://xxxx.cn #授权回调页面域名
backApi: /wechat/callBack #网页授权回调接口
WXAuthUtil
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.util.EntityUtils;
import java.io.IOException;
/**
* @author :admin
* @date :Created in 2019/6/27 20:17
* @Time: 20:17
* @description:公用网络请求工具类-微信
* @modified By:
* @version: 1.0$
*/
public class WXAuthUtil {
public static JSONObject doGetJson(String url) throws ClientProtocolException, IOException {
JSONObject jsonObject = null;
DefaultHttpClient client = new DefaultHttpClient();
HttpGet httpGet = new HttpGet(url);
HttpResponse response = client.execute(httpGet);
HttpEntity entity = response.getEntity();
if (entity != null) {
// 把返回的结果转换为JSON对象
String result = EntityUtils.toString(entity, "UTF-8");
jsonObject = JSON.parseObject(result);
}
return jsonObject;
}
}
import com.alibaba.fastjson.JSONObject;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URLEncoder;
import java.text.ParseException;
/**
* @author :admin
* @date :Created in 2019/6/27 20:20
* @Time: 20:20
* @description:微信登录的实现类
* @modified By:
* @version: 1.0$
*/
@Slf4j
@Controller
@RequestMapping("wechat")
@Api(tags="微信授权")
public class WXLoginController {
@Value("${weChat.APPID}")
private String APPID;
@Value("${weChat.APPSECRET}")
private String APPSECRET;
@Value("${weChat.backUrl}")
private String backUrl;//授权域名
@Value("${weChat.backApi}")
private String backApi;//回调接口
/**
* 公众号微信登录授权
* @param request
* @param response
* @param url 回调地址
* @return
* @throws ParseException
*/
@ApiOperation("微信授权信息")
@RequestMapping(value = "/authorization", method = RequestMethod.GET)
public ModelAndView authorization(HttpServletRequest request, HttpServletResponse response, String url) throws ParseException {
log.info("===================wxLogin微信授权成功后回调==========={}" + url);
// 这个url的域名必须要进行再公众号中进行注册验证,这个地址是成功后的回调地址
// 第一步:用户同意授权,获取code
String getCodeUrl = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=" + APPID + "&redirect_uri="
+ URLEncoder.encode(backUrl + backApi + "?surveyId=" + url) + "&response_type=code" + "&scope=snsapi_userinfo"
+ "&state=STATE#wechat_redirect";
url = "redirect:"+ getCodeUrl;
log.info("-----------------------第二步重定向到微信callBack方法---------------------" + url);
return new ModelAndView(url);
}
/**
* 公众号微信登录授权回调函数
* @param request
* @param response
* @param url 回调地址
* @return
* @throws ParseException
*/
@ApiOperation("微信授权信息")
@RequestMapping(value = "/callBack", method = RequestMethod.GET)
public JSONObject callBack(HttpServletRequest request, HttpServletResponse response, String url) throws IOException {
//获取code
String code = request.getParameter("code");
// 第二步:通过code换取网页授权access_token
String getTokenUrl = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=" + APPID + "&secret="
+ APPSECRET + "&code=" + code + "&grant_type=authorization_code";
JSONObject getTokenJson = WXAuthUtil.doGetJson(getTokenUrl);
String openid = getTokenJson.getString("openid");
String access_token = getTokenJson.getString("access_token");
String refresh_token = getTokenJson.getString("refresh_token");
// 第五步验证access_token是否失效;展示都不需要
String vlidTokenUrl = "https://api.weixin.qq.com/sns/auth?access_token=" + access_token + "&openid=" + openid;
JSONObject validTokenJson = WXAuthUtil.doGetJson(vlidTokenUrl);
if (!"0".equals(validTokenJson.getString("errcode"))) {
// 第三步:刷新access_token(如果需要)-----暂时没有使用,参考文档https://mp.weixin.qq.com/wiki,
String refreshTokenUrl = "https://api.weixin.qq.com/sns/oauth2/refresh_token?appid=" + openid
+ "&grant_type=refresh_token&refresh_token=" + refresh_token;
JSONObject refreshTokenJson = WXAuthUtil.doGetJson(refreshTokenUrl);
access_token = refreshTokenJson.getString("access_token");
}
// 第四步:拉取用户信息(需scope为 snsapi_userinfo)
String getUserInfoUrl = "https://api.weixin.qq.com/sns/userinfo?access_token=" + access_token + "&openid=" + openid + "&lang=zh_CN";
JSONObject getUserInfoJson = WXAuthUtil.doGetJson(getUserInfoUrl);
//可以根据获取的微信信息查询数据库是否存在数据,存在直接登录,不存在自动注册
//response.sendRedirect( url + "&token=ToKen");//重定向到前端
return getUserInfoJson;
}
}
