工具类:
package com.wx.auth.util;
import java.io.IOException;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.util.EntityUtils;
import net.sf.json.JSONObject;
public class AuthUtil {
public static final String APPID="wxc232cd9ce5bc6b19";
public static final String APPSECR="xxxxxxx";
public static JSONObject doGetJson(String url) throws ClientProtocolException, IOException{
JSONObject jsonObject =null;
DefaultHttpClient client=new DefaultHttpClient();
HttpGet httpGet=new HttpGet(url);
HttpResponse response=client.execute(httpGet);
HttpEntity entity=response.getEntity();
if(entity!=null){
String result=EntityUtils.toString(entity, "UTF-8");
jsonObject=JSONObject.fromObject(result);
}
return jsonObject;
}
}
LoginServlet(用户请求):
package com.wx.auth.servlet;
import java.io.IOException;
import java.net.URLEncoder;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.http.client.utils.URLEncodedUtils;
import com.wx.auth.util.AuthUtil;
public class LoginServlet extends HttpServlet {
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//公众号的唯一标识
String APPID=AuthUtil.APPID;
//授权后重定向的回调链接地址, 请使用 urlEncode 对链接进行处理
String REDIRECT_URI=URLEncoder.encode("http://jrqaea.natappfree.cc/WxAuth/CallBackServlet2");
// System.out.println(REDIRECT_URI);
//返回类型,请填写code
String code="code";
//应用授权作用域,snsapi_base (不弹出授权页面,直接跳转,只能获取用户openid),snsapi_userinfo (弹出授权页面,可通过openid拿到昵称、性别、所在地。并且, 即使在未关注的情况下,只要用户授权,也能获取其信息 )
String SCOPE="snsapi_userinfo";
//重定向后会带上state参数,开发者可以填写a-zA-Z0-9的参数值,最多128字节
String STATE="STATE";
// System.out.println(SCOPE);
//跳转地址
String url="https://open.weixin.qq.com/connect/oauth2/authorize?"
+ "appid="+APPID
+ "&redirect_uri="+REDIRECT_URI
+ "&response_type=code"
+ "&scope="+SCOPE
+ "&state=STATE#wechat_redirect";
// System.out.println(url);
resp.sendRedirect(url);
}
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
this.doGet(req, resp);
}
}
CallBackServlet(回调页面):
/**
* 直接获取用户信息不保存在数据库中
*/
package com.wx.auth.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Iterator;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.wx.auth.util.AuthUtil;
import net.sf.json.JSONObject;
public class CallBackServlet extends HttpServlet{
String codeFlag=null;
JSONObject userInfo1=null;
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String code=req.getParameter("code");
//判断code是否已经使用
if(code.equals(codeFlag)){
System.out.println("code失效");
}else{
System.out.println("code有效效");
codeFlag=code;
//公众号的唯一标识
String APPID=AuthUtil.APPID;
//公众号的appsecret
String SECRET=AuthUtil.APPSECR;
//填写第一步获取的code参数
String CODE=code;
String url="https://api.weixin.qq.com/sns/oauth2/access_token?"
+ "appid="+APPID
+ "&secret="+SECRET
+ "&code="+CODE
+ "&grant_type=authorization_code";
JSONObject jsonObject=AuthUtil.doGetJson(url);
System.out.println(jsonObject);
String openid=jsonObject.getString("openid");
String token=jsonObject.getString("access_token");
String infoUrl="https://api.weixin.qq.com/sns/userinfo?"
+ "access_token="+token
+ "&openid="+openid
+ "&lang=+zh_CN";
JSONObject userInfo=AuthUtil.doGetJson(infoUrl);
//未知原因会重复请求
userInfo1=userInfo;
System.out.println(userInfo);
}
Set info=userInfo1.keySet();
Iterator it=info.iterator();
while(it.hasNext()){
String key=(String) it.next();
req.setAttribute(key, userInfo1.getString(key));
}
System.out.println("重定向1");
req.getRequestDispatcher("/index1.jsp").forward(req, resp);
}
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
this.doGet(req, resp);
}
}