具体而言,网页授权流程分为四步:
1、引导用户进入授权页面同意授权,获取code
https://open.weixin.qq.com/connect/oauth2/authorize?appid=wxf0e81c3bee622d60&redirect_uri=http%3A%2F%2Fnba.bluewebgame.com%2Foauth_response.php&response_type=code&scope=snsapi_userinfo&state=STATE#wechat_redirect
appid在公众号里有,redirect_uri是web服务器接口,转码成encodeuri直接拼接上来就好了;此时用户点击允许后,会跳转到指定网页同时在地址栏上会获得用户的code码;
例如:
http://55b565d7.ngrok.io/?code=061nHaFL0NSHK52OfnGL0ExuFL0nHaF0&state=STATE
把code码截取出来,然后第二步;
2、通过code换取网页授权access_token(与基础支持中的access_token不同)
https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code
需要说一下,appid和secret码在公众号里都有,自己查一下,这个code就是上面截取出来的code码,拼接上去即可;
查询出来的结果是这样的:
{"access_token":"14_4FIf-oohAlY54UmbADYTmSpDuJjVtjClZ7TVje2LgiVv3blx5V1wpjoTZZq4c1aZA6rD8cLKS0GHRUbtovnHbEJ_VnJn8QbrKYcRaAbNs50","expires_in":7200,"refresh_token":"14_nG7MFORaYYtkFXczABfK0tGFOJk3LHGVBNobIafbJcznG2N26Bwgu0k_UiaD3BV86ATAC5H2Lk0QXYuxYralv8l3Mh6r0tOf3m5FzMHmUcg","openid":"oKAqk0miwnB5Nzxo8J0bp6u_T8Iw","scope":"snsapi_userinfo"}
3、如果需要,开发者可以刷新网页授权access_token,避免过期
https://api.weixin.qq.com/sns/oauth2/refresh_token?appid=APPID&grant_type=refresh_token&refresh_token=REFRESH_TOKEN
4、通过网页授权access_token和openid获取用户基本信息(支持UnionID机制)
https://api.weixin.qq.com/sns/userinfo?access_token=ACCESS_TOKEN&openid=OPENID&lang=zh_CN //返回值无subscribe,就是不知道是否关注了微信号。网页授权获取用户信息,官方用的这个方法。
返回说明
正确时返回的JSON数据包如下:
{
"openid":" OPENID",
" nickname": NICKNAME,
"sex":"1",
"province":"PROVINCE"
"city":"CITY",
"country":"COUNTRY",
"headimgurl": "http://wx.qlogo.cn/mmopen/g3MonUZtNHkdmzicIlibx6iaFqAc56vxLSUfpb6n5WK
SYVY0ChQKkiaJSgQ1dZuTOgvLLrhJbERQQ4eMsv84eavHiaiceqxibJxCfHe/46",
"privilege":[
"PRIVILEGE1"
"PRIVILEGE2"
],
"unionid": "o6_bmasdasdsad6_2sgVt7hMZOPfL"
}