域名非法问题
- 小程序发布必须是合法的https域名 ,尽量是一级,二级域名证书
- 小程序中的前端默认不可以像不在域名列表中的端口发送url请求,例如微信的登录url
- 必须去访问本服务器的后端,通过本服务器的后端做中转站像微信的后端去发送url请
微信支付问题
注意一定要注意参数的大小写。否则二次签名认证会不成功
参考微信小程序支付api,一定要认真看参数(本次采用的是v2支付xml数据格式,有时间可以研究v3支付。)
payUtils如下:
public class PayUtil {
private static Logger logger = Logger.getLogger("com.wade.common.utils.payUtils.PayUtil");
public static Map<String, String> wxPay(String openid, HttpServletRequest request) {
JSONObject json = new JSONObject();
SortedMap<String, String> packages = new TreeMap<>();
try {
//生成的随机字符串
String nonce_str = Util.getRandomStringByLength(16);
//商品名称
String body = WXConst.body;
//获取本机的ip地址
String spbill_create_ip = Util.getIpAddr(request);
SimpleDateFormat dateFormat = new SimpleDateFormat("yyyyMMddHHmmss");
String dataStr = dateFormat.format(new Date());
String orderNo = "QM" + dataStr + "-" + Util.getRandomStringByLength(6);
String money = WXConst.MONEY;//支付金额,单位:分,这边需要转成字符串类型,否则后面的签名会失败
SortedMap<String, String> packageParams = new TreeMap<>();
packageParams.put("appid", WXConst.appId);
packageParams.put("nonce_str", nonce_str);
packageParams.put("mch_id", WXConst.mch_id);
packageParams.put("body", body);
packageParams.put("out_trade_no", orderNo);//商户订单号
packageParams.put("total_fee", money);
packageParams.put("spbill_create_ip", spbill_create_ip);
packageParams.put("notify_url", WXConst.notify_url);
packageParams.put("trade_type", WXConst.TRADETYPE);
packageParams.put("openid", openid);
packageParams.put("sign", createSign(packageParams, WXConst.key));
//调用统一下单接口,并接受返回的结果
String result = PayUtil.httpRequest(WXConst.pay_url, "POST", getRequestXml(packageParams));
System.out.println("调试模式_统一下单接口 返回XML数据:" + result);
// 将解析结果存储在HashMap中
Map<String, String> map = PayUtil.doXMLParse(result);
String return_code = (String) map.get("return_code");//返回状态码
//返回给移动端需要的参数
if (return_code == "SUCCESS" || return_code.equals(return_code)) {
packages.put("appId", map.get("appid"));
packages.put("timeStamp", String.valueOf(System.currentTimeMillis() / 1000));
packages.put("nonceStr", map.get("nonce_str"));
packages.put("signType", "MD5");
packages.put("package", "prepay_id=" + map.get("prepay_id"));
packages.put("paySign", createSign(packages, WXConst.key));
}
logger.info(" 第二次 : sign:" + packages.get("paySign"));
} catch (Exception e) {
e.printStackTrace();
json.put("errMsg", "Failed");
}
return packages;
}
/**
* 获取请求xml
*
* @param packageParams 请求参数
* @return 请求xml
*/
public static String getRequestXml(SortedMap<String, String> packageParams) {
StringBuilder sb = new StringBuilder();
sb.append("<xml>");
Set es = packageParams.entrySet();
for (Object e : es) {
Map.Entry entry = (Map.Entry) e;
String key = (String) entry.getKey();
String value = (String) entry.getValue();
if ("body".equalsIgnoreCase(key) || "sign".equalsIgnoreCase(key)) {
sb.append("<").append(key).append(">").append("<![CDATA[").append(value).append("]]></").append(key).append(">");
} else {
sb.append("<").append(key).append(">").append(value).append("</").append(key).append(">");
}
}
sb.append("</xml>");
return sb.toString();
}
public static String createSign(SortedMap<String, String> packageParams, String apiKey) {
StringBuilder sb = new StringBuilder();
Set es = packageParams.entrySet();
for (Object e : es) {
Map.Entry entry = (Map.Entry) e;
String k = (String) entry.getKey();
String v = (String) entry.getValue();
if ((v != null) && (!"".equals(v)) && (!"sign".equals(k)) &&
(!"key".equals(k))) {
sb.append(k).append("=").append(v).append("&");
}
}
sb.append("key=").append(apiKey);
System.err.println(apiKey + "apiKey");
System.err.println(sb.toString() + "sb.toString()");
String sign = MD5Utils.getInstance().createMd5(sb.toString())
.toUpperCase();
System.err.println(sign + "sign()");
return sign;
}
/**
* 签名字符串
*
* @param text 需要签名的字符串
* @param key 密钥
* @param input_charset 编码格式
* @return 签名结果
*/
public static String sign(String text, String key, String input_charset) {
text = text + "&key=" + key;
return DigestUtils.md5Hex(getContentBytes(text, input_charset));
}
/**
* 签名字符串
*
* @param text 需要签名的字符串
* @param sign 签名结果
* @param key 密钥
* @param input_charset 编码格式
* @return 签名结果
*/
public static boolean verify(String text, String sign, String key, String input_charset) {
text = text + key;
String mysign = DigestUtils.md5Hex(getContentBytes(text, input_charset));
if (mysign.equals(sign)) {
return true;
} else {
return false;
}
}
/**
* @param content
* @param charset
* @return
* @throws UnsupportedEncodingException
*/
public static byte[] getContentBytes(String content, String charset) {
if (charset == null || "".equals(charset)) {
return content.getBytes();
}
try {
return content.getBytes(charset);
} catch (UnsupportedEncodingException e) {
throw new RuntimeException("MD5签名过程中出现错误,指定的编码集不对,您目前指定的编码集是:" + charset);
}
}
/**
* 生成6位或10位随机数 param codeLength(多少位)
*
* @return
*/
public static String createCode(int codeLength) {
String code = "";
for (int i = 0; i < codeLength; i++) {
code += (int) (Math.random() * 9);
}
return code;
}
@SuppressWarnings("unused")
private static boolean isValidChar(char ch) {
if ((ch >= '0' && ch <= '9') || (ch >= 'A' && ch <= 'Z') || (ch >= 'a' && ch <= 'z'))
return true;
if ((ch >= 0x4e00 && ch <= 0x7fff) || (ch >= 0x8000 && ch <= 0x952f))
return true;// 简体中文汉字编码
return false;
}
/**
* 除去数组中的空值和签名参数
*
* @param sArray 签名参数组
* @return 去掉空值与签名参数后的新签名参数组
*/
public static Map<String, String> paraFilter(Map<String, String> sArray) {
Map<String, String> result = new HashMap<String, String>();
if (sArray == null || sArray.size() <= 0) {
return result;
}
for (String key : sArray.keySet()) {
String value = sArray.get(key);
if (value == null || value.equals("") || key.equalsIgnoreCase("sign")
|| key.equalsIgnoreCase("sign_type")) {
continue;
}
result.put(key, value);
}
return result;
}
/**
* 把数组所有元素排序,并按照“参数=参数值”的模式用“&”字符拼接成字符串
*
* @param params 需要排序并参与字符拼接的参数组
* @return 拼接后字符串
*/
public static String createLinkString(Map<String, String> params) {
List<String> keys = new ArrayList<String>(params.keySet());
Collections.sort(keys);
String prestr = "";
for (int i = 0; i < keys.size(); i++) {
String key = keys.get(i);
String value = params.get(key);
if (i == keys.size() - 1) {// 拼接时,不包括最后一个&字符
prestr = prestr + key + "=" + value;
} else {
prestr = prestr + key + "=" + value + "&";
}
}
return prestr;
}
/**
* @param requestUrl 请求地址
* @param requestMethod 请求方法
* @param outputStr 参数
*/
public static String httpRequest(String requestUrl, String requestMethod, String outputStr) {
// 创建SSLContext
StringBuffer buffer = null;
try {
URL url = new URL(requestUrl);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod(requestMethod);
conn.setDoOutput(true);
conn.setDoInput(true);
conn.connect();
//往服务器端写内容
if (null != outputStr) {
OutputStream os = conn.getOutputStream();
os.write(outputStr.getBytes("utf-8"));
os.close();
}
// 读取服务器端返回的内容
InputStream is = conn.getInputStream();
InputStreamReader isr = new InputStreamReader(is, "utf-8");
BufferedReader br = new BufferedReader(isr);
buffer = new StringBuffer();
String line = null;
while ((line = br.readLine()) != null) {
buffer.append(line);
}
br.close();
} catch (Exception e) {
e.printStackTrace();
}
return buffer.toString();
}
public static String urlEncodeUTF8(String source) {
String result = source;
try {
result = java.net.URLEncoder.encode(source, "UTF-8");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return result;
}
/**
* 解析xml,返回第一级元素键值对。如果第一级元素有子节点,则此节点的值是子节点的xml数据。
*
* @param strxml
* @return
* @throws IOException
*/
public static Map<String, String> doXMLParse(String strxml) throws Exception {
if (null == strxml || "".equals(strxml)) {
return null;
}
Map<String, String> m = new HashMap();
InputStream in = String2Inputstream(strxml);
SAXBuilder builder = new SAXBuilder();
Document doc = builder.build(in);
Element root = doc.getRootElement();
List list = root.getChildren();
Iterator it = list.iterator();
while (it.hasNext()) {
Element e = (Element) it.next();
String k = e.getName();
String v = "";
List children = e.getChildren();
if (children.isEmpty()) {
v = e.getTextNormalize();
} else {
v = getChildrenText(children);
}
m.put(k, v);
}
//关闭流
in.close();
return m;
}
/**
* 获取子结点的xml
*
* @param children
* @return String
*/
public static String getChildrenText(List children) {
StringBuffer sb = new StringBuffer();
if (!children.isEmpty()) {
Iterator it = children.iterator();
while (it.hasNext()) {
Element e = (Element) it.next();
String name = e.getName();
String value = e.getTextNormalize();
List list = e.getChildren();
sb.append("<" + name + ">");
if (!list.isEmpty()) {
sb.append(getChildrenText(list));
}
sb.append(value);
sb.append("</" + name + ">");
}
}
return sb.toString();
}
public static InputStream String2Inputstream(String str) {
return new ByteArrayInputStream(str.getBytes());
}
public static void wxNotify(HttpServletRequest request, HttpServletResponse response) throws Exception {
BufferedReader br = new BufferedReader(new InputStreamReader((ServletInputStream) request.getInputStream()));
String line = null;
StringBuilder sb = new StringBuilder();
while ((line = br.readLine()) != null) {
sb.append(line);
}
br.close();
//sb为微信返回的xml
String notityXml = sb.toString();
String resXml = "";
System.out.println("接收到的报文:" + notityXml);
Map map = PayUtil.doXMLParse(notityXml);
String returnCode = (String) map.get("return_code");
if ("SUCCESS".equals(returnCode)) {
//验证签名是否正确
if (PayUtil.verify(PayUtil.createLinkString(map), (String) map.get("sign"), WXConst.key, "utf-8")) {
/**此处添加自己的业务逻辑代码start**/
/**此处添加自己的业务逻辑代码end**/
//通知微信服务器已经支付成功
resXml = "<xml>" + "<return_code><![CDATA[SUCCESS]]></return_code>"
+ "<return_msg><![CDATA[OK]]></return_msg>" + "</xml> ";
}
} else {
resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[报文为空]]></return_msg>" + "</xml> ";
}
System.out.println(resXml);
System.out.println("微信支付回调数据结束");
BufferedOutputStream out = new BufferedOutputStream(
response.getOutputStream());
out.write(resXml.getBytes());
out.flush();
out.close();
}
}
授权获取用户信息转换手机号
本次采用的是前端解析 直接解密后手机号返回数据,方法如下
public String getWxLogin(String code) {
WxBaseConst baseConst = new WxBaseConst("你的appid", "你的密钥(微信公众平台中生成的)", code, "authorization_code");
String params = "appid=" + baseConst.getAppid() + "&secret=" + baseConst.getSecret() + "&js_code=" + baseConst.getJs_code() + "&grant_type=" + baseConst.getGrant_type();
return HttpUtils.sendGet("https://api.weixin.qq.com/sns/jscode2session", params);
}
// 获取授权手机号
handleGetPhoneNumber: function (event) {
console.log("event", event);
var that = this;
wx.login({
success: function (res) {
if (res.code) {
// 登录凭证(code)获取成功,可以将code发送到后端进行处理
var code = res.code;
wx.request({
url: `${apiUrl}` + '/orderMiniProgram/wxLogin?code=' + code,
method: 'POST',
success: function (res) {
const sessionKey = JSON.parse(res.data.msg).session_key;
const openid = JSON.parse(res.data.msg).openid;
if (Object.keys(event).length !== 0) {
if (event.detail.errMsg === 'getPhoneNumber:ok') {
var encryptedData = event.detail.encryptedData;
var iv = event.detail.iv;
that.data.form.iv = iv;
that.data.form.encryptedData = encryptedData
that.setData({
isAuthorized: true
});
}
}
// openid获取成功,可以在这里处理逻辑
app.openid = openid;
that.data.form.openid = res.data.openid;
that.data.form.sessionKey = sessionKey;
const pc = new RdWXBizDataCrypt("你的小程序appid", sessionKey);
const phone = pc.decryptData(encryptedData, iv);
if (phone == null) {
that.handleGetPhoneNumber;
that.setData({
isAuthorized: false
})
that.onAuthorizationCancel
wx.showToast({
title: '授权发生意外请重新授权',
icon: 'none',
duration: 2000
});
} else {
that.data.form.phoneNumber = phone.phoneNumber;
getApp().globalData.AuthToken = phone.phoneNumber;
wx.showToast({
title: '授权成功',
icon: 'none',
duration: 2000
});
}
},
fail: function (res) {
console.log('Response:', res);
// openid获取失败,可以在这里处理逻辑
console.log('Failed to get openid');
}
});
} else {
// 登录凭证(code)获取失败,可以在这里处理逻辑
console.log('Failed to get login code');
}
}
})
},
小程序和微信公众号unionID获取
小程序的openid获取与公众号的openid获取是一样的道理
获取token--->获取openid
unionID的获取
网上说的: 小程序的openid==小程序的unionID (错误说法)
!!注意!!在获取unionId的前提是关联二者
unionID是在同一个微信开放平台下绑定关联的多个程序/公众号 的唯一标识。
小程序unionID获取:
比较简单 :调用wx.login 获取code,
调用jscode2Session方法获取unionID
HttpUtils.sendGet("https://api.weixin.qq.com/sns/jscode2session", miniParams)
公众号unionID获取:
分四步:
获取公众号Token
HttpUtils.sendGet("https://api.weixin.qq.com/cgi-bin/token", tokenParams)
通过Token获取openid(List 这里拿到的openid是关注微信公众号的所有人的openid)
HttpUtils.sendGet("https://api.weixin.qq.com/cgi-bin/user/get", openIdParams)
通过遍历openid获取unionId
openidArray.forEach(openid -> {
String params = "access_token=" + token + "&openid=" + openid + "&lang=zh_CN";
String userInfo = HttpUtils.sendGet("https://api.weixin.qq.com/cgi-bin/user/info", params);
String unionIdOfficial = ((JSONObject) JSONObject.parse(userInfo)).get("unionid").toString();
这里对比小程序的unionId是否与公众号unionID相等 相等就可以进行存储关联等操作
});