1、小程序传参数js_code(用户获取session_key)和encryptedData、vi(用于解密手机号)
发送http请求调接口:
https://api.weixin.qq.com/sns/jscode2session?appid=固定的appid&secret=固定的secret&js_code=每次小程序传参&grant_type=authorization_code
返回数据如下,取出session_key用于解密:
{"session_key":"EKjnfpQ6LFxScbtOg==","expires_in":7200,"openid":"oBEMf0UbSQ6xpgUcI"}
2、拿session_key和encryptedData、vi解密手机号
-
import org.apache.commons.codec.binary.Base64;
-
import javax.crypto.Cipher;
-
import javax.crypto.spec.IvParameterSpec;
-
import javax.crypto.spec.SecretKeySpec;
-
import java.security.spec.AlgorithmParameterSpec;
-
/**
-
* Created by hgg on 2018/2/24.
-
* 小程序AES解密
-
*/
-
public class AESDecodeUtils {
-
public static void main(String[] args) throws Exception {
-
byte[] encrypData = Base64.decodeBase64("mgxuts7uEbdnBclp0Qim0TS3MGoaSyE09MqTvbeG9Z1PjxsDwjVH0FxG1Q==");
-
byte[] ivData = Base64.decodeBase64("SG386etdA3sOXHxqfnw==");
-
byte[] sessionKey = Base64.decodeBase64("Fn6r4IOiZJBXn4hQ0w==");
-
System.out.println(decrypt(sessionKey,ivData,encrypData));
-
}
-
public static String decrypt(byte[] key, byte[] iv, byte[] encData) throws Exception {
-
AlgorithmParameterSpec ivSpec = new IvParameterSpec(iv);
-
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
-
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
-
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
-
//解析解密后的字符串
-
return new String(cipher.doFinal(encData),"UTF-8");
-
}
-
}
encryptedData 解密后为以下 json 结构,详见加密数据解密算法
{
"phoneNumber": "13580006666",
"purePhoneNumber": "13580006666",
"countryCode": "86",
"watermark":
{
"appid":"APPID",
"timestamp":TIMESTAMP
}
}
参数 | 类型 | 说明 |
---|---|---|
phoneNumber | String | 用户绑定的手机号(国外手机号会有区号) |
purePhoneNumber | String | 没有区号的手机号 |
countryCode | String | 区号 |