微信支付:JSAPI拉起支付,无效的openid

开发场景:

  1. 同一开放平台下的公众号、小程序。
  2. 然后小程序里拉起支付时,当用户未关注公众号时,会报错 “无效的openid”;当关注之后正常拉起,无报错。

此错排查:

  1. 前后台使用的APPID是否一致
  2. 调用统一下单接口,传入参数openid是否openid(别传个订单id)
  3. 最有可能的原因:openid获取方式不正确,具体表现为:使用了登录接口(即下图)返回的openid。

下面介绍获取openid的正确方式,拉起授权获取

  • 小程序端: 调用getUserInfo接口,获取用户授权后,获取到用户数据,包含敏感数据(openid,unionID),传给后台进行解密
  • 服务端:对前台传来的敏感数据进行解密,获取openid 

实现(本人不会前台,前台略过):

  1. 前台调用wx.login 接口获得临时登录凭证 code。小程序wx.login 官方文档,点击查看
  2. 前台调用getUserInfo 获得的敏感数据。小程序getUserInfo官方文档,点击查看

服务端(java):

  1. 调用auth.code2Session,登录凭证校验。前台调用wx.login 接口获得临时登录凭证 code 后,传到后台调用此接口完成登录。
  2. 取出上面接口返回的session_key,用以解密数据。
  3. 对前台调用getUserInfo获得的敏感数据进行解密,获取到授权后正确的openid。
/**
 * @Description: 小程序:获取微信授权信息
 * @auther: Hanweihu
 * @date: 16:13 2019/6/18
 * @return: cn.shangze.boot.common.vo.Result<java.lang.Object>
 */
@ApiOperation(value = "小程序:获取微信授权信息")
@RequestMapping(value = "/getAuthInfoForSignUp", method = RequestMethod.GET)
public Result<Object> getAuthInfoForSignUp(String code,
                                @RequestParam(required = false) String encryptedData,
                                @RequestParam(required = false)String iv) {
    if (StringUtils.isBlank(code)){
        return  new ResultUtil<Object>().setErrorMsg("code不可为空");
    }
    Map<String, String> requestUrlParam = new HashMap<>();
    WxPayConfig wxPayConfig = wxPayConfigMapper.selectById(wxProId);
    requestUrlParam.put("appid", 小程序 appId);
    requestUrlParam.put("secret", 小程序 appSecret);
    requestUrlParam.put("js_code", code); // 前台获取的 code
    requestUrlParam.put("grant_type", "authorization_code"); //授权类型 
    // 发送post请求,调用微信接口
    JSONObject jsonObject = JSONObject.fromObject(HttpClientUtil.doPost("https://api.weixin.qq.com/sns/jscode2session", requestUrlParam));
    if (jsonObject.has("errcode")) {
        String errcode = jsonObject.getString("errcode");
        if (errcode.equals("0") == false) {
            // 微信返回失败,返回微信报错信息
            return new ResultUtil<Object>().setErrorMsg(jsonObject.getString("errmsg"));
        }
    }
    log.info("小程序:获取用户授权返回:" + jsonObject);
    // session_key,用以解密数据
    String sessionkey = jsonObject.getString("session_key");
    if (StringUtils.isBlank(iv) || StringUtils.isBlank(encryptedData)){
        // 这俩参数值为空,说明,已授权不用再次重复授权,此时,上面接口获取openid就是对的。直接返回
        return  new ResultUtil<Object>().setData(jsonObject,"获取微信授权成功");
    }
    // 参数不为空,则为第一次授权,需要解密获取。
    JSONObject jsonObject2 = getUserInfo(encryptedData , sessionkey, iv);
    Map<String, String> res = new HashMap<>();
    res.put("openid", jsonObject2.getString("openId"));
    res.put("unionid", jsonObject2.getString("unionId"));
    res.put("session_key", sessionkey);
    log.info("解密结果:"+jsonObject2.toString());
    return new ResultUtil<Object>().setData(res,"获取微信授权成功");
}


/**
 * 解密用户敏感数据获取用户信息
 *
 * @param sessionKey    数据进行加密签名的密钥
 * @param encryptedData 包括敏感数据在内的完整用户信息的加密数据
 * @param iv            加密算法的初始向量
 * @return
 */
public JSONObject getUserInfo(String encryptedData, String sessionKey, String iv) {
    // 被加密的数据
    byte[] dataByte = Base64.decode(encryptedData);
    // 加密秘钥
    byte[] keyByte = Base64.decode(sessionKey);
    // 偏移量
    byte[] ivByte = Base64.decode(iv);
    try {
        // 如果密钥不足16位,那么就补足.  这个if 中的内容很重要
        int base = 16;
        if (keyByte.length % base != 0) {
            int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
            byte[] temp = new byte[groups * base];
            Arrays.fill(temp, (byte) 0);
            System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
            keyByte = temp;
        }
        // 初始化
        Security.addProvider(new BouncyCastleProvider());
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding","BC");
        SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
        AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
        parameters.init(new IvParameterSpec(ivByte));
        cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
        byte[] resultByte = cipher.doFinal(dataByte);
        if (null != resultByte && resultByte.length > 0) {
            String result = new String(resultByte, "UTF-8");
            return JSONObject.fromObject(result);
        }
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (NoSuchPaddingException e) {
        e.printStackTrace();
    } catch (InvalidParameterSpecException e) {
        e.printStackTrace();
    } catch (IllegalBlockSizeException e) {
        e.printStackTrace();
    } catch (BadPaddingException e) {
        e.printStackTrace();
    } catch (UnsupportedEncodingException e) {
        e.printStackTrace();
    } catch (InvalidKeyException e) {
        e.printStackTrace();
    } catch (InvalidAlgorithmParameterException e) {
        e.printStackTrace();
    } catch (NoSuchProviderException e) {
        e.printStackTrace();
    }
    return null;
}

解密方法中,maven依赖:

<dependency>
    <groupId>org.bouncycastle</groupId>
    <artifactId>bcprov-jdk15on</artifactId>
    <version>1.56</version>
</dependency>

HttpClientUtil

import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;

import java.io.IOException;
import java.net.URI;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

public class HttpClientUtil {

    public static String doGet(String url, Map<String, String> param) {

        // 创建Httpclient对象
        CloseableHttpClient httpclient = HttpClients.createDefault();

        String resultString = "";
        CloseableHttpResponse response = null;
        try {
            // 创建uri
            URIBuilder builder = new URIBuilder(url);
            if (param != null) {
                for (String key : param.keySet()) {
                    builder.addParameter(key, param.get(key));
                }
            }
            URI uri = builder.build();

            // 创建http GET请求
            HttpGet httpGet = new HttpGet(uri);

            // 执行请求
            response = httpclient.execute(httpGet);
            // 判断返回状态是否为200
            if (response.getStatusLine().getStatusCode() == 200) {
                resultString = EntityUtils.toString(response.getEntity(), "UTF-8");
            }
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            try {
                if (response != null) {
                    response.close();
                }
                httpclient.close();
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
        return resultString;
    }

    public static String doGet(String url) {
        return doGet(url, null);
    }

    public static String doPost(String url, Map<String, String> param) {
        // 创建Httpclient对象
        CloseableHttpClient httpClient = HttpClients.createDefault();
        CloseableHttpResponse response = null;
        String resultString = "";
        try {
            // 创建Http Post请求
            HttpPost httpPost = new HttpPost(url);
            // 创建参数列表
            if (param != null) {
                List<NameValuePair> paramList = new ArrayList<>();
                for (String key : param.keySet()) {
                    paramList.add(new BasicNameValuePair(key, param.get(key)));
                }
                // 模拟表单
                UrlEncodedFormEntity entity = new UrlEncodedFormEntity(paramList);
                httpPost.setEntity(entity);
            }
            // 执行http请求
            response = httpClient.execute(httpPost);
            resultString = EntityUtils.toString(response.getEntity(), "utf-8");
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            try {
                response.close();
            } catch (IOException e) {
                e.printStackTrace();
            }
        }

        return resultString;
    }

    public static String doPost(String url) {
        return doPost(url, null);
    }

    public static String doPostJson(String url, String json) {
        // 创建Httpclient对象
        CloseableHttpClient httpClient = HttpClients.createDefault();
        CloseableHttpResponse response = null;
        String resultString = "";
        try {
            // 创建Http Post请求
            HttpPost httpPost = new HttpPost(url);
            // 创建请求内容
            StringEntity entity = new StringEntity(json, ContentType.APPLICATION_JSON);
            httpPost.setEntity(entity);
            // 执行http请求
            response = httpClient.execute(httpPost);
            resultString = EntityUtils.toString(response.getEntity(), "utf-8");
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            try {
                response.close();
            } catch (IOException e) {
                e.printStackTrace();
            }
        }

        return resultString;
    }
}
  • 2
    点赞
  • 4
    收藏
    觉得还不错? 一键收藏
  • 9
    评论
评论 9
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值