要能够实现微信授权登录,必须有认证的微信开放平台帐号、或是微信公众号的测试帐号。
微信认证
在微信开放平台 https://open.weixin.qq.com上认证,并在资源中心创建应用。
测试帐号申请
配置url和token
url是配置你的回调地址,要在公网能够访问的,我们可以理由ngrok将自己的内网ip映射成外网可以访问的地址。
在cmd运行以下命令,就会产生你的外网地址。
把你的生成的地址放在这里,不需要加http协议,添加这个是因为在回调的时候能够成功
*token 验证实现代码
public class ServerPortal extends HttpServlet{
private static final long serialVersionUID = 1L;
private static final String token = "pengjiawen";
/**
* @see HttpServlet#HttpServlet()
*/
public ServerPortal() {
super();
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String signature = request.getParameter("signature");
String timestamp = request.getParameter("timestamp");
String nonce = request.getParameter("nonce");
String echostr = request.getParameter("echostr");
System.out.println("signature:" + signature);
System.out.println("timestamp:" + timestamp);
System.out.println("nonce:" + nonce);
System.out.println("echostr:" + echostr);
PrintWriter pw = response.getWriter();
pw.append(echostr);
pw.flush();
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doGet(request, response);
}
请求工具类(APPID 和APPSECRET在帐号中可以找到 )**
public class AuthUtil {
public static final String APPID = "wxed9a1c3c9c40ca23";
public static final String APPSECRET = "ccfd920e4b551669bb8969343cc3b1c2";
/**
* send http request and convert resposne into json object
* @param url
* @return
* @throws IOException
*/
public static JSONObject doGetJson(String url) throws IOException {
JSONObject jsonObject = null;
DefaultHttpClient client = new DefaultHttpClient();
HttpGet httpGet = new HttpGet(url);
HttpResponse response = client.execute(httpGet);
HttpEntity entity = response.getEntity();
if(entity !=null) {
String result = EntityUtils.toString(entity, "UTF-8");
System.out.println(result);
jsonObject = JSONObject.fromObject(result);
}
return jsonObject;
}
}
授权登录实现代码
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.printf("in /WxAuth/wxLogin");
// String backUrl = "http://atwjsw.s1.natapp.cc/WxAuth/callBack";
String backUrl = "http://ec76c7d4.ngrok.io/weChat/callBackServlet";
String url = "https://open.weixin.qq.com/connect/oauth2/authorize?"
+ "appid=" + AuthUtil.APPID
+ "&redirect_uri=" + URLEncoder.encode(backUrl)
+ "&response_type=code"
+ "&scope=snsapi_userinfo"
+ "&state=STATE"
+ "#wechat_redirect";
// 重定向用户请求到微信授权URL
resp.sendRedirect(url);
回调代码
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//1. 获取微信回调请求中的code
System.out.printf("in WxAuth/callBack");
String code = req.getParameter("code");
String url = "https://api.weixin.qq.com/sns/oauth2/access_token?"
+ "appid=" + AuthUtil.APPID
+ "&secret=" + AuthUtil.APPSECRET
+ "&code=" + code
+ "&grant_type=authorization_code";
//2. 向微信发出请求,带上APPSCECRET和code,获取openid和access_toekn
JSONObject jsonObject = AuthUtil.doGetJson(url);
String openid = jsonObject.getString("openid");
String token = jsonObject.getString("access_token");
//4. 获取用户信息
String infoUrl = "https://api.weixin.qq.com/sns/userinfo?"
+ "access_token=" + token
+ "&openid=" + openid
+ "&lang=zh_CN";
JSONObject userInfo = AuthUtil.doGetJson(infoUrl);
System.out.println(userInfo);
//1. 使用微信用户信息直接登录,无需注册和绑定
req.setAttribute("info", userInfo);
req.getRequestDispatcher("/index1.jsp").forward(req, resp);
在过程中遇到很多问题,特别是回调地址总错误,还有内网映射为外网。