1、思路图解
2、思路描述
(1)小程序调用wx.login获取code
(2)小程序调用wx.getUserInfo得到rawData, signatrue, encryptData.
(3)小程序调用Server并传入前两步获取的code、rawData、signature、encryptData,server调用微信提供的jsoncode2session接口获取openid、sessionKey
(4)签名验证signature
(5)利用(3)获取的sessionKey解密entryptData,验证openid是否对应
3、代码展示
(1)接口(此处PageData可等同于request.getParameter)
@RequestMapping(value = "/login") @ResponseBody public Object login() throws Exception { logger.info("Start getSessionKey"); JsonResult jsonResult = new JsonResult(); String code = MessageUtil.CODE_SUCCESS;//状态码 String msg = MessageUtil.MSG_00;//提示信息 PageData pd = new PageData(); try { pd = this.getPageData(); PageData data = new PageData(); String token = ""; if(!pd.containsKey("code") || StringUtils.isEmpty(pd.getString("code"))){ code = MessageUtil.CODE_ERROR; msg = MessageUtil.MSG_NULL; }else if(!pd.containsKey("rawData") || StringUtils.isEmpty(pd.getString("rawData"))){ code = MessageUtil.CODE_ERROR; msg = MessageUtil.MSG_NULL; }else if(!pd.containsKey("signature") || StringUtils.isEmpty(pd.getString("signature"))){ code = MessageUtil.CODE_ERROR; msg = MessageUtil.MSG_NULL; }else if(!pd.containsKey("encryptedData") || StringUtils.isEmpty(pd.getString("encryptedData"))){ code = MessageUtil.CODE_ERROR; msg = MessageUtil.MSG_NULL<