- 小程序端 (亲测可用)
index.wxml页面加上
<button open-type="getPhoneNumber" bindgetphonenumber="getPhoneNumber"> 获取用户手机号码</button>
index里面加上
getPhoneNumber: function (e) {
console.log(e);
console.log(e.detail.iv);
console.log(e.detail.encryptedData);
wx.login({
success: function (r) {
console.log(r.code);
wx.request({
url: '/http://192.168.1.148:8000/api/applet/login?code=' + r.code + '&iv=' + e.detail.iv + '&encrypted=' + e.detail.encryptedData, //这里就写上后台解析手机号的接口
//这里的几个参数是获取授权后的加密数据,作为参数传递给后台就行了
method: 'POST',
header: {
'content-type': 'application/x-www-form-urlencoded' // POST请求
},
success(res) {
console.log(res.data)
}
})
}
})
}
- Java后台
AES工具类
/**
* Copyright (c) wpjava@163.com 2014 All Rights Reserved.
*/
package com.ejavashop.web.util.applet;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
/**
*
* @Filename: AES.java
* @Version: 1.0
* @Author: 余健
* @Email: 1164273877@qq.com
*
*/
public class AES {
public static String wxDecrypt (String encrypted, String sessionKey, String iv)throws Exception {
byte[] encrypData = Base64.decodeBase64(encrypted);
byte[] ivData = Base64.decodeBase64(iv);
byte[] sKey = Base64.decodeBase64(sessionKey);
String decrypt = decrypt(sKey,ivData,encrypData);
return decrypt;
}
public static String decrypt(byte[] key, byte[] iv, byte[] encData) throws Exception {
AlgorithmParameterSpec ivSpec = new IvParameterSpec(iv);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
//解析解密后的字符串
return new String(cipher.doFinal(encData),"UTF-8");
}
}
直接调用 phone = AES.wxDecrypt( encrypted, sessionKey, iv);
最终返回结果
注意:encrypted ,iv是从小程序获取到的加密参数。sessionKey是通过一次性code获取到的,还有就是遇到个很奇怪的问题,不从微信开发工具调用接口就可以获取手机号成功。 用微信开发工具调用接口就会出现参数不完整的情况(我是做后台,对前端不怎么熟)