注意:
1.目前该接口针对非个人开发者,且完成了认证的小程序开放(不包含海外主体)。需谨慎使用,若用户举报较多或被发现在不必要场景下使用,微信有权永久回收该小程序的该接口权限。
2.微信开放平台需要绑定小程序,如果没有获取到unionId以及其他信息,只拿到了openId与sessionkey,那么请到微信开放平台绑定小程序(登录微信开放平台(https://open.weixin.qq.com/) — 管理中心 — 小程序 — 绑定小程序)
官网地址如下:
https://developers.weixin.qq.com/miniprogram/dev/api/open-api/user-info/wx.getUserInfo.html
1.小程序授权拿到code
2.小程序授权获取用户基本信息拿到encryptedData与iv
/*
* 获取小程序用户基本信息
*/
@RequestMapping(value="code2SessionPhone", method = RequestMethod.GET)
public ReturnData code2SessionPhone (HttpServletRequest req) throws Exception {
String encryptedData = req.getParameter("encryptedData");
String iv = req.getParameter("iv");
String sessionkey = req.getParameter("sessionkey");
// 解密
byte[] encrypData = Base64Utils.decodeFromString(encryptedData);
byte[] ivData = Base64Utils.decodeFromString(iv);
byte[] sessionKey = Base64Utils.decodeFromString(sessionkey);
AlgorithmParameterSpec ivSpec = new IvParameterSpec(ivData);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKeySpec keySpec = new SecretKeySpec(sessionKey, "AES");
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
String resultString = new String(cipher.doFinal(encrypData), "UTF-8");
JSONObject object = JSONObject.parseObject(resultString);
return ReturnData.success(object);
}
拿到的object数据有
{
"openId": "OPENID",
"nickName": "NICKNAME",
"gender": GENDER,
"city": "CITY",
"province": "PROVINCE",
"country": "COUNTRY",
"avatarUrl": "AVATARURL",
"unionId": "UNIONID",
"watermark":
{
"appid":"APPID",
"timestamp":TIMESTAMP
}
}