搞事情小程序wxml文件中增加授权标签# 授权按钮,绑定用户点击后的方法 getPhoneNumber() {{quickLoginTitle}}在小程序js文件中增加getPhoneNumber方法getPhoneNumber: function (e) { // 参数e是绑定的授权方法自动传入过来的, 主要是为了拿到vi和encryptedData值从后台换取用户联系方式
if ("getPhoneNumber:ok" != e.detail.errMsg){
wx.showToast({ icon:'none', title: '快捷登陆失败'
}) return;
} var iv = e.detail.iv; var encryptedData = e.detail.encryptedData; // this.data.wxCode, 定义wxCode变量,并在onShow()方法中调用小程序login方法获取code值赋予this.data.wxCode
var code = this.data.wxCode; var _this = this; //调用后台接口获取用户手机号码
api.sendPost({ url: api.decode_phone, params:{ encrypted: encryptedData, iv:iv, code:code
}, success:function(data){ // 获取到的手机号码
var phone = data.phone;
}, fail:function(msg){
})
}在后台增加接口@RequestMapping(value = "decode/wxapp/phone", method = RequestMethod.POST)
@Override
public Result decodeWxAppPhone(
@RequestParam(value = "encrypted") String encrypted,
@RequestParam(value = "iv") String iv,
@RequestParam(value = "code") String code) { return Result.success(userService.decodeWxAppPhone(encrypted, iv, code));
}userService.decodeWxAppPhone 内部实现逻辑// 定义微信解密获取手机号码的接口地址,固定的
String wxAppHost = "https://api.weixin.qq.com"; String wxAppPath = "/sns/jscode2session"
String wxAppId = "自己的appid"
String wxAppSecret = "自己的wxAppSecret"
public JSONObject decodeWxAppPhone(String encrypted, String iv, String code) { String path =
wxAppPath
+ "?appid="
+ wxAppId
+ "&secret="
+ wxAppSecret
+ "&js_code="
+ code
+ "&grant_type=authorization_code"; try { // 向微信服务器发送get请求获取加密了的内容
HttpResponse response = HttpUtils.doGet(wxAppHost, path, "GET", null, null); String jsonStr = EntityUtils.toString(response.getEntity());
JSONObject jsonObject = JSON.parseObject(jsonStr); String sessionkey = jsonObject.getString("session_key"); // 解密
byte[] encrypData = Base64Utils.decodeFromString(encrypted);
byte[] ivData = Base64Utils.decodeFromString(iv);
byte[] sessionKey = Base64Utils.decodeFromString(sessionkey);
AlgorithmParameterSpec ivSpec = new IvParameterSpec(ivData);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKeySpec keySpec = new SecretKeySpec(sessionKey, "AES");
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
String resultString = new String(cipher.doFinal(encrypData), "UTF-8");
JSONObject object = JSONObject.parseObject(resultString); // 拿到手机号码
String phone = object.getString("phoneNumber"); // 返回手机号码
JSONObject returnObject = new JSONObject();
returnObject.put("phone", phone); return returnObject;
} catch (Exception e) {
log.error("微信小程序手机号码解密异常,信息如下:", e);
}
}
作者:Monster_鼎辉
链接:https://www.jianshu.com/p/2853b21fb42e