微信开放平台网站应用扫码登录整合springboot
1、微信开放平台申请网站应用 注意:需要繳費三百
2、创建网站应用 准备资料提交审核
3、等待审核通过拿到网站的 appid 和 密码
4、设置扫码的回调地址 注意:只设置域名不需要urlencode解析 不需要配置具体地址 只需配置域名
5、对完整的地址进行 urlencode编码
URLEncodeUtil编码
package com.global.buyer.core.util;
import java.io.UnsupportedEncodingException;
public class URLEncodeUtil {
private final static String ENCODE = "UTF-8";
/**
* URL 解码
*/
public static String getURLDecoderString(String str) {
String result = "";
if (null == str) {
return "";
}
try {
result = java.net.URLDecoder.decode(str, ENCODE);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return result;
}
/**
* URL 转码
*/
public static String getURLEncoderString(String str) {
String result = "";
if (null == str) {
return "";
}
try {
result = java.net.URLEncoder.encode(str, ENCODE);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return result;
}
public static void main(String[] args) {
String urlEncoderString = getURLEncoderString("http://r7udlyb3.dongtaiyuming.net/platform/platformUserLogin/wetChatLogin");
System.out.println(urlEncoderString);
}
}
一、java后台生成微信登录需要的二维码
public void wetChatCode(HttpServletRequest request,HttpServletResponse response) throws IOException {
String sessionId = request.getSession().getId();
String url = "https://open.weixin.qq.com/connect/qrconnect?appid=wx1b5072a8c5a4338a&redirect_uri=http%3A%2F%2Fr7udlyb3.dongtaiyuming.net%2Fplatform%2FplatformUserLogin%2FwetChatLogin&response_type=code&scope=snsapi_login&state="+sessionId+"#wechat_redirect";
HttpClient.Request httpRequest = HttpClient.buildHttpClient()
.buildRequest(url)
.setMethod(HttpClient.Method.GET);
HttpClient.Response<String> httpResponse = httpRequest.execute(HttpClient.BodyHandlers.ofString());
String html = httpResponse.getBody().toString().replaceAll("/connect/qrcode/","https://open.weixin.qq.com/connect/qrcode/");
System.out.println(httpResponse.getBody().toString());
response.setContentType("text/html;charset=utf-8");
response.getWriter().write(html);
}
二、设置后台回调地址
//微信回调接口参数接收
@ApiOperation(value = "微信扫码登录")
@GetMapping(value = "/wetChatLogin")
public String wetChatLogin(@RequestParam String code, @RequestParam String state,HttpServletRequest request){
return userService.wetChatLogin(code,state,request);
}
//具体代码实现
public ApiResponse wetChatLogin(String response_type,String state,HttpServletRequest request) {
System.out.println("code码: "+response_type+" 额外参数"+state);
String url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code";
url = url.replace("CODE",response_type)
.replace("APPID","")
.replace("SECRET",""); //替换微信网站应用的 app_id 和 secret code
String response = HttpClientUtil.doGet(url);
JSONObject object = JSONObject.parseObject(response);
System.out.println("用户唯一openid: "+object.getString("openid"));
PlatformUser platformUser = login(object.getString("openid"));
if(platformUser == null){
String sessionId = request.getSession().getId();
Map<String,String> resultMap = new HashMap<>();
resultMap.put("status","请绑定手机号");
resultMap.put("identifying",sessionId);
redisService.setUserOpenid(sessionId,object.getString("openid"));
return ApiResponse.build().success(ApiCodeEnum.COMMON_IS_EXIST.getCode(), JSON.toJSONString(resultMap));
}
if(platformUser.getIsInactive() == 1 ){
return ApiResponse.build().success(ApiCodeEnum.COMMON_PERMISSION_DENIED.getCode(),"用户已停用");
}
String token = platformUser.getId() + "_" + UUIDGenerator.generate();
//业务逻辑处理
}
三、前端接收回调处理结果
1、生成二维码时设置state参数为 前端浏览器sessionId, 后台处理结果绑定sessionid到redis中并设置有限时间,前端根据浏览器sessionid进行轮训请求获取结果 有一定的延时
2、前后端双方建立websocke通讯,前台点击获取二维码同时携带sessionid开启建立websocket连接,后台通过拿到state值sessionid,根据sessionid实时返回结果给前端 需要花点时间整合websocket
3、前端生成登陆二维码信息并展示,设置回调地址为前台页面,前端拿到code请求后端发起请求,后端直接把处理结果返回给前台。 存在参数暴露的危险