微信小程序后端开发流程根据官网总结为两个步骤
1、前端调用 wx.login 返回了code,然后调用wx.getUserInfo获取到用户的昵称 头像
2、服务端根据code去微信获取openid, 接口地址: https://developers.weixin.qq.com/miniprogram/dev/api-backend/open-api/login/auth.code2Session.html%EF%BC%9B%E5%90%8C%E6%97%B6%EF%BC%8C%E6%9B%B4%E6%96%B0%E7%94%A8%E6%88%B7%E6%98%B5%E7%A7%B0%E5%A4%B4%E5%83%8F%E7%AD%89%E8%B5%84%E6%96%99
微信小程序后端接口开发
controller层
public class OauthController { @Autowired private WeChatService weChatService; /** * 微信授权用js_code换取openId * @param code * @return */ @GetMapping("/code2Session") public BaseResponse code2Session(String code) { log.info("code2Session,code={}", code); if (StringUtil.isEmpty(code)) { return BaseResponse.buildFail("参数异常"); } Code2SessionResponse res = weChatService.code2Session(code); log.info("code2Session,res={}", res); if (!res.isSuccess()) { return BaseResponse.buildFail(res.getErrCode(), res.getErrMsg()); } return BaseResponse.buildSuccess(res); } /** * 解密获取手机号 * @param request * @param response * @param param * @return */ public BaseResponse decryptGetPhone(HttpServletRequest request, HttpServletResponse response, @RequestBody OauthParam param) { if (!StringUtil.isEmpty(param.getOpenId())) {//微信授权登录 String sessionKey = weChatService.getSessionKey(param.getOpenId()); if (StringUtil.isEmpty(sessionKey)) { return BaseResponse.buildFail("会话不存在"); } Sha1Utils sha = new Sha1Utils(); // 获取用户信息 log.debug("微信登陆 sessionKey = {}", sessionKey); String userInfoStr = sha.decryptWXAppletInfo(sessionKey, param.getEncryptedData(), param.getIv()); if (StringUtil.isEmpty(userInfoStr)) { return BaseResponse.buildFail("无法获取用户信息"); } JSONObject json = JSONObject.parseObject(userInfoStr); //绑定微信的手机号 String tel = json.getString("purePhoneNumber"); Assert.isTrue(!StringUtils.isEmpty(tel), "无法获取用户手机号"); BaseResponse baseResponse=new BaseResponse(); baseResponse.setResultInfo(tel); baseResponse.setState(0); return baseResponse; } } }
接口
public interface WeChatService { /** * 用code换取openid * * @param code * @return */ Code2SessionResponse code2Session(String code); /** * 获取凭证 * * @return */ String getAccessToken(); /** * 获取凭证 * * @param isForce * @return */ String getAccessToken(boolean isForce); String getSessionKey(String openId); }
实现类
public class WeChatServiceImpl implements WeChatService { //获取配置文件数据 @Value("${wechat.miniprogram.id}") private String appId; @Value("${wechat.miniprogram.secret}") private String appSecret; @Reference private SysUserService sysUserService; @Override public Code2SessionResponse code2Session(String code) { String rawResponse = HttpClientUtil .get(String.format(WechatConstant.URL_CODE2SESSION, appId, appSecret, code)); log.info("rawResponse====={}", rawResponse); Code2SessionResponse response = JSON.parseObject(rawResponse, Code2SessionResponse.class); if (response.isSuccess()) { cacheSessionKey(response); } return response; } private void cacheSessionKey(Code2SessionResponse response) { RedisCache redisCache = RedisCache.getInstance(); String key = RedisCacheKeys.getWxSessionKeyKey(response.getOpenId()); redisCache.setCache(key, 2147483647, response.getSessionKey()); } @Override public String getAccessToken() { return getAccessToken(false); } @Override public String getAccessToken(boolean isForce) { RedisCache redisCache = RedisCache.getInstance(); String accessToken = null; if (!isForce) { accessToken = redisCache.getCache(RedisCacheKeys.getWxAccessTokenKey(appId)); } if (StringUtil.isNotEmpty(accessToken)) { return accessToken; } String rawResponse = HttpClientUtil .get(String.format(WechatConstant.URL_GET_ACCESS_TOKEN, appId, appSecret)); AccessTokenResponse response = JSON.parseObject(rawResponse, AccessTokenResponse.class); log.info("getAccessToken:response={}", response); if (response.isSuccess()) { redisCache.setCache(RedisCacheKeys.getWxAccessTokenKey(appId), 7000, response.getAcessToken()); return response.getAcessToken(); } return null; } @Override public String getSessionKey(String openId) { RedisCache redisCache = RedisCache.getInstance(); String key = RedisCacheKeys.getWxSessionKeyKey(openId); String sessionKey = redisCache.getCache(key); return sessionKey; } }
用到的解密工具类
public class Sha1Utils { public static String decryptWXAppletInfo(String sessionKey, String encryptedData, String iv) { String result = null; try { byte[] encrypData = Base64.decodeBase64(encryptedData); byte[] ivData = Base64.decodeBase64(iv); byte[] sessionKeyB = Base64.decodeBase64(sessionKey); AlgorithmParameterSpec ivSpec = new IvParameterSpec(ivData); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); SecretKeySpec keySpec = new SecretKeySpec(sessionKeyB, "AES"); cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec); byte[] doFinal = cipher.doFinal(encrypData); result = new String(doFinal); return result; } catch (Exception e) { //e.printStackTrace(); log.error("decryptWXAppletInfo error",e); } return null; } }
网络请求工具类