1.調(diào)用微信登錄wx.login()獲取code蜕便,通過(guò)code調(diào)用后臺(tái)枷餐,獲取信息sessionId
/**
* 獲取微信小程序session_key
*
* @param jsonStr
* @return
*/
@RequestMapping(value = "/getSessionKey", method = RequestMethod.POST, produces = "application/json;charset=utf-8")
@ResponseBody
public JSONObject getSessionKey(@RequestBody String jsonStr) {
JSONObject result = new JSONObject();
JSONObject object = JSON.parseObject(jsonStr);
String code = object.getString("code");
if (StringUtil.isBlank(code)) {
return ApiResult.fail("參數(shù)為空");
}
// appid
String appId ="" //公眾號(hào)appid
// 微信密匙
String appSecret ="" //密匙
String res = SendHttps.sendGet("https://api.weixin.qq.com/sns/jscode2session", "appid=" + appId + "&secret=" + appSecret + "&js_code=" + code + "&grant_type=authorization_code");
net.sf.json.JSONObject resultObject = net.sf.json.JSONObject.fromObject(res);
if (resultObject.containsKey("errcode")) {
int errcode = resultObject.getInt("errcode");
result.put("message","獲取access_token出錯(cuò)!錯(cuò)誤信息為:" + resultObject.get("errmsg").toString(), "" + errcode);
} else {
String sessionKey = resultObject.get("session_key").toString();
String openId = resultObject.get("openid").toString();
RedisClient.set(openId + "session_key", sessionKey, 600);
result.put("sessionId", openId + "session_key");
}
return result;
}
2.前臺(tái)通過(guò)js獲取到微信服務(wù)器返回的加密數(shù)據(jù),結(jié)合sessionId解密得到手機(jī)號(hào)且轨。官方連接:https://developers.weixin.qq.com/miniprogram/dev/framework/open-ability/getPhoneNumber.html
/**
* 微信小程序獲取手機(jī)號(hào)
*
* @param jsonStr
* @return
*/
@RequestMapping(value = "/getPhoneNumber", method = RequestMethod.POST, produces = "application/json;charset=utf-8")
@ResponseBody
public JSONObject getPhoneNumber(@RequestBody String jsonStr) {
JSONObject object = JSON.parseObject(jsonStr);
String encryptedData = object.getString("encryptedData");
String iv = object.getString("iv");
String sessionId = object.getString("sessionId");
// 獲取session_key
String session_key = RedisClient.get(sessionId);
if (StringUtil.isEmpty(session_key)) {
return ApiResult.fail("session已失效,請(qǐng)重試");
}
// 被加密的數(shù)據(jù)
byte[] dataByte = Base64.decode(encryptedData);
// 加密秘鑰
byte[] keyByte = Base64.decode(session_key);
// 偏移量
byte[] ivByte = Base64.decode(iv);
try {
// 如果密鑰不足16位虚婿,那么就補(bǔ)足. 這個(gè)if 中的內(nèi)容很重要
int base = 16;
if (keyByte.length % base != 0) {
int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
byte[] temp = new byte[groups * base];
Arrays.fill(temp, (byte) 0);
System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
keyByte = temp;
}
// 初始化
Security.addProvider(new BouncyCastleProvider());
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
parameters.init(new IvParameterSpec(ivByte));
cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
byte[] resultByte = cipher.doFinal(dataByte);
if (null != resultByte && resultByte.length > 0) {
String result = new String(resultByte, "UTF-8");
return JSONObject.parseObject(result);
}
} catch (Exception e) {
e.printStackTrace();
}
return "獲取手機(jī)號(hào)失敗";
}
3.后臺(tái)通過(guò)url請(qǐng)求
public class SendHttps {
/**
* 向指定URL發(fā)送GET方法的請(qǐng)求
*
* @param url 發(fā)送請(qǐng)求的URL
* @param param 請(qǐng)求參數(shù)旋奢,請(qǐng)求參數(shù)應(yīng)該是 name1=value1&name2=value2 的形式。
* @return URL 所代表遠(yuǎn)程資源的響應(yīng)結(jié)果
*/
public static String sendGet(String url, String param) {
String result = "";
BufferedReader in = null;
try {
String urlNameString = url + "?" + param;
URL realUrl = new URL(urlNameString);
// 打開(kāi)和URL之間的連接
URLConnection connection = realUrl.openConnection();
// 設(shè)置通用的請(qǐng)求屬性
connection.setRequestProperty("accept", "*/*");
connection.setRequestProperty("connection", "Keep-Alive");
connection.setRequestProperty("user-agent",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
// 建立實(shí)際的連接
connection.connect();
// 獲取所有響應(yīng)頭字段
Map<String, List<String>> map = connection.getHeaderFields();
// 遍歷所有的響應(yīng)頭字段
for (String key : map.keySet()) {
System.out.println(key + "--->" + map.get(key));
}
// 定義 BufferedReader輸入流來(lái)讀取URL的響應(yīng)
in = new BufferedReader(new InputStreamReader(
connection.getInputStream(), "utf-8"));
String line;
while ((line = in.readLine()) != null) {
result += line;
}
} catch (Exception e) {
System.out.println("發(fā)送GET請(qǐng)求出現(xiàn)異常然痊!" + e);
e.printStackTrace();
}
// 使用finally塊來(lái)關(guān)閉輸入流
finally {
try {
if (in != null) {
in.close();
}
} catch (Exception e2) {
e2.printStackTrace();
}
}
return result;
}
}
微信小程序獲取手機(jī)號(hào)流程
1.先調(diào)用微信登錄wx.login()獲取code至朗,通過(guò)code在后臺(tái)獲取session_key和openid(為了安全方面的原因,請(qǐng)不要直接使用這些信息作為你小程序的用戶標(biāo)識(shí)和session標(biāo)識(shí)回傳到小程序客戶端中去)
2.用戶點(diǎn)擊允許授權(quán)按鈕剧浸,將后臺(tái)獲取的session_key 和 js獲取的加密數(shù)據(jù)锹引,做為參數(shù)和自定義標(biāo)識(shí)傳給后臺(tái)
3.后臺(tái)接收到參數(shù)后,進(jìn)行加密數(shù)據(jù)解密算法唆香,最后取得手機(jī)號(hào)
