一、获取apikey,appsecret与商户号
注册公众号、商户号
二、获取用户的OpenId
1.设置【授权回调页面域名】
官方解释:用户在网页授权页同意授权给公众号后,微信会将授权数据传给一个回调页面,回调页面需在此域名下,以确保安全可靠。回调页面域名不支持IP地址。
2.用户同意授权
我是把这个url写在微信菜单下的,当进入这个页面的时候就让用户同意。注意:好像是静默授权的,用户不知道
1.url:
https://open.weixin.qq.com/connect/oauth2/authorize?appid=appid&redirect_uri=url&response_type=code&scope=snsapi_userinfo&state=park#wechat_redirect
参数:appid:公众号的唯一标识
redirect_uri:重定向的url,就是授权后要跳转的页面
scope:应用授权作用域
snsapi_base:不弹出授权页面,直接跳转,只能获取用户openid
snsapi_userinfo:弹出授权页面,可通过openid拿到昵称、性别、所在地
state:重定向后带的参数
2.用户同意后会产生一个code,只有5分钟时间的有效期。
1 String code = request.getParameter("code")
3.code换openId
/** * 常量类 * @author rory.wu * */ public class Constants { // 第三方用户唯一凭证 public static String appid = ""; // 第三方用户唯一凭证密钥 public static String appsecret = ""; //商户ID public static String mch_id=""; //获取openId public static String oauth2_url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code"; }
1 /** 2 * 通用工具类 3 * @author rory.wu 4 * @version 1.0 5 * @since 2015年08月05日 6 */ 7 public class CommonUtil { 8 9 private static Logger log = Logger.getLogger(CommonUtil.class); 10 public static JSONObject httpsRequestToJsonObject(String requestUrl, String requestMethod, String outputStr) { 11 JSONObject jsonObject = null; 12 try { 13 StringBuffer buffer = httpsRequest(requestUrl, requestMethod, outputStr); 14 jsonObject = JSONObject.fromObject(buffer.toString()); 15 } catch (ConnectException ce) { 16 log.error("连接超时:"+ce.getMessage()); 17 } catch (Exception e) { 18 log.error("https请求异常:"+e.getMessage()); 19 } 20 return jsonObject; 21 } 22 23 24 private static StringBuffer httpsRequest(String requestUrl, String requestMethod, String output) 25 throws NoSuchAlgorithmException, NoSuchProviderException, KeyManagementException, MalformedURLException, 26 IOException, ProtocolException, UnsupportedEncodingException { 27 28 URL url = new URL(requestUrl); 29 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 30 31 connection.setDoOutput(true); 32 connection.setDoInput(true); 33 connection.setUseCaches(false); 34 connection.setRequestMethod(requestMethod); 35 if (null != output) { 36 OutputStream outputStream = connection.getOutputStream(); 37 outputStream.write(output.getBytes("UTF-8")); 38 outputStream.close(); 39 } 40 41 // 从输入流读取返回内容 42 InputStream inputStream = connection.getInputStream(); 43 InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "utf-8"); 44 BufferedReader bufferedReader = new BufferedReader(inputStreamReader); 45 String str = null; 46 StringBuffer buffer = new StringBuffer(); 47 while ((str = bufferedReader.readLine()) != null) { 48 buffer.append(str); 49 } 50 51 bufferedReader.close(); 52 inputStreamReader.close(); 53 inputStream.close(); 54 inputStream = null; 55 connection.disconnect(); 56 return buffer; 57 }58 }
1 /** 2 * 获取用户的openId,并放入session 3 * @param code 微信返回的code 4 */ 5 private void setOpenId(String code) { 6 session.put("code", code); 7 String oauth2_url = Constants.oauth2_url.replace("APPID", Constants.appid).replace("SECRET", Constants.appsecret).replace("CODE", String.valueOf(session.get("code"))); 8 log.info("oauth2_url:"+oauth2_url); 9 JSONObject jsonObject = CommonUtil.httpsRequestToJsonObject(oauth2_url, "POST", null); 10 log.info("jsonObject:"+jsonObject); 11 Object errorCode = jsonObject.get("errcode"); 12 if(errorCode != null) { 13 log.info("code不合法"); 14 }else{ 15 String openId = jsonObject.getString("openid"); 16 log.info("openId:"+openId); 17 session.put("openId", openId); 18 } 19 }
oauth2_url返回的格式是:
{
"access_token":"ACCESS_TOKEN",
"expires_in":7200,
"refresh_token":"REFRESH_TOKEN",
"openid":"OPENID", "scope":"SCOPE",
"unionid": "o6_bmasdasdsad6_2sgVt7hMZOPfL"
}
Code无效时:
{
"errcode":40029
,"errmsg":"invalid code"
}