java 微信小程序登录 验证登录并获取用户信息
2017-09-12 16:48
1351 查看
小程序API
获取授权
https://mp.weixin.qq.com/debug/wxadoc/dev/api/api-login.html#wxloginobject
获取用户信息
https://mp.weixin.qq.com/debug/wxadoc/dev/api/open.html#wxgetuserinfoobject
获取授权
https://mp.weixin.qq.com/debug/wxadoc/dev/api/api-login.html#wxloginobject
获取用户信息
https://mp.weixin.qq.com/debug/wxadoc/dev/api/open.html#wxgetuserinfoobject
public class WeChatAppLoginReq { private String code; private String rawData; private String encryptedData; private String iv; private String signature; public String getCode() { return code; } public void setCode(String code) { this.code = code; } public String getRawData() { return rawData; } public void setRawData(String rawData) { this.rawData = rawData; } public String getEncryptedData() { return encryptedData; } public void setEncryptedData(String encryptedData) { this.encryptedData = encryptedData; } public String getIv() { return iv; } public void setIv(String iv) { this.iv = iv; } public String getSignature() { return signature; } public void setSignature(String signature) { this.signature = signature; } }
import java.io.UnsupportedEncodingException; import java.security.AlgorithmParameters; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.Key; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.Security; import java.util.Date; import java.util.Map; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.jose4j.base64url.Base64; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpMethod; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Component; import org.springframework.web.client.RestTemplate; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.xiaoyi.sns.bean.dto.req.WeChatAppLoginReq; import com.xiaoyi.sns.bean.po.spo.UserInfoPo; import com.xiaoyi.sns.business.constant.Constants.UserType; import com.xiaoyi.sns.business.impl.spo.UserInfoBiz; import com.xiaoyi.sns.common.constant.ResponseMsg; import com.xiaoyi.sns.common.exception.SystemException; import com.xiaoyi.sns.common.util.HmacUtil; /** * Project Name: sns-business * File Name: WeAppLoginBiz.java * Date: 2017年1月13日下午1:06:17 * Author: zhao.zhibo@xiaoyi.com * Explain: 微信小程序登录 */ @Component public class WeChatAppLoginBiz { private static final Logger logger = LoggerFactory.getLogger(WeChatAppLoginBiz.class); @Autowired private UserInfoBiz userInfoBiz; public static boolean initialized = false; private static final String APPID = "wx3c************b8"; private static final String SECRET = "75324***************500ae89726"; public Map<String,Object> login(WeChatAppLoginReq req) { //获取 session_key 和 openId String url = "https://api.weixin.qq.com/sns/jscode2session?appid="+APPID+"&secret="+SECRET+"&js_code="+req.getCode()+"&grant_type=authorization_code"; RestTemplate restTemplate = new RestTemplate(); ResponseEntity<String> responseEntity = restTemplate.exchange(url, HttpMethod.GET, null, String.class); if(responseEntity != null && responseEntity.getStatusCode() == HttpStatus.OK) { String sessionData = responseEntity.getBody(); logger.info("sessionData = "+ sessionData); JSONObject jsonObj = JSON.parseObject(sessionData); String openId = jsonObj.getString("openid"); String sessionKey = jsonObj.getString("session_key"); String signature = HmacUtil.SHA1(req.getRawData()+sessionKey); if(!signature.equals(req.getSignature())) { logger.info(" req signature="+req.getSignature()); logger.info(" java signature="+req.getSignature()); throw new SystemException(ResponseMsg.WECHAT_LOGIN_SIGNATURE_ERROR); } byte[] resultByte = null; try { resultByte = decrypt(Base64.decode(req.getEncryptedData()), Base64.decode(sessionKey), Base64.decode(req.getIv())); } catch (Exception e) { throw new SystemException(ResponseMsg.WECHAT_LOGIN_USER_ERROR); } if(null != resultByte && resultByte.length > 0) { String userInfoStr = ""; try { userInfoStr = new String(resultByte, "UTF-8"); } catch (UnsupportedEncodingException e) { logger.error(e.getMessage()); } logger.info("userInfo = "+ userInfoStr); JSONObject userInfoObj = JSON.parseObject(userInfoStr); UserInfoPo userPo = new UserInfoPo(); userPo.setName(userInfoObj.getString("nickName")); userPo.setCreatedTime(new Date()); userPo.setGender(userInfoObj.getString("gender")); userPo.setIcon(userInfoObj.getString("avatarUrl")); userPo.setLoginId(userInfoObj.getString("unionId")); userPo.setType((short)UserType.WeiXin); userPo.setLoginType(UserType.WeChatApp); //userPo.setNation(userInfoObj.getString("city")); //userInfoObj.getString("city"); //userInfoObj.getString("province"); //userInfoObj.getString("country"); Map<String,Object> data = userInfoBiz.insertOrUpdate(userPo); return data; }else { throw new SystemException(ResponseMsg.WECHAT_LOGIN_USER_ERROR); } }else { throw new SystemException(ResponseMsg.WECHAT_LOGIN_CODE_ERROR); } } private byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException { initialize(); try { Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding"); Key sKeySpec = new SecretKeySpec(keyByte, "AES"); cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化 byte[] result = cipher.doFinal(content); return result; } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } catch (InvalidKeyException e) { e.printStackTrace(); } catch (IllegalBlockSizeException e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); 9d35 } catch (NoSuchProviderException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } return null; } public static void initialize(){ if (initialized) return; Security.addProvider(new BouncyCastleProvider()); initialized = true; } //生成iv public static AlgorithmParameters generateIV(byte[] iv) throws Exception{ AlgorithmParameters params = AlgorithmParameters.getInstance("AES"); params.init(new IvParameterSpec(iv)); return params; } }
import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; public class HmacUtil { public static String SHA1(String str){ try { //指定sha1算法 MessageDigest digest = MessageDigest.getInstance("SHA-1"); digest.update(str.getBytes()); //获取字节数组 byte messageDigest[] = digest.digest(); // Create Hex String StringBuffer hexString = new StringBuffer(); // 字节数组转换为 十六进制 数 for (int i = 0; i < messageDigest.length; i++) { String shaHex = Integer.toHexString(messageDigest[i] & 0xFF); if (shaHex.length() < 2) { hexString.append(0); } hexString.append(shaHex); } return hexString.toString().toLowerCase(); } catch (NoSuchAlgorithmException e) { return ""; } } }
相关文章推荐
- 移动端第三方登录(微信)java验证并获取用户信息
- 微信小程序维护登录态与获取用户信息
- Java 微信登录授权后获取微信用户信息昵称乱码问题解决
- Java微信开发(通过java程序获取用户个人信息)
- 微信小程序在java后台获取用户unionid等敏感信息
- 微信小程序获取用户openid,头像昵称信息,后台java代码
- 微信小程序登录获取用户信息
- 微信小程序 获取用户信息并保存登录状态
- 微信小程序维护登录态与获取用户信息
- 微信小程序例子——获取用户登录信息
- 微信小程序维护登录态与获取用户信息
- 微信小程序维护登录态与获取用户信息
- 微信小程序维护登录态与获取用户信息
- 微信小程序维护登录态与获取用户信息_0
- 微信订阅号里实现oauth授权登录,并获取用户信息 (完整篇)
- 微信开发笔记——微信网页登录授权,获取用户信息
- java微信网页授权获取用户信息以及JSSDK自定义分享等功能<四>
- 微信第三方登陆,无需注册一键登录,获取用户信息,PHP实现方法
- Java微信公众平台开发(12) 微信用户信息的获取
- 微信开发笔记——微信网页登录授权,获取用户信息