一、获取apikey,appsecret与商户号
注册公众号、商户号
二、获取用户的OpenId
1.设置【授权回调页面域名】
官方解释:用户在网页授权页同意授权给公众号后,微信会将授权数据传给一个回调页面,回调页面需在此域名下,以确保安全可靠。回调页面域名不支持ip地址。
2.用户同意授权
我是把这个url写在微信菜单下的,当进入这个页面的时候就让用户同意。注意:好像是静默授权的,用户不知道
1.url:
https://open.weixin.QQ.com/connect/oauth2/authorize?appid=appid&redirect_uri=url&response_type=code&scope=snsapi_userinfo&state=park#wechat_redirect
参数:appid:公众号的唯一标识
redirect_uri:重定向的url,就是授权后要跳转的页面
scope:应用授权作用域
snsapi_base:不弹出授权页面,直接跳转,只能获取用户openid
snsapi_userinfo:弹出授权页面,可通过openid拿到昵称、性别、所在地
state:重定向后带的参数
2.用户同意后会产生一个code,只有5分钟时间的有效期。
1 String code = request.getParameter("code")
3.code换openId
/**
* 常量类
* @author rory.wu
* */public class Constants { // 第三方用户唯一凭证
public static String appid = ""; // 第三方用户唯一凭证密钥
public static String appsecret = ""; //商户ID
public static String mch_id=""; //获取openId
public static String oauth2_url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code";
}
1 /** 2 * 通用工具类 3 * @author rory.wu 4 * @version 1.0 5 * @since 2015年08月05日 6 */ 7 public class CommonUtil { 8 9 PRivate static Logger log = Logger.getLogger(CommonUtil.class);10 public static JSONObject httpsRequestToJsonObject(String requestUrl, String requestMethod, String outputStr) {11 JSONObject jsonObject = null;12 try {13 StringBuffer buffer = httpsRequest(requestUrl, requestMethod, outputStr);14 jsonObject = JSONObject.fromObject(buffer.toString());15 } catch (ConnectException ce) {16 log.error("连接超时:"+ce.getMessage());17 } catch (Exception e) {18 log.error("https请求异常:"+e.getMessage());19 }20 return jsonObject;21 }22 23 24 private static StringBuffer httpsRequest(String requestUrl, String requestMethod, String output)25 throws NoSuchAlgorithmException, NoSuchProviderException, KeyManagementException, MalformedURLException,26 IOException, ProtocolException, UnsupportedEncodingException {27 28 URL url = new URL(requestUrl);29 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();30 31 connection.setDoOutput(true);32 connection.setDoInput(true);33 connection.setUseCaches(false);34 connection.setRequestMethod(requestMethod);35 if (null != output) {36 OutputStream outputStream = connection.getOutputStream();37 outputStream.write(output.getBytes("UTF-8"));38 outputStream.close();39 }40 41 // 从输入流读取返回内容42 InputStream inputStream = connection.getInputStream();43 InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "utf-8");44 BufferedReader bufferedReader = new BufferedReader(inputStreamReader);45 String str = null;46 StringBuffer buffer = new StringBuffer();47 while ((str = bufferedReader.readLine()) != null) {48 buffer.append(str);49 }50 51 bufferedReader.close();52 inputStreamReader.close();53 inputStream.close();54 inputStream = null;55 connection.disconnect();56 return buffer;57 }58 }
1 /** 2 * 获取用户的openId,并放入session 3 * @param code 微信返回的code 4 */ 5 private void setOpenId(String code) { 6 session.put("code", code); 7 String oauth2_url = Constants.oauth2_url.replace("APPID", Constants.appid).replace("SECRET", Constants.appsecret).replace("CODE", String.valueOf(session.get("code"))); 8 log.info("oauth2_url:"+oauth2_url); 9 JSONObject jsonObject = CommonUtil.httpsRequestToJsonObject(oauth2_url, "POST", null);10 log.info("jsonObject:"+jsonObject);11 Object errorCode = jsonObject.get("errcode");12 if(errorCode != null) {13 log.info("code不合法");14 }else{15 String openId = jsonObject.getString("openid");16 log.info("openId:"+openId);17 session.put("openId", openId);18 }19 }
oauth2_url返回的格式是:
{
"access_token":"ACCESS_TOKEN",
"expires_in":7200,
"refresh_token":"REFRESH_TOKEN",
"openid":"OPENID", "scope":"SCOPE",
"unionid": "o6_bmasdasdsad6_2sgVt7hMZOPfL"
}
Code无效时:
{
"errcode":40029
,"errmsg":"invalid code"
}