一、获取apikey,appsecret与商户号
注册公众号、商户号
二、获取用户的OpenId
1.设置【授权回调页面域名】
官方解释:用户在网页授权页同意授权给公众号后,微信会将授权数据传给一个回调页面,回调页面需在此域名下,以确保安全可靠。回调页面域名不支持IP地址。
2.用户同意授权
我是把这个url写在微信菜单下的,当进入这个页面的时候就让用户同意。注意:好像是静默授权的,用户不知道
1.url:
https://open.weixin.qq.com/connect/oauth2/authorize?appid=appid&redirect_uri=url&response_type=code&scope=snsapi_userinfo&state=park#wechat_redirect参数:appid:公众号的唯一标识
redirect_uri:重定向的url,就是授权后要跳转的页面
scope:应用授权作用域
snsapi_base:不弹出授权页面,直接跳转,只能获取用户openid
snsapi_userinfo:弹出授权页面,可通过openid拿到昵称、性别、所在地
state:重定向后带的参数
2.用户同意后会产生一个code,只有5分钟时间的有效期。
1 String code = request.getParameter("code")3.code换openId
/**
* 常量类
* @author rory.wu
*
*/
public class Constants {
// 第三方用户唯一凭证
public static String appid = "";
// 第三方用户唯一凭证密钥
public static String appsecret = "";
//商户ID
public static String mch_id="";
//获取openId
public static String oauth2_url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code";
} 1 /**
2 * 通用工具类
3 * @author rory.wu
4 * @version 1.0
5 * @since 2015年08月05日
6 */
7 public class CommonUtil {
8
9 private static Logger log = Logger.getLogger(CommonUtil.class);
10 public static JSONObject httpsRequestToJsonObject(String requestUrl, String requestMethod, String outputStr) {
11 JSONObject jsonObject = null;
12 try {
13 StringBuffer buffer = httpsRequest(requestUrl, requestMethod, outputStr);
14 jsonObject = JSONObject.fromObject(buffer.toString());
15 } catch (ConnectException ce) {
16 log.error("连接超时:"+ce.getMessage());
17 } catch (Exception e) {
18 log.error("https请求异常:"+e.getMessage());
19 }
20 return jsonObject;
21 }
22
23
24 private static StringBuffer httpsRequest(String requestUrl, String requestMethod, String output)
25 throws NoSuchAlgorithmException, NoSuchProviderException, KeyManagementException, MalformedURLException,
26 IOException, ProtocolException, UnsupportedEncodingException {
27
28 URL url = new URL(requestUrl);
29 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
30
31 connection.setDoOutput(true);
32 connection.setDoInput(true);
33 connection.setUseCaches(false);
34 connection.setRequestMethod(requestMethod);
35 if (null != output) {
36 OutputStream outputStream = connection.getOutputStream();
37 outputStream.write(output.getBytes("UTF-8"));
38 outputStream.close();
39 }
40
41 // 从输入流读取返回内容
42 InputStream inputStream = connection.getInputStream();
43 InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "utf-8");
44 BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
45 String str = null;
46 StringBuffer buffer = new StringBuffer();
47 while ((str = bufferedReader.readLine()) != null) {
48 buffer.append(str);
49 }
50
51 bufferedReader.close();
52 inputStreamReader.close();
53 inputStream.close();
54 inputStream = null;
55 connection.disconnect();
56 return buffer;
57 }58 } 1 /**
2 * 获取用户的openId,并放入session
3 * @param code 微信返回的code
4 */
5 private void setOpenId(String code) {
6 session.put("code", code);
7 String oauth2_url = Constants.oauth2_url.replace("APPID", Constants.appid).replace("SECRET", Constants.appsecret).replace("CODE", String.valueOf(session.get("code")));
8 log.info("oauth2_url:"+oauth2_url);
9 JSONObject jsonObject = CommonUtil.httpsRequestToJsonObject(oauth2_url, "POST", null);
10 log.info("jsonObject:"+jsonObject);
11 Object errorCode = jsonObject.get("errcode");
12 if(errorCode != null) {
13 log.info("code不合法");
14 }else{
15 String openId = jsonObject.getString("openid");
16 log.info("openId:"+openId);
17 session.put("openId", openId);
18 }
19 }oauth2_url返回的格式是:
{
"access_token":"ACCESS_TOKEN",
"expires_in":7200,
"refresh_token":"REFRESH_TOKEN",
"openid":"OPENID", "scope":"SCOPE",
"unionid": "o6_bmasdasdsad6_2sgVt7hMZOPfL"
}
Code无效时:
{
"errcode":40029
,"errmsg":"invalid code"
}