开放平台注册
开发第三方平台,首先需要到微信开放平台申请注册第三方平台账号
创建第三方平台
第三方平台信息配置
第三方授权流程
详细流程说明可参照官网授权流程技术说明;
授权流程代码
获取第三方平台接口调用凭据“component_verify_ticket”
出于安全考虑,在第三方平台创建审核通过后,微信服务器 每隔10分钟会向第三方的消息接收地址推送一次component_verify_ticket,用于获取第三方平台接口调用凭据。
package com.litte.controller.warrant;
import com.litte.entity.reception.TWarrantInfo;
import com.litte.service.warrantinfo.TWarrantInfoService;
import com.litte.service.warrantmerchant.TWarrantMerchantService;
import com.litte.util.DateUtil;
import com.litte.util.WinxinUtil;
import net.sf.json.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.dom4j.Document;
import org.dom4j.DocumentException;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Calendar;
import java.util.Date;
@Controller
@RequestMapping("/warrant")
public class WarrantController {
private static final Logger LOGGER = LoggerFactory.getLogger(WarrantController.class);
//公众号第三方平台的appid
private static final String APPID = "wx9681884b28ed7927";
//第三方平台申请时填写的接收消息的校验token
private static final String TOKEN = "xinxingshang";
// private static final String TOKEN = "xinxingshangstar";
//第三方平台申请时填写的接收消息的加密symmetric_key
private static final String ENCODINGAESKEY = "xinxingshangstarkeykey11keyxinxingshangstar";
private static final String SECRET = "a4d75ccc5b9ca0cef697116bc8c2e156";
//获取"component_access_token"URL
private static final String COMPONENT_TOKEN_URL = "https://api.weixin.qq.com/cgi-bin/component/api_component_token";
// 获取"pre_auth_code"URL
private static final String PRE_AUTH_CODE = "https://api.weixin.qq.com/cgi-bin/component/api_create_preauthcode?component_access_token=componentAccessToken";
// 刷新令牌
private static final String AUTHORIZER_REFRESH_TOKEN = "https://api.weixin.qq.com/cgi-bin/component/api_authorizer_token?component_access_token=componentAccessToken";
@Autowired
TWarrantInfoService tWarrantInfoService;
@Autowired
TWarrantMerchantService TWarrantMerchantService;
/**
* 获取"component_verify_ticket"
*
* @Description:
* @Author: Mr.Jkx
* @Date: 2019/4/3 16:03
* 参考链接:https://blog.csdn.net/liaoyundababe/article/details/53537417
* https://blog.csdn.net/zhangdaiscott/article/details/48269837
*/
@RequestMapping("/responseRequest")
@ResponseBody
public void responseRequest(HttpServletRequest request, HttpServletResponse response) throws AesException, IOException {
LOGGER.info("WeChat third-party platform --------- WeChat push Ticket message 10 minutes-----------");
output(response, "success"); // 输出响应的内容。
processAuthorizeEvent(request);
}
/**
* 处理授权事件的推送
*
* @param request
* @throws IOException
* @throws AesException
* @throws DocumentException
*/
public void processAuthorizeEvent(HttpServletRequest request)
throws IOException, AesException {
String nonce = request.getParameter("nonce");
String timestamp = request.getParameter("timestamp");
String msgSignature = request.getParameter("msg_signature");
LOGGER.info("=====WeChat third-party platform======" + nonce + " " + timestamp + " " + msgSignature);
StringBuilder sb = new StringBuilder();
BufferedReader in = request.getReader();
String line;
while ((line = in.readLine()) != null) {
sb.append(line);
}
String xml = sb.toString();
LOGGER.info("Third-party platform is released on the whole network-----------------------original, Xml=" + xml);
WXBizMsgCrypt pc = new WXBizMsgCrypt(TOKEN, ENCODINGAESKEY, APPID);
LOGGER.info("Third-party platform is released on the whole network-----------------------decryption WXBizMsgCrypt new 成功");
String xml1 = pc.decryptMsg(msgSignature, timestamp, nonce, xml);
LOGGER.info("Third-party platform is released on the whole network-----------------------After decryption, Xml=" + xml1);
processAuthorizationEvent(xml1);
}
/**
* 保存componentVerifyTicket
*
* @param xml
*/
void processAuthorizationEvent(String xml) {
Document doc;
try {
doc = DocumentHelper.parseText(xml);
Element rootElt = doc.getRootElement();
String componentVerifyTicket = rootElt.elementText("ComponentVerifyTicket");
LOGGER.info("Third-party platform is released on the whole network---------After decryption, ComponentVerifyTicket=" + componentVerifyTicket);
if (StringUtils.isNotBlank(componentVerifyTicket)) {
TWarrantInfo tWarrantInfo = new TWarrantInfo();
tWarrantInfo.setId("053882ef3bed46c795bbd7da470e79cf");
tWarrantInfo.setComponentVerifyTicket(componentVerifyTicket);
tWarrantInfo.setTicketCreateTime(DateUtil.formatDate(new Date(), "yyyy-MM-dd HH:mm:ss"));
int i = tWarrantInfoService.updateByPrimaryKeySelective(tWarrantInfo);
if (i > 0) {
LOGGER.info("WeChat third-party platform------------component_verify_ticket data save success");
} else {
LOGGER.info("WeChat third-party platform------------component_verify_ticket data save failure");
}
}
} catch (DocumentException e) {
e.printStackTrace();
}
}
/**
* @Description: 第三方平台全网发布,消息与事件接收URL
* @Author: Mr.Jkx
* @Date: 2019/5/8 18:10
*/
@RequestMapping(value = "/$APPID$/xxsCallback")
public void acceptMessageAndEvent(HttpServletRequest request, @PathVariable("APPID") String appid,
HttpServletResponse response) throws IOException, DocumentException, AesException {
LOGGER.info("第三方平台全网发布---------{appid}/callback---------验证开始。。。。");
String msgSignature = request.getParameter("msg_signature");
LOGGER.info("第三方平台全网发布-------------{appid}/callback-----------验证开始。。。。msg_signature=" + msgSignature);
if (!StringUtils.isNotBlank(msgSignature)) {
return;// 微信推送给第三方开放平台的消息一定是加过密的,无消息加密无法解密消息
}
StringBuilder sb = new StringBuilder();
BufferedReader in = request.getReader();
String line;
while ((line = in.readLine()) != null) {
sb.append(line);
}
in.close();
String xml = sb.toString();
Document doc = DocumentHelper.parseText(xml);
Element rootElt = doc.getRootElement();
String toUserName = rootElt.elementText("ToUserName");
//微信全网测试账号
// if (StringUtils.equalsIgnoreCase(toUserName, APPID)) {
LOGGER.info("全网发布接入检测消息反馈开始---------------APPID=" + appid + "------------------------toUserName=" + toUserName);
checkWeixinAllNetworkCheck(request, response, xml);
// }
}
public void checkWeixinAllNetworkCheck(HttpServletRequest request, HttpServletResponse response,String xml) throws DocumentException, AesException, IOException {
String nonce = request.getParameter("nonce");
String timestamp = request.getParameter("timestamp");
String msgSignature = request.getParameter("msg_signature");
WXBizMsgCrypt pc = new WXBizMsgCrypt(TOKEN, ENCODINGAESKEY, APPID);
xml = pc.decryptMsg(msgSignature, timestamp, nonce, xml);
Document doc = DocumentHelper.parseText(xml);
Element rootElt = doc.getRootElement();
String msgType = rootElt.elementText("MsgType");
String toUserName = rootElt.elementText("ToUserName");
String fromUserName = rootElt.elementText("FromUserName");
LOGGER.info("---全网发布接入检测--step.1-----------msgType="+msgType+"-----------------toUserName="+toUserName+"-----------------fromUserName="+fromUserName);
// LogUtil.info("---全网发布接入检测--step.2-----------xml="+xml);
if("event".equals(msgType)){
// LogUtil.info("---全网发布接入检测--step.3-----------事件消息--------");
String event = rootElt.elementText("Event");
replyEventMessage(request,response,event,toUserName,fromUserName);
}else if("text".equals(msgType)){
// LogUtil.info("---全网发布接入检测--step.3-----------文本消息--------");
String content = rootElt.elementText("Content");
processTextMessage(request,response,content,toUserName,fromUserName);
}
}
public void replyEventMessage(HttpServletRequest request, HttpServletResponse response, String event, String toUserName, String fromUserName) throws DocumentException, IOException {
String content = event + "from_callback";
// LogUtil.info("---全网发布接入检测------step.4-------事件回复消息 content="+content + " toUserName="+toUserName+" fromUserName="+fromUserName);
replyTextMessage(request,response,content,toUserName,fromUserName);
}
public void processTextMessage(HttpServletRequest request, HttpServletResponse response,String content,String toUserName, String fromUserName) throws IOException, DocumentException{
if("TESTCOMPONENT_MSG_TYPE_TEXT".equals(content)){
String returnContent = content+"_callback";
replyTextMessage(request,response,returnContent,toUserName,fromUserName);
}else if(StringUtils.startsWithIgnoreCase(content, "QUERY_AUTH_CODE")){
output(response, "");
//接下来客服API再回复一次消息
replyApiTextMessage(request,response,content.split(":")[1],fromUserName);
}
}
/**
* 回复微信服务器"文本消息"
* @param request
* @param response
* @param content
* @param toUserName
* @param fromUserName
* @throws DocumentException
* @throws IOException
*/
public void replyTextMessage(HttpServletRequest request, HttpServletResponse response, String content, String toUserName, String fromUserName) throws DocumentException, IOException {
Long createTime = Calendar.getInstance().getTimeInMillis() / 1000;
StringBuffer sb = new StringBuffer();
sb.append("<xml>");
sb.append("<ToUserName><![CDATA["+fromUserName+"]]></ToUserName>");
sb.append("<FromUserName><![CDATA["+toUserName+"]]></FromUserName>");
sb.append("<CreateTime>"+createTime+"</CreateTime>");
sb.append("<MsgType><![CDATA[text]]></MsgType>");
sb.append("<Content><![CDATA["+content+"]]></Content>");
sb.append("</xml>");
String replyMsg = sb.toString();
String returnvaleue = "";
try {
WXBizMsgCrypt pc = new WXBizMsgCrypt(TOKEN, ENCODINGAESKEY, APPID);
returnvaleue = pc.encryptMsg(replyMsg, createTime.toString(), "easemob");
// LOGGER.info("------------------加密后的返回内容 returnvaleue: "+returnvaleue);
} catch (AesException e) {
e.printStackTrace();
}
output(response, returnvaleue);
}
public void replyApiTextMessage(HttpServletRequest request, HttpServletResponse response, String auth_code, String fromUserName) throws DocumentException, IOException {
// 得到微信授权成功的消息后,应该立刻进行处理!!相关信息只会在首次授权的时候推送过来
LOGGER.info("------step.1----使用客服消息接口回复粉丝----逻辑开始-----------------");
try {
LOGGER.info("------step.1----使用客服消息接口回复粉丝----逻辑开始-------------auth_code: "+auth_code+" thirdWeixinService.getComponent_access_token:"+TOKEN);
String url = "https://api.weixin.qq.com/cgi-bin/component/api_query_auth?component_access_token="+TOKEN;
JSONObject jsonObject1 = new JSONObject();
jsonObject1.put("component_appid", APPID);
jsonObject1.put("authorization_code", auth_code);
JSONObject jsonRes = WinxinUtil.doPostStr(url, jsonObject1.toString());
LOGGER.info("------step.1----使用客服消息接口回复粉丝----逻辑开始---------------------jsonRes:"+jsonRes.toString());
String msg = auth_code + "_from_api";
JSONObject jsonObject = new JSONObject();
jsonObject.put("touser", fromUserName);
jsonObject.put("msgtype", "text");
JSONObject text = new JSONObject();
text.put("content", msg);
jsonObject.put("text", text);
WinxinUtil.doPostStr("https://api.weixin.qq.com/cgi-bin/message/custom/send?access_token="+TOKEN, jsonObject.toString());
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* 工具类:回复微信服务器"文本消息"
* @param response
* @param returnvaleue
*/
public void output(HttpServletResponse response, String returnvaleue) {
try {
PrintWriter pw = response.getWriter();
pw.write(returnvaleue);
pw.flush();
} catch (IOException e) {
e.printStackTrace();
}
}
}
获取第三方平台“component_access_token”
第三方平台通过自己的component_appid(即在微信开放平台管理中心的第三方平台详情页中的AppID和AppSecret)和component_appsecret,以及component_verify_ticket(每10分钟推送一次的安全ticket)来获取自己的接口调用凭据(component_access_token)
/**
* @Description: “component_access_token”获取
* 有效期2小时
* @Author: Mr.Jkx
* @Date: 2019/4/19 16:57
* SpringBoot定时任务,每个110分钟获取一次,并保存到数据库
*/
@Scheduled(fixedRate = 6600000)
public void getComponentAccessToken() {
System.out.println("-------------get component_access_token---------------");
WarrantController warrantController = new WarrantController();
try {
// 从数据库获取微信推送的“component_verify_ticket”
TWarrantInfo tWarrantInfo = tWarrantInfoService.selectByPrimaryKey("053882ef3bed46c795bbd7da470e79cf");
String componentVerifyTicket = tWarrantInfo.getComponentVerifyTicket();
// 根据“componentVerifyTicket”获取“component_access_token”
String componentAccessToken = getComponentAccessToken(componentVerifyTicket);
// 数据库保存微信推送加密信息“component_access_token”
TWarrantInfo tWarrantInfoData = new TWarrantInfo();
tWarrantInfoData.setComponentAccessToken(componentAccessToken);
editWarrantInfo(tWarrantInfoData);
} catch (IOException e) {
e.printStackTrace();
}
}
/**
* @Description: 编辑授权信息
* @Author: Mr.Jkx
* @Date: 2019/4/20 10:12
*/
public void editWarrantInfo(TWarrantInfo tWarrantInfo) {
tWarrantInfo.setId("053882ef3bed46c795bbd7da470e79cf");
if (StringUtils.isNotBlank(tWarrantInfo.getComponentAccessToken())) {
tWarrantInfo.setTokenCreateTime(DateUtil.formatDate(new Date(), "yyyy-MM-dd HH:mm:ss"));
}
if (StringUtils.isNotBlank(tWarrantInfo.getPreAuthCode())) {
tWarrantInfo.setCodeCreateTime(DateUtil.formatDate(new Date(), "yyyy-MM-dd HH:mm:ss"));
}
int i = tWarrantInfoService.updateByPrimaryKeySelective(tWarrantInfo);
if (i > 0) {
LOGGER.info("WeChat third-party platform------------data save success");
} else {
LOGGER.info("WeChat third-party platform------------data save failure");
}
}
/**
* @Description: 获取"component_access_token"
* @Author: Mr.Jkx
* @Date: 2019/4/9 9:45
*/
public String getComponentAccessToken(String componentVerifyTicket) throws IOException {
/**拼装待发送的Json*/
JSONObject json = new JSONObject();
json.accumulate("component_appid", APPID);
json.accumulate("component_appsecret", SECRET);
json.accumulate("component_verify_ticket", componentVerifyTicket);
LOGGER.info("第三方授权:获取component_access_token:getComponentAccessToken:请求参数json={}", json);
/**发送Https请求到微信*/
JSONObject retJSONObject = WinxinUtil.doPostStr(COMPONENT_TOKEN_URL, json.toString());
String component_access_token = retJSONObject.getString("component_access_token");
LOGGER.info("第三方授权:获取component_access_token回执数据:getComponentAccessToken:component_access_token={}", component_access_token);
return component_access_token;
}
获取预授权码“pre_auth_code”
第三方平台通过自己的接口调用凭据(component_access_token)来获取用于授权流程准备的预授权码(pre_auth_code)
/**
* @Description: 获取预授权码“pre_auth_code”
* 有效期10分钟
* @Author: Mr.Jkx
* @Date: 2019/4/19 16:57
* SpringBoot定时任务,每隔9分钟获取一次,并保存到数据库
*/
@Scheduled(fixedRate = 540000)
public void getpreAuthCode() {
System.out.println("---------------get pre_auth_code-------------");
WarrantController warrantController = new WarrantController();
try {
// 从数据库获取“component_access_token”令牌
TWarrantInfo tWarrantInfo = tWarrantInfoService.selectByPrimaryKey("053882ef3bed46c795bbd7da470e79cf");
String component_access_token = tWarrantInfo.getComponentAccessToken();
// 根据“component_access_token”获取“pre_auth_code”
String preAuthCodeData = getPreAuthCodeData(component_access_token);
// 数据库保存预授权码“pre_auth_code”
TWarrantInfo tWarrantInfoData = new TWarrantInfo();
tWarrantInfoData.setPreAuthCode(preAuthCodeData);
editWarrantInfo(tWarrantInfoData);
} catch (IOException e) {
e.printStackTrace();
}
}
/**
* @Description: 获取"pre_auth_code"(预授权码)
* @Author: Mr.Jkx
* @Date: 2019/4/9 10:21
*/
public String getPreAuthCodeData(String component_access_token) throws IOException {
JSONObject json = new JSONObject();
json.accumulate("component_appid", APPID);
json.accumulate("component_access_token", component_access_token);
String url = PRE_AUTH_CODE.replace("componentAccessToken", component_access_token);
/**发送Https请求到微信*/
JSONObject retStr = WinxinUtil.doPostStr(url, json.toString());
LOGGER.info("第三方授权:ThirdPartyServiceImpl:getPreAuthCode:retStr={}", retStr);
JSONObject retJSONObject = JSONObject.fromObject(retStr);
/**在返回结果中获取pre_auth_code*/
String pre_auth_code = retJSONObject.getString("pre_auth_code");
LOGGER.info("==========第三方授权:获取pre_auth_code:{}", pre_auth_code);
return pre_auth_code;
}
使用授权码换取公众号或小程序的接口调用凭据和授权信息
通过授权码和自己的接口调用凭据(component_access_token),换取公众号或小程序的接口调用凭据(authorizer_access_token和用于前者快过期时用来刷新它的authorizer_refresh_token)和授权信息(授权了哪些权限等信息)
/**
* @Description: 刷新令牌“authorizer_refresh_token”
* 有效期2小时
* @Author: Mr.Jkx
* @Date: 2019/4/19 16:57
*/
@Scheduled(fixedRate = 6600000)
public void refreshAuthorizerRefreshToken() {
System.out.println("---------------get authorizer_refresh_token-------------");
WarrantController warrantController = new WarrantController();
try {
// 授权方appid{},接口调用凭据刷新令牌查询
List<TWarrantMerchant> tWarrantMerchantList = TWarrantMerchantService.selTWarrantMerchant();
// 从数据库获取“component_access_token”令牌
TWarrantInfo tWarrantInfo = tWarrantInfoService.selectByPrimaryKey("053882ef3bed46c795bbd7da470e79cf");
String component_access_token = tWarrantInfo.getComponentAccessToken();
List<TWarrantMerchant> tWarrantMerchants = refreshAuthorizerRefreshToken(tWarrantMerchantList, component_access_token);
if (tWarrantMerchants.size() > 0) {
for (TWarrantMerchant tWarrantMerchant : tWarrantMerchants) {
long currentTime = new Date().getTime() + 120 * 60 * 1000;
Date date = new Date(currentTime);
tWarrantMerchant.setDeadline(date);
TWarrantMerchantService.updTWarrantMerchant(tWarrantMerchant);
}
} else {
System.out.println("---------------No authorizer_refresh_token needs to updated-------------");
}
} catch (IOException e) {
e.printStackTrace();
}
}
/**
* @Description: 刷新令牌“authorizer_refresh_token”
* @Author: Mr.Jkx
* @Date: 2019/5/6 17:58
*/
public List<TWarrantMerchant> refreshAuthorizerRefreshToken(List<TWarrantMerchant> tWarrantMerchants, String component_access_token) throws IOException {
List<TWarrantMerchant> tWarrantMerchantList = new ArrayList<>();
// 查找需要刷新令牌的数据
for (TWarrantMerchant tWarrantMerchant : tWarrantMerchants) {
// Date deadline = tWarrantMerchant.getDeadline();
// if (deadline.getTime() - new Date().getTime() < 600000) {
tWarrantMerchantList.add(tWarrantMerchant);
// }
}
// 重新获取令牌
List<TWarrantMerchant> authorizerRefreshToken = getAuthorizerRefreshToken(tWarrantMerchantList, component_access_token);
return authorizerRefreshToken;
}
/**
* @Description: 重新获取令牌
* @Author: Mr.Jkx
* @Date: 2019/5/6 18:39
*/
private List<TWarrantMerchant> getAuthorizerRefreshToken(List<TWarrantMerchant> tWarrantMerchantList, String component_access_token) throws IOException {
List<TWarrantMerchant> tWarrantMerchants = new ArrayList<>();
for (TWarrantMerchant tWarrantMerchant : tWarrantMerchantList) {
JSONObject json = new JSONObject();
json.accumulate("component_appid", APPID);
json.accumulate("authorizer_appid", tWarrantMerchant.getAuthorizationAppid());
json.accumulate("authorizer_refresh_token", tWarrantMerchant.getAuthorizerRefreshToken());
/**发送Https请求到微信*/
String url = AUTHORIZER_REFRESH_TOKEN.replace("componentAccessToken", component_access_token);
JSONObject retStr = WinxinUtil.doPostStr(url, json.toString());
LOGGER.info("==========第三方授权: 令牌刷新{}", retStr);
JSONObject retJSONObject = JSONObject.fromObject(retStr);
/**在返回结果中获取pre_auth_code*/
LOGGER.info("==========第三方授权:令牌刷新:{}", retJSONObject);
String authorizer_refresh_token = retJSONObject.getString("authorizer_refresh_token");// 接口调用凭据刷新令牌
String authorizer_access_token = retJSONObject.getString("authorizer_access_token");// 小程序授权令牌
LOGGER.info("==========第三方授权:获取到的新令牌:{}", retJSONObject);
// 授权商户信息保存
TWarrantMerchant updTWarrantMerchant = new TWarrantMerchant();
updTWarrantMerchant.setId(tWarrantMerchant.getId());
// 接口调用凭据刷新令牌
updTWarrantMerchant.setAuthorizerRefreshToken(authorizer_refresh_token);
updTWarrantMerchant.setAuthorizerAccessToken(authorizer_access_token);
tWarrantMerchants.add(updTWarrantMerchant);
}
return tWarrantMerchants;
}
触发授权页面
准备好授权所需的必要信息,请求授权页面,扫码授权。
页面js实现
// 页面授权完成跳转页面“https://www.xxxxx.com/xxx/pages/set1.html”
$(function(){
$("#bingLink").click(function(){
// 请求获取必要信息
postCreaterHttp('/warrantPhone/warrantMessage',{},function(res){
if("200" == res.errorCode){
var url='https://mp.weixin.qq.com/cgi-bin/componentloginpage?component_appid='+res.message.componentAppid+'&pre_auth_code='+res.message.preAuthCode+'&redirect_uri=https://www.xxxxx.com/xxx/pages/set1.html';
window.open(url);// 请求授权页面
}else if("300" == res.errorCode){
layui.use('layer', function() {
var layer = layui.layer;
layer.msg("账号已经绑定【" + res.appletsName + "】");
})
}
})
})
})
后台接口实现
@RequestMapping("warrantPhone")
@Controller
public class WarrantPhoneController {
// 第三方appid
private static final String COMPONENT_APPID = "wx9681884b28ed7927";
//回调地址,此处没有用到
private static final String REDIRECT_URI = "https://www.xinxingshangstar.com/warrant/warrantBack";
@Autowired
TWarrantInfoMapper tWarrantInfoMapper;
@Autowired
TWarrantMerchantMapper tWarrantMerchantMapper;
/**
* @Description: 查询为授权准备的信息
* @Author: Mr.Jkx
* @UpdateDate: 2019/5/10 15:44
*/
@RequestMapping("/warrantMessage")
@ResponseBody
public Map<String, Object> getWarrantMessageByPhone(TWarrantMerchant tWarrantMerchant){
Map<String, Object> resMap = new HashMap<>();
// 根据授权方APPID查询此商户是否授权
TWarrantMerchant tWarrantMerchantData = tWarrantMerchantMapper.selWarrantMerchant(tWarrantMerchant);
if(null == tWarrantMerchantData){
// 数据库查询授权信息
TWarrantInfo warrantMessageByPhone = tWarrantInfoMapper.selectByPrimaryKey("053882ef3bed46c795bbd7da470e79cf");
warrantMessageByPhone.setComponentAppid(COMPONENT_APPID);
warrantMessageByPhone.setRedirectUri(REDIRECT_URI);
resMap.put("errorCode", "200");
resMap.put("message", warrantMessageByPhone);
resMap.put("appletsName", "");
}else{
resMap.put("errorCode", "300");
resMap.put("message", JsonUtil.toJsonString(new TWarrantInfo()));
resMap.put("appletsName", tWarrantMerchantData.getNickName());
}
return resMap;
}
}
授权完成根据“authCode”(授权码)请求获取授权信息
请求获取授权信息,及授权小程序信息;
本项目,前端js实现
$(function () {
var src = window.location.href;
var num = 5
if (src.indexOf("?auth_code=") > -1) {
src = src.split("?auth_code=")[1]
}
if (src.indexOf("&expires_in=") > -1) {
src = src.split("&expires_in=")[0]
}
// 用授权码,请求获取授权信息
postCreaterHttp('/merchant/addMerchantWarrantInfo', {authCode: src}, function (res) {
if (res.errorCode == '200') {
$("#wait").html("配置成功!")
} else if (res.errorCode == '100') {
$("#wait").html("账号已经授权!")
} else {
$("#wait").html("配置失败!请重新授权")
}
$(".icon-success,.link").show();
setInterval(function () {
num = num - 1
$(".link span").html(num)
if (num < 1) {
window.location.href = "https://www.xxx.com/xxx/pages/index.html"
}
}, 1000)
})
})
后端实现
package com.litte.controller.warrantmerchant;
import com.litte.controller.warrant.WarrantController;
import com.litte.entity.reception.TWarrantInfo;
import com.litte.entity.reception.TWarrantMerchant;
import com.litte.service.jurisdiction.UserService;
import com.litte.service.warrantinfo.TWarrantInfoService;
import com.litte.service.warrantmerchant.TWarrantMerchantService;
import com.litte.util.WinxinUtil;
import net.sf.json.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import java.io.IOException;
import java.util.Map;
/**
* @Description: 授权商户信息相关
* @Author: Mr.Jkx
* @UpdateDate: 2019/5/10 15:44
*/
@Controller
@RequestMapping("/merchant")
public class TWarrantMerchantController {
private static final Logger LOGGER = LoggerFactory.getLogger(WarrantController.class);
//公众号第三方平台的appid
private static final String APPID = "APPID ";
// 授权码获取授权公众号小程序信息
private static final String API_QUERY_AUTH = "https://api.weixin.qq.com/cgi-bin/component/api_query_auth?component_access_token=componentAccessToken";
// 获取授权商户信息
private static final String API_GET_AUTHORIZER_INFO = "https://api.weixin.qq.com/cgi-bin/component/api_get_authorizer_info?component_access_token=componentAccessToken";
@Autowired
TWarrantMerchantService TWarrantMerchantService;
@Autowired
TWarrantInfoService tWarrantInfoService;
@Autowired
UserService userService;
@RequestMapping("/addMerchantWarrantInfo")
@ResponseBody
public Map<String, String> addMerchantWarrantInfo(TWarrantMerchant tWarrantMerchant) throws IOException {
int i = 0;
String auth_code = tWarrantMerchant.getAuthCode(); // 授权码
LOGGER.info("==========第三方授权:扫码授权页面回调,授权码:{}", auth_code);
// 从数据库获取“component_access_token”令牌
TWarrantInfo tWarrantInfo = tWarrantInfoService.selectByPrimaryKey("053882ef3bed46c795bbd7da470e79cf");
String component_access_token = tWarrantInfo.getComponentAccessToken();
JSONObject json = new JSONObject();
json.accumulate("component_appid", APPID);
json.accumulate("authorization_code", auth_code);
/**发送Https请求到微信*/
String url = API_QUERY_AUTH.replace("componentAccessToken", component_access_token);
JSONObject retStr = WinxinUtil.doPostStr(url, json.toString());
LOGGER.info("==========第三方授权: 授权码获取授权公众号小程序{}", retStr);
JSONObject retJSONObject = JSONObject.fromObject(retStr);
/**在返回结果中获取pre_auth_code*/
LOGGER.info("==========第三方授权:获取授权者信息:{}", retJSONObject);
String authorization_info = retJSONObject.getString("authorization_info");// 授权方信息载体authorization_info
JSONObject jsonObject = JSONObject.fromObject(authorization_info);
String authorizer_appid = jsonObject.getString("authorizer_appid");// 授权方appid
String authorizerAccessToken = jsonObject.getString("authorizer_access_token");// 授权方令牌(配置小程序服务器域名会用到,随着令牌刷新,此字段也会刷新)
// 获取授权商户信息
Map<String, String> resMap = getTWarrantMerchantInfo(authorizer_appid, tWarrantMerchant.getCreater(), authorizerAccessToken);
if(StringUtils.equals("200", resMap.get("errorCode"))){
// 修改授权状态
i = userService.updateWarrantType(tWarrantMerchant.getCreater());
if(i > 0){
resMap.put("errorCode", "200");
}else{
resMap.put("errorCode", "400");
}
}
return resMap;
}
/**
* @Description: 获取授权商户信息
* @Author: Mr.Jkx
* @Date: 2019/5/6 18:57
*/
private Map<String, String> getTWarrantMerchantInfo(String authorizer_appid, String creater, String authorizerAccessToken) throws IOException {
// 从数据库获取“component_access_token”令牌
TWarrantInfo tWarrantInfo = tWarrantInfoService.selectByPrimaryKey("053882ef3bed46c795bbd7da470e79cf");
String component_access_token = tWarrantInfo.getComponentAccessToken();
JSONObject json = new JSONObject();
json.accumulate("component_appid", APPID);
json.accumulate("authorizer_appid", authorizer_appid);
/**发送Https请求到微信*/
String url = API_GET_AUTHORIZER_INFO.replace("componentAccessToken", component_access_token);
JSONObject retStr = WinxinUtil.doPostStr(url, json.toString());
LOGGER.info("==========第三方授权: 获取授权商户信息{}", retStr);
JSONObject retJSONObject = JSONObject.fromObject(retStr);
/**在返回结果中获取pre_auth_code*/
LOGGER.info("==========第三方授权:获取授权商户信息:{}", retJSONObject);
//授权商户信息保存数据库
Map<String, String> resMap = insertTWarrantMerchantInfo(retJSONObject, creater, authorizerAccessToken);
return resMap;
}
/**
* @Description: 授权商户信息保存数据库
* @Author: Mr.Jkx
* @Date: 2019/5/6 19:00
*/
private Map<String, String> insertTWarrantMerchantInfo(JSONObject retJSONObject, String creater, String authorizerAccessToken) {
Map<String, String> resMap = TWarrantMerchantService.insertTWarrantMerchant(retJSONObject, creater, authorizerAccessToken);
return resMap;
}
}
/**
* @Description: 授权商户信息保存数据库
* @Author: Mr.Jkx
* @Date: 2019/5/6 19:00
*/
@Override
public Map<String, String> insertTWarrantMerchant(JSONObject retJSONObject, String creater, String authorizerAccessToken) {
Map<String, String> resMap = new HashMap<>();
int i= 0;
TWarrantMerchant tWarrantMerchant = new TWarrantMerchant();
// 有效期
long currentTime = new Date().getTime() + 120 * 60 * 1000;
Date date = new Date(currentTime);
String authorizerInfo = retJSONObject.getString("authorizer_info");// 授权方公众号小程序具体信息载体authorization_info
JSONObject jsonObject = JSONObject.fromObject(authorizerInfo);
String authorizationInfo = retJSONObject.getString("authorization_info");// 授权方公众号小程序授权信息载体authorization_info
JSONObject jsonObject1 = JSONObject.fromObject(authorizationInfo);
String serviceTypeInfo = jsonObject.getString("service_type_info");
JSONObject jsonObject2 = JSONObject.fromObject(serviceTypeInfo);
String verifyTypeInfo = jsonObject.getString("verify_type_info"); // 授权方认证类型,-1代表未认证,0代表微信认证
JSONObject jsonObject3 = JSONObject.fromObject(verifyTypeInfo);
// 授权方APPID
String authorizerAppid = jsonObject1.getString("authorizer_appid");
tWarrantMerchant.setId(UUIDUtil.getUUID());
tWarrantMerchant.setAuthorizationAppid(authorizerAppid);
tWarrantMerchant.setAuthorizerRefreshToken(jsonObject1.getString("authorizer_refresh_token"));
tWarrantMerchant.setNickName(jsonObject.getString("nick_name"));
tWarrantMerchant.setHeadImg(jsonObject.getString("head_img"));
tWarrantMerchant.setServiceTypeInfo(jsonObject2.getString("id"));
tWarrantMerchant.setVerifyTypeInfo(jsonObject3.getString("id"));
tWarrantMerchant.setUserName(jsonObject.getString("user_name"));
tWarrantMerchant.setPrincipalName(jsonObject.getString("principal_name"));
tWarrantMerchant.setAlias(jsonObject.getString("alias"));
// tWarrantMerchant.setBusinessInfo(jsonObject.getString("business_info"));
tWarrantMerchant.setQrcodeUrl(jsonObject.getString("qrcode_url"));
// tWarrantMerchant.setAuthorizationInfo(jsonObject.getString("authorization_info"));
// tWarrantMerchant.setFuncInfo(jsonObject.getString("func_info"));
// tWarrantMerchant.setMiniprograminfo(jsonObject.getString("miniprograminfo"));
tWarrantMerchant.setCreateTime(DateUtil.formatDate(new Date(),"yyyy-MM-dd HH:mm:ss"));
tWarrantMerchant.setDeadline(date);
tWarrantMerchant.setCreater(creater);
tWarrantMerchant.setAuthorizerAccessToken(authorizerAccessToken);
// 根据授权方APPID查询此商户是否授权
// TWarrantMerchant tWarrantMerchant1 = new TWarrantMerchant();
// tWarrantMerchant1.setCreater(creater);
// TWarrantMerchant tWarrantMerchantData1 = tWarrantMerchantMapper.selWarrantMerchant(tWarrantMerchant1);
// if(null != tWarrantMerchantData1 && StringUtils.equals("1", tWarrantMerchantData1.getWarrantType())){
// resMap.put("errorCode", "100");
// return resMap;
// }else{
TWarrantMerchant tWarrantMerchant2 = new TWarrantMerchant();
tWarrantMerchant2.setAuthorizationAppid(authorizerAppid);
TWarrantMerchant tWarrantMerchantData2 = tWarrantMerchantMapper.selWarrantMerchant(tWarrantMerchant2);
if(null != tWarrantMerchantData2){
tWarrantMerchant.setId(tWarrantMerchantData2.getId());
i = tWarrantMerchantMapper.updateByPrimaryKeySelective(tWarrantMerchant);
}else{
i = tWarrantMerchantMapper.insertSelective(tWarrantMerchant);
}
if(i>0){
resMap.put("errorCode", "200");
LOGGER.info("=======第三方授权:授权商户信息入库完毕!!!");
return resMap;
}else{
resMap.put("errorCode", "300");
LOGGER.info("=======第三方授权:授权商户信息入库失败!!!");
return resMap;
}
// }
}
