Java WeChat PC scan code authorization login

1. Introduction

There are many WeChat project developments now. I hope that when logging in, we will automatically log in using WeChat. This article will introduce them.

2. WeChat official website-WeChat website authorization

Lead the user to enter the authorization page to agree to the authorization and obtain the code
Exchange code for webpage authorization access_token (different from access_token in basic support)
If necessary, the developer can refresh the webpage to authorize the access_token to avoid expiration
Obtain basic user information through web page authorization access_token and openid (support UnionID mechanism)

Three, development ideas

Get code
Get webpage authorization access_token through code
Pull user information

Four, configuration parameter packaging

Encapsulate all Api and WeChat login parameters (the parameters that need to be prepared below) into configuration classes for easy use,

wxopen.appid=wxa3915224f507b2
wxopen.appsecret=82380d12143533d86b0b775123b9
wxopen.redirect_url=http://xxxxx.cn/api/v1/wechat/user/callback

The first step: the user agrees to authorize and obtain the code

https://open.weixin.qq.com/connect/qrconnect?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope=SCOPE&state=STATE#wechat_redirect

parameter	Do you have to	Description
appid	Yes	Application unique identification, obtained after review
redirect_uri	Yes	Callback address. After the user scans the code, WeChat will pass the code as a parameter to this address (note that the callback address needs to be processed by urlEncode)
response_type	Yes	Fill in code
scope	Yes	Application authorization scope, with multiple scopes separated by commas (,), web applications currently only fill in snsapi_login
state	no	Used to maintain the status of the request and callback, and bring it back to the third party as it is after the authorization request. This parameter can be used to prevent csrf attacks (cross-site request forgery attacks). It is recommended that third parties bring this parameter, which can be set to a simple random number plus session for verification

After the user scans the QR code to access the assembled QR code link and authorizes it, the WeChat platform will call back the callback address we set above and will carry the codetemporary credentials, and then we will use the code to get the access_token

/**
 * 拼装微信扫一扫登录Url
 * @return
 */
@GetMapping("/login_url")
public JsonData loginUrl(
@RequestParam(value = "access_page", required = true) String accessPage) throws UnsupportedEncodingException {
        String redirectUrl = weChatConfig.getOpenRedirectUrl(); //获取开放平台重定向地址
        String callbackUrl = URLEncoder.encode(redirectUrl, "GBK"); //进行编码
        String qrcodeUrl = String.format(weChatConfig.getOpenQrCodeUrl(), weChatConfig.getOpenAppid(), callbackUrl, accessPage);
        return JsonData.buildSuccess(qrcodeUrl);
}

Step 2: Exchange code for access_token

In the first step, after the user scan code authorization is completed, WeChat will call back the callback address ( redirect_uri ) we set and will carry the code value, we can do things after we get the code

https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code

parameter	Do you have to	Description
appid	Yes	The unique identification of the application, which is obtained after the application is reviewed and approved on the WeChat open platform
secret	Yes	App Secret AppSecret, obtained after submitting the application for approval on the WeChat open platform
code	Yes	Fill in the code parameters obtained in the first step
grant_type	Yes	填authorization_code

Step 3: Obtain user information

https://api.weixin.qq.com/sns/userinfo?access_token=ACCESS_TOKEN&openid=OPENID

parameter	Do you have to	Description
access_token	Yes	Call credentials
openid	Yes	The ID of an ordinary user, unique to the current developer account
lang	no	Country and region language version, zh_CN simplified, zh_TW traditional, en English, the default is zh-CN