WeChat Open Platform Development (1)

use background

Our customers have an official account, and each official account has a corresponding user, but our business is to associate the same users under these different official accounts. Therefore, we chose to open the WeChat platform. To be precise, it is the third-party platform (the name of the application is called "third-party platform") function in the WeChat open platform, which can be authorized to multiple public accounts (I don't know if there is an upper limit for the time being, and there is no one who sent an email to ask the official account. back), so as to obtain the unionid to keep the user unified.

find information

I have to say that the information on the WeChat open platform is very unsystematic. As soon as I got started, I only had a feeling of "what is this?", and the development process or steps were not clear. Fortunately, there is an Internet environment. I mostly refer to this csdn blog when implementing some functions of the open platform. I must thank you here. I feel sad that there is no entry for submitting a work order in the WeChat open platform. If there is a problem, I can only find it online, and call Tencent customer service. Hey.

Register an account

To use the official account authorization function, you need to create a "third-party platform" application. The overall process is divided into four steps

Register an account
Developer qualification certification (company information required)
Create apps (such as third-party platforms)
audit

The first two steps (account registration and developer qualification certification) need to be completed by your leader. It is important to note that individuals cannot complete the developer qualification certification because they need to fill in the enterprise information.

Create a third-party platform

After creating a third-party platform, you can develop it. There are four steps to create (the fourth step is review). The screenshots are relatively large. The article will give screenshots of the three steps at the end.

Enter basic information [platform name, business label, platform introduction, official website, platform icon]
Select permission [public account permission or applet permission]
Fill in the development information [Configure development information: domain name of authorized launch page, list of authorized test official accounts, authorized event reception, message Token, message encryption and decryption Key, message and event receiving URL, official account development domain name, verification file, whitelist IP address List]
Moderated

The most important of these is the third step, which will be gradually explained below:

Authorize the origination page domain name, and want users to display a QR code when they click the WeChat authorization button for users to scan. The domain name of the page where this button is located is the domain name of the authorized originating page.
Authorization test public account list. Before the third-party platform publishes the whole network, only the public account in the list can be authorized. Fill in the blank here is the original ID of the public account (can be opened in WeChat public -> Settings -> Official account settings -> registration information under the page see).
Authorization event receiving URL, this URL has two functions: 1. Authorization success notification, authorization cancellation notification, authorization update notification; 2. Receive component_verify_ticket, which will be explained later.
Message verification Token, used to verify and encrypt and decrypt messages sent by WeChat.
Message encryption and decryption Key, same as above, but the length must be 43 bits.
The URL for receiving messages and events, and the interaction between WeChat users and the official account (such as sending a piece of text or a picture) will be sent to this URL. It should be noted that WeChat’s entire network release also sends requests to this URL.
The domain name developed by the official account, the domain name used by the third-party platform to authorize the website on behalf of the official account, call the JSSDK and other webpage development work, pay attention to downloading the verification file, and can access it through "domain name/verification file name". (Unfortunately, I use peanut shells to configure the verification file here, which can be accessed in the browser address bar, but WeChat will not allow it to pass).
In the whitelist, try to add as many public network IPs at home, company public network IPs, and test servers as possible (such as Alibaba Cloud IPs).

In the next article, we will talk about coding, and then we will explain some nouns:

Third-party application: refers to one of the applications we create under the WeChat open platform, which can create mobile applications, website applications, official accounts, mini programs, and third-party platforms in total.
appID/appSecret: The parameters corresponding to the application. AppSecret can only be viewed after the application is successfully audited.
component_verify_ticket: This parameter is sent by WeChat to the authorization event receiving URL every 10 minutes (the application needs to be successfully reviewed).
component_access_token: called the token, it is the invocation credentials for the interface of the third-party platform. This parameter is jointly obtained by appID, appSecret, and component_verify_ticket. It should be noted that the expiration time of component_access_token is 7200s (that is, 2 hours). It needs to be refreshed when it is about to expire. The expiration time of access_token under WeChat official account is also 7200s, but the number of access_token is limited to 2000 times/ God, the open platform should be similar, but there is no direct description in the document ^_^|||.
pre_auth_code: called the pre-authorization code, which is used for third-party platform-side security verification when the official account or applet is authorized. Simply put, when you want to authorize an official account, you have to obtain a new pre-authorization code.

Let’s start with these terms and add them later.

Some people may realize how uncomfortable it is to not be able to debug locally. Indeed, at the beginning, I changed the code once and put it in Alibaba Cloud once, and then tried to use the peanut shell domain name. In fact, the function of "authorization event receiving URL" can be completed, and only the "authorization origination page domain name" needs to be changed during development. , "Authorization Event Receiving URL", "Message and Event Receiving URL" can be changed to the domain name mapped by peanut shells, yes, don't care about the "Official account development domain name", I changed these three items and found that the local Debugging the interface, I am very excited.

Finally, it should be noted that this system blog is only to list the pits in the development process of the third-party platform in the WeChat open platform, and to give a guide to the latecomers. The official documents of the WeChat open platform still need to be read several times. Although it is a bit messy, it is still necessary to read.

That's it, the next part is about coding implementation.

Screenshot of steps

A screenshot of the steps to create a third-party application is attached as follows: Step 1:

step one

Step 2:

Step 2

Step 3:

Step 3