1. Determine whether the Mini Program is to develop internal enterprise applications or third-party applications.
If you are developing internal enterprise applications, that is, self-built applications, you can use the wx.qy.getMobile API to obtain the mobile phone number. Prerequisites for calling wx.qy.getMobile : 1. You must call wx.qy.login first, and the session_key has not expired , the developer can call checkSession to check the current login status ( wx.qy.login needs to be called first to obtain the seesion_key ) 2. The user is required to be within the visible range of the application, and each call requires the user to agree to confirm (the authorization pop-up window will pop up ) 3. What is obtained is the mobile phone number of the current company member in the corporate address book. 4. Only self-built applications can be called , and applications developed on behalf of the administrator need to check and authorize the mobile phone number, and third-party applications cannot be called
Enterprise WeChat interface address : wx.qy.getMobile - Documentation- Enterprise WeChat Developer Center (qq.com)
The data obtained through wx.qy . getMobile will be encrypted, as follows:
Let me talk about the decryption methods I know (the decryption of WeChat applets and corporate WeChat applets is equally available):
1. Download cryptojs decryption file === Download URL: https://github.com/gwjjeff/cryptojs/archive/master.zip
I am here to download and put it in the root directory utils
2. Name the RdWXBizDataCrypt.js file under the utils folder and write the following content
RdWXBizDataCrypt.js file content (can be copied directly):
var Crypto = require('./cryptojs/cryptojs.js').Crypto;
var app = getApp();
function RdWXBizDataCrypt(appId, sessionKey) {
this.appId = appId
this.sessionKey = sessionKey
}
RdWXBizDataCrypt.prototype.decryptData = function(encryptedData, iv) {
// base64 decode :使用 CryptoJS 中 Crypto.util.base64ToBytes()进行 base64解码
var encryptedData = Crypto.util.base64ToBytes(encryptedData)
// console.log(sessionKey)
var key = Crypto.util.base64ToBytes(this.sessionKey);
var iv = Crypto.util.base64ToBytes(iv);
// console.log(encryptedData,key,iv)
// 对称解密使用的算法为 AES-128-CBC,数据采用PKCS#7填充
var mode = new Crypto.mode.CBC(Crypto.pad.pkcs7);
try {
// 解密
var bytes = Crypto.AES.decrypt(encryptedData, key, {
asBpytes: true,
iv: iv,
mode: mode
});
var decryptResult = JSON.parse(bytes);
} catch (err) {
console.log(err)
}
if (decryptResult.watermark.appid !== this.appId) {
console.log(err)
}
return decryptResult
}
module.exports = RdWXBizDataCrypt
Reference the file where it needs to be decrypted
(note the path) const RdWXBizDataCrypt = require('../../utils/RdWXBizDataCrypt.js');
3. To decode the file use:
//解密获取手机号
getphonenumber(e,seesion_key) {;
let phone = e.encryptedData;
let iv = e.iv;
const RdWXBizDataCrypt = require('../../utils/RdWXBizDataCrypt.js');
var appId = '';//当前小程序appId
let key = seesion_key;
const pc = new RdWXBizDataCrypt(appId, key);
const data = pc.decryptData(phone, iv);
console.log('解密后的data',data)
},Where e is the encrypted content obtained by wx.qy.getMobile
session_key is the session_key returned by the backend interface, and the backend will get it when calling wx.qy.login
To summarize the overall process:
1. Use wx.qy.login to log in to the interface first, and then get the session_key given by the backend
2. Call wx.qy.getMobile to get encrypted data
3. Download the cryptojs decryption file, create the RdWXBizDataCrypt.js file, and decrypt it
My own actual project uses the complete code:
login(){
const _this = this
return Dialog.confirm({
title: '授权',
message: '我们需要您授权手机号来确定您用户的身份',
beforeClose: (action) => new Promise((resolve) => {
if (action === 'confirm') {
wx.qy.login({
success: function (res) {
console.log(res)
resolve(true);
login({ //后端接口
code: res.code
}).then(res => {
if (res.code == 0) {
let session_key=res.data.sessionKey
wx.qy.getMobile({
success: function (res) {
let phone = res.encryptedData;
let iv =res.iv;
const RdWXBizDataCrypt =require('../../utils/RdWXBizDataCrypt.js');
var appId = '';//当前小程序appId
let key = session_key;
const pc = new RdWXBizDataCrypt(appId, key);
const data = pc.decryptData(phone, iv);
console.log(data); //解码后内容
}
})
}
})
},
})
} else {
// 拦截取消操作
resolve(true);
}
})
})
},2. If you are developing a third-party application , you need to construct a webpage authorization link
Construct third-party application oauth2 link Construct web page authorization link- Documentation- Enterprise WeChat Developer Center (qq.com)
Tell me how to configure this link:
appid is the company's CorpID company id as follows:
where redirect_uri is in
agents:
官方示例==>https://open.weixin.qq.com/connect/oauth2/authorize?
appid=CORPID&redirect_uri=REDIRECT_URI&response_type=code&scope=snsapi_base&state=STATE&agentid=AGENTID#wechat_redirect
Note that the uppercase words are the places you want to replace
-
CORPID: the CorpID of the enterprise, select My Enterprise in the top navigation of the management background, and then you can find the enterprise ID
-
redirect_uri: The URL of the callback link for authorized redirection. Use urlencode to process the link. For example: https://py.work/workbar, after urlencode processing, it will be http%3A%2F%2Fpy.work%2Fworkbar
-
online encoding address urlencode
-
scope: application authorization scope. snsapi_base: silent authorization, which can obtain the basic information of members (UserId and DeviceId); snsapi_privateinfo: manual authorization, which can obtain detailed information of members, including sensitive information such as avatars and QR codes.
-
AGENTID: application agentid, you can see it by clicking on the created application on the application management page, and it is required for snsapi_privateinfo.
-
STATE: The state parameter will be included after redirection, and the enterprise can fill in the parameter value of a-zA-Z0-9, and the length cannot exceed 128
bytes6
Complete link example (write the address casually):
https://open.weixin.qq.com/connect/oauth2/authorize?
appid=wwa66633643532&redirect_uri=http%3A%2F%2Fpy.work%2Fworkbarresponse_type=code
&scope=snsapi_privateinfo&state=123456&agentid=100222222#wechat_redirect
After the configuration is complete, go to the page to request the server, and jump directly to this authorization link. This request will contain a code for identity authentication. Get the code to request httphttps://qyapi.weixin.qq.com/cgi -bin/service/auth/getuserinfo3rd?
Specific: Obtain access user identity- Documentation- Enterprise WeChat Developer Center (qq.com)