微信小程序实现授权用户绑定的手机号 后台java解密

具体思路为：小程序前端点击按钮，弹出授权手机号窗口，用户允许后，js得到加密数据，加密向量，session_key，将这些信息传递到java后台解密，最终拿到电话号码。（直接通过js是获取不到的）

wxml按钮的代码为：

<button open-type="getPhoneNumber" bindgetphonenumber="getPhoneNumber">获取手机号码</button>

核心为open-type="getPhoneNumber"。

js代码：

getPhoneNumber:function(e){console.log(e.detail);//你可以输出看一下e.detail的内容if (e.detail.errMsg =="getPhoneNumber:ok"){//同意授权手机号//请求后台解密wx.request({url: app.globalData.host + '/xx/xxxx',data: {encryptedData: e.detail.encryptedData,//加密数据iv: e.detail.iv,//向量session_key: wx.getStorageSync("session_key")//秘钥，在登录的时候可以得到，可以参考本人的博客，微信小程序实现登录},method: 'POST',header: {'content-type': 'application/x-www-form-urlencoded'},success: function (res) {console.log("获取电话号码成功" + res.data);}})}},

java后台解密代码:

import org.springframework.web.bind.annotation.PostMapping;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.ResponseBody;import org.apache.ibatis.annotations.Param;import javax.servlet.http.HttpServletRequest;import .apache.xerces.internal.impl.dv.util.Base64;import java.util.Arrays;import javax.crypto.Cipher;import javax.crypto.spec.IvParameterSpec;import javax.crypto.spec.SecretKeySpec;import java.security.AlgorithmParameters;import java.security.Security;import org.bouncycastle.jce.provider.BouncyCastleProvider;import com.alibaba.fastjson.JSONObject;/**所需的maven依赖包<!-- 阿里JSON解析器 --><dependency><groupId>com.alibaba</groupId><artifactId>fastjson</artifactId><version>${fastjson.version}</version></dependency><!-- bouncycastle--><dependency><groupId>org.bouncycastle</groupId><artifactId>bcprov-jdk15on</artifactId><version>1.54</version></dependency>**//*******************************小程序********************************/@PostMapping("/xx/xxxx")@ResponseBodypublic String mini_getPhone(HttpServletRequest request,@Param("encryptedData")String encryptedData,@Param("iv")String iv,@Param("session_key")String session_key){//JSONObject obj=getPhoneNumber(session_key,encryptedData,iv);//解密电话号码//System.out.println(obj);String sphone=obj.get("phoneNumber").toString();return sphone;}//解析电话号码public JSONObject getPhoneNumber(String session_key, String encryptedData, String iv) {byte[] dataByte = Base64.decode(encryptedData);byte[] keyByte = Base64.decode(session_key);byte[] ivByte = Base64.decode(iv);try {int base = 16;if (keyByte.length % base != 0) {int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);byte[] temp = new byte[groups * base];Arrays.fill(temp, (byte) 0);System.arraycopy(keyByte, 0, temp, 0, keyByte.length);keyByte = temp;}// 初始化Security.addProvider(new BouncyCastleProvider());Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");parameters.init(new IvParameterSpec(ivByte));cipher.init(Cipher.DECRYPT_MODE, spec, parameters);byte[] resultByte = cipher.doFinal(dataByte);if (null != resultByte && resultByte.length > 0) {String result = new String(resultByte, "UTF-8");return JSONObject.parseObject(result);}} catch (Exception e) {e.printStackTrace();}return null;}

原创不易，转载请注明出处，谢谢！