微信公众号网页OAuth2.0授权登录并获取用户信息（SpringBoot实现）

文章目录

微信公众号网页OAuth2.0授权登录并获取用户信息（SpringBoot实现）准备工作开发思路具体代码编写一个WxConstant.java常量类用来存放公众号的一些信息，也可以在application.yml里面配置编写重定向到微信要求用户授权页面的接口loginService.doWxLogin (request, response)编写接收code接口loginService.auth (code, request, response)

准备工作

最好是有服务器和已经备案的域名注册邮箱，网易邮箱注册地址开通一个公众号，点击开通公众号，或者申请一个测试号，点击申请测试号修改网页授权回调域名

如果是正式公众号只能填已经备案的域名且使用80端口，测试号可以填ip，ip：端口，或者域名：端口，本地ip（127.0.0.1）也是可以调通的

正式公众号还需要将下面这个文件放到服务器上 ，放在一个可以用 xxx.fun/文件名访问的地方

开发思路

开发一个接口，使用户点击这个接口的链接之后重定向到微信给定的授权页面【https://open./connect/oauth2/authorize?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope=SCOPE&state=STATE#wechat_redirect】（注意里面的参数redirect_uri）用户来到这个页面点击同意 用户同意授权，微信服务器将会以参数的形式给你返回一个code到上面重定向链接的参数redirect_uri所以我们还要开发一个接口用来接收这个code,接口的链接就是上面重定向链接的参数redirect_uri

具体代码

编写一个WxConstant.java常量类用来存放公众号的一些信息，也可以在application.yml里面配置

//服务号//APPIDpublic static final String SERVICE_APPID = "wxc***";//授权成功后重定向的前端页面public static final String BASE_URL = "http://xxx.fun/home";//APPSECRETpublic static final String SERVICE_APPSECRET = "c7c***";//授权URLpublic static final String AUTH_BASE_URL = "https://open./connect/oauth2/authorize?";//获取tokenpublic static final String ACCESS_TOKEN_BASE_URL = "https://api./sns/oauth2/access_token?";//获取用户信息public static final String INFO_BASE_URL = "https://api./sns/userinfo?";//授权回调public static final String REDIRECT_URL = "http://xxx.fun/weixin/auth";//授权允许的范围public static final String SCOPE = "snsapi_userinfo";

编写重定向到微信要求用户授权页面的接口

/*** create by: Antares* description: 服务号授权登录（引导用户授权）* create time: /5/25 14:13* return**/@GetMapping ("/login")public void doWxLogin (HttpServletRequest request, HttpServletResponse response) {try {loginService.doWxLogin (request, response);} catch (Exception e) {e.printStackTrace ();//相应的处理}}

loginService.doWxLogin (request, response)

@Overridepublic void doWxLogin (HttpServletRequest request, HttpServletResponse response) throws IOException {String authUrl = new StringBuilder (WxConstants.AUTH_BASE_URL).append ("appid=").append (WxConstants.SERVICE_APPID).append ("&redirect_uri=").append (URLEncoder.encode (WxConstants.REDIRECT_URL)).append ("&response_type=code").append ("&scope=").append (WxConstants.SCOPE).append ("&connect_redirect=1").append ("&state=STATE#wechat_redirect").toString ();String signature = request.getParameter ("signature");/// 微信加密签名String timestamp = request.getParameter ("timestamp");/// 时间戳String nonce = request.getParameter ("nonce"); /// 随机数String echostr = request.getParameter ("echostr"); // 随机字符串log.info (URLEncoder.encode (WxConstants.REDIRECT_URL));PrintWriter out = response.getWriter ();if (signature != null && timestamp != null && nonce != null && echostr != null) {if (SignUtil.checkSignature (signature, timestamp, nonce)) {out.print (echostr);}out.close ();} else {response.sendRedirect (authUrl);log.info ("url:{}", authUrl);}}

编写接收code接口

/*** create by: Antares* description: 服务号授权成功重定向* create time: /5/25 14:13* return**/@GetMapping ("/auth")public void auth (@RequestParam ("code") String code,@RequestParam ("state") String state,HttpServletRequest request,HttpServletResponse response) throws IOException {log.info ("code={}", code);//code=081uURiJ0SW1Bd2BWAhJ0XxWiJ0uURiYloginService.auth (code, request, response);}

loginService.auth (code, request, response)

@Overridepublic void auth (String code,HttpServletRequest request,HttpServletResponse response) throws IOException {//获取openid,access_tokenString authUrl = new StringBuilder (WxConstants.ACCESS_TOKEN_BASE_URL).append ("appid=").append (WxConstants.SERVICE_APPID).append ("&secret=").append (WxConstants.SERVICE_APPSECRET).append ("&code=").append (code).append ("&grant_type=authorization_code").toString ();String authResult = HttpUtil.sendGet (authUrl);//解析出openid,access_token存进RedisJSONObject authObject = JSON.parseObject (authResult);String accessToken = authObject.getString (KeyConst.H5_ACCESS_TOKEN_KEY);String openId = authObject.getString (KeyConst.OPENID_KEY);redisUtil.set ("access_token: " + openId, accessToken, 7000);log.info ("openid: {}, access_token: {}", openId, accessToken);//已经授权过Integer userId = weChatUserMapper.selectUserId (openId);//获取用户信息String url = new StringBuilder (WxConstants.INFO_BASE_URL).append ("access_token=").append (accessToken).append ("&openid=").append (openId).append ("&lang=zh_CN").toString ();String result = HttpUtil.sendGet (url);log.info (result);JSONObject object = JSON.parseObject (result);//存进数据库WeChatUser user = new WeChatUser (object.getString (KeyConst.OPENID_KEY),object.getString ("nickname"),object.getString ("headimgurl"),object.getString ("sex"),object.getString ("province") + " " + object.getString ("city"));if (userId != null) {user.setUserId (userId);weChatUserMapper.updateUser (user);String token = redisUtil.get ("token:" + userId).toString ();response.sendRedirect (WxConstants.BASE_URL + "?user_id=" + userId + "&token=" + token);return;}weChatUserMapper.insertUser (user);//生成tokenString token = JwtUtil.sign (1, user.getUserId ().toString (), openId);String key = "token:" + user.getUserId ();if (redisUtil.hasKey (key)) {redisUtil.del (key);}redisUtil.set (key, token);if (user.getUserId () != null) {response.sendRedirect (WxConstants.BASE_URL + "?user_id=" + user.getUserId () + "&token=" + token);}}

这里是用授权成功后重定向到前端页面的方式，因为一开始我是用让前端调/login接口，然后最后返回json数据的方式，但是这里会产生一个问题就是重定向到授权页面的时候前端和微信服务器会有跨域问题