歡迎加入群:347245650 345531810 進行討論相互交流 我的微信號:572839485
網頁授權獲取用戶基本信息此接口是通過OAuth2.0來完成網頁授權的,是安全可靠的。
一、什么是OAuth2.0
OAuth是一個開放協議,允許用戶讓第三方應用以安全且標准的方式獲取該用戶在某一網站、移動或桌面應用上存儲的私密的資源(如用戶個人信息、照片、視頻、聯系人列表),而無需將用戶名和密碼提供給第三方應用。
OAuth 2.0是OAuth協議的下一版本,但不向后兼容OAuth 1.0。 OAuth 2.0關注客戶端開發者的簡易性,同時為Web應用,桌面應用和手機,和起居室設備提供專門的認證流程。
OAuth允許用戶提供一個令牌,而不是用戶名和密碼來訪問他們存放在特定服務提供者的數據。每一個令牌授權一個特定的網站(例如,視頻編輯網站)在特定的時段(例如,接下來的2小時內)內訪問特定的資源(例如僅僅是某一相冊中的視頻)。這樣,OAuth允許用戶授權第三方網站訪問他們存儲在另外的服務提供者上的信息,而不需要分享他們的訪問許可或他們數據的所有內容。(來自於網絡)
二、微信公眾平台OAuth2.0授權詳細步驟
1. 用戶關注微信公眾賬號。
2. 微信公眾賬號提供用戶請求授權頁面URL。
3. 用戶點擊授權頁面URL,將向服務器發起請求
4. 服務器詢問用戶是否同意授權給微信公眾賬號(scope為snsapi_base時無此步驟)
5. 用戶同意(scope為snsapi_base時無此步驟,不彈出授權頁面,直接跳轉,只能獲取用戶openid)
6. 服務器將code參數通過回調傳給微信公眾賬號
7. 微信公眾賬號獲得code參數
8. 微信公眾賬號通過code參數向服務器請求Access Token
9. 服務器返回Access Token和OpenID給微信公眾賬號
10. 微信公眾賬號通過Access Token向服務器請求用戶信息(scope為snsapi_base時無此步驟)
11. 服務器將用戶信息回送給微信公眾賬號(scope為snsapi_base時無此步驟)
三、配置授權回調頁面域名
點擊右邊的修改
填寫授權頁面需要注意:
這里我們填寫自己的域名www.wechat68.com
這樣我的授權頁面的域名配置成功了
四、用戶授權並獲取code 使用code換取access_token 使用access_token獲取用戶信息 Java代碼如下
授權訪問的URL:https://open.weixin.qq.com/connect/oauth2/auth9orize?appid=wx614c453e0d1dcd12&redirect_uri=http://www.wechat68.com/Javen/OauthTest&response_type=code&scope=snsapi_userinfo&state=1#wechat_redirect
package com.javen.course.servlet; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import net.sf.json.JSONObject; import com.javen.course.entity.UserInfo_weixin; import com.javen.course.util.HttpUtil; /** * * @author 簡愛微萌 * @Email zyw205@gmail.com * 接口權限中設置OAuth2.0網頁授權 域名 如:www.wechat68.com * 授權訪問的URL:https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx614c453e0d1dcd12&redirect_uri=http://www.wechat68.com/Javen/OauthTest&response_type=code&scope=snsapi_userinfo&state=1#wechat_redirect */ public class Oauth2Servlet extends HttpServlet { private String get_access_token_url="https://api.weixin.qq.com/sns/oauth2/access_token?" + "appid=APPID" + "&secret=SECRET&" + "code=CODE&grant_type=authorization_code"; private String get_userinfo="https://api.weixin.qq.com/sns/userinfo?access_token=ACCESS_TOKEN&openid=OPENID&lang=zh_CN"; private static final long serialVersionUID = -644518508267758016L; public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // 將請求、響應的編碼均設置為UTF-8(防止中文亂碼) request.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8"); String code=request.getParameter("code"); get_access_token_url=get_access_token_url.replace("APPID", "wx614c453e0d1dcd12"); get_access_token_url=get_access_token_url.replace("SECRET", "fd00642f7a2fea32c5a7b060d9c37db1"); get_access_token_url=get_access_token_url.replace("CODE", code); String json=HttpUtil.getUrl(get_access_token_url); JSONObject jsonObject=JSONObject.fromObject(json); String access_token=jsonObject.getString("access_token"); String openid=jsonObject.getString("openid"); get_userinfo=get_userinfo.replace("ACCESS_TOKEN", access_token); get_userinfo=get_userinfo.replace("OPENID", openid); String userInfoJson=HttpUtil.getUrl(get_userinfo); JSONObject userInfoJO=JSONObject.fromObject(userInfoJson); String user_openid=userInfoJO.getString("openid"); String user_nickname=userInfoJO.getString("nickname"); String user_sex=userInfoJO.getString("sex"); String user_province=userInfoJO.getString("province"); String user_city=userInfoJO.getString("city"); String user_country=userInfoJO.getString("country"); String user_headimgurl=userInfoJO.getString("headimgurl"); // UserInfo_weixin userInfo=new UserInfo_weixin(user_openid, user_nickname, user_sex, user_province, user_city, user_country, user_headimgurl); response.setContentType("text/html; charset=utf-8"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">"); out.println("<HTML>"); out.println(" <HEAD><TITLE>A Servlet</TITLE></HEAD>"); out.println(" <BODY>"); out.print(" This is "); out.print(this.getClass()); out.println(", using the POST method \n"); out.println("openid:"+user_openid+"\n\n"); out.println("nickname:"+user_nickname+"\n\n"); out.println("sex:"+user_sex+"\n\n"); out.println("province:"+user_province+"\n\n"); out.println("city:"+user_city+"\n\n"); out.println("country:"+user_country+"\n\n"); out.println("<img src=/"+user_headimgurl+"/"); out.println(">"); out.println(" </BODY>"); out.println("</HTML>"); out.flush(); out.close(); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">"); out.println("<HTML>"); out.println(" <HEAD><TITLE>A Servlet</TITLE></HEAD>"); out.println(" <BODY>"); out.print(" This is "); out.print(this.getClass()); out.println(", using the POST method"); out.println(" </BODY>"); out.println("</HTML>"); out.flush(); out.close(); } }
public static String getUrl(String url){ String result = null; try { // 根據地址獲取請求 HttpGet request = new HttpGet(url); // 獲取當前客戶端對象 HttpClient httpClient = new DefaultHttpClient(); // 通過請求對象獲取響應對象 HttpResponse response = httpClient.execute(request); // 判斷網絡連接狀態碼是否正常(0--200都數正常) if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) { result= EntityUtils.toString(response.getEntity()); } } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } return result; }
/** * 發起https請求並獲取結果 * * @param requestUrl 請求地址 * @param requestMethod 請求方式(GET、POST) * @param outputStr 提交的數據 * */ public static String httpRequest(String requestUrl, String requestMethod, String outputStr) { StringBuffer buffer = new StringBuffer(); try { // 創建SSLContext對象,並使用我們指定的信任管理器初始化 TrustManager[] tm = { new MyTrustManager() }; SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE"); sslContext.init(null, tm, new java.security.SecureRandom()); // 從上述SSLContext對象中得到SSLSocketFactory對象 SSLSocketFactory ssf = sslContext.getSocketFactory(); URL url = new URL(requestUrl); HttpsURLConnection httpUrlConn = (HttpsURLConnection) url.openConnection(); httpUrlConn.setSSLSocketFactory(ssf); httpUrlConn.setDoOutput(true); httpUrlConn.setDoInput(true); httpUrlConn.setUseCaches(false); // 設置請求方式(GET/POST) httpUrlConn.setRequestMethod(requestMethod); if ("GET".equalsIgnoreCase(requestMethod)) httpUrlConn.connect(); // 當有數據需要提交時 if (null != outputStr) { OutputStream outputStream = httpUrlConn.getOutputStream(); // 注意編碼格式,防止中文亂碼 outputStream.write(outputStr.getBytes("UTF-8")); outputStream.close(); } // 將返回的輸入流轉換成字符串 InputStream inputStream = httpUrlConn.getInputStream(); InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "utf-8"); BufferedReader bufferedReader = new BufferedReader(inputStreamReader); String str = null; while ((str = bufferedReader.readLine()) != null) { buffer.append(str); } bufferedReader.close(); inputStreamReader.close(); // 釋放資源 inputStream.close(); inputStream = null; httpUrlConn.disconnect(); return buffer.toString(); } catch (ConnectException ce) { log.error("Weixin server connection timed out."); } catch (Exception e) { log.error("https request error:{}", e); } return null; }
package com.javen.weixin.util; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.X509TrustManager; /** * 證書信任管理器(用於https請求) */ public class MyTrustManager implements X509TrustManager { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }
如果對你有幫助請我喝杯咖啡 左微信 右支付寶 個人微信公眾號javenlife
