微信登錄流程:
微信官方參考文檔:
1.在配置文件中添加需要的參數(該參數需要去https://open.weixin.qq.com/通過開發者資格認證等流程申請)
# 微信開放平台 appid wx.open.app_id=你的appid # 微信開放平台 appsecret wx.open.app_secret=你的app密鑰 # 微信開放平台 重定向url wx.open.redirect_url=你的重定向url
2.創建工具類讀取配置文件的參數
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.PropertySource;
import org.springframework.stereotype.Component;
@Component
//讀取配置文件中關於微信登錄的信息
public class ConstantPropertiesUtil implements InitializingBean {
@Value("${wx.open.app_id}")
private String appId;
@Value("${wx.open.app_secret}")
private String appSecret;
@Value("${wx.open.redirect_url}")
private String redirectUrl;
public static String WX_OPEN_APP_ID;
public static String WX_OPEN_APP_SECRET;
public static String WX_OPEN_REDIRECT_URL;
@Override
public void afterPropertiesSet() throws Exception {
WX_OPEN_APP_ID = this.appId ;
WX_OPEN_APP_SECRET = this.appSecret;
WX_OPEN_REDIRECT_URL =this.redirectUrl;
}
}
3.創建controller
要想實現微信登錄,首先要有微信提供的二維碼,Controller中生成二維碼的方法為getWxCode(),實現方式是拼接出微信官方特定格式的url(官方文檔),然后去訪問它。其中對於重定向url需要進行urlEncode編碼。拼接方式采用占位符的思想,然后使用String類中的方法format()得到最后的url並返回。
當你訪問這個接口並使用微信掃一掃登錄后,地址欄會變成
http://localhost:8150/api/ucenter/wx/callback?code=001IsvFa1VLKrA0FTcIa1DYMa10IsvFa&state=renzhe
兩個參數
code:包含用戶信息
state:自定義信息
一個端口,一個方法(獲取用戶信息的方法)
8150,callback(重定向的url中自定義的)
所以controller中還會定義一個獲取用戶信息的接口getback(),當你掃完二維碼並確定登錄后返回的url則會繼續執行callback()方法,在callback中獲取兩個值,code+state,code也叫授權臨時票據,然后通過code值請求微信提供的固定url(https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code 參數值寫自己的),通過httpclient會返回兩個值,access_token(訪問憑證)+openid(每個微信唯一的標識),例如:
{"access_token":"41_xexDMUnJWVLK4WdbF02J1-YIu7a6PxNouTlJ_Or9YFYSXCKeD0zu0yM9CAPJvnqTLNXCO4Ij9NuTKIKdQYB47w1yfDYJoVhQNlNSsduHR-k","expires_in":7200,"refresh_token":"41_3OuyVF2OwQGyqgt6CQXmxAKgzYjm6eDyw-NK4kvPhoKbjTUIL_gREUpcqJ4nYZHI3aXLFkjFepg4GScvKrGQVoD4KJqL6oZlBcZYFdN7Iww","openid":"o3_SC51xq5wTbiDADDKAJbJw5cH4","scope":"snsapi_login","unionid":"oWgGz1AMXbZaembWG-3jBmBMyDZc"}
{"openid":"o3_SC51xq5wTbiDADDKAJbJw5cH4","nickname":"俟","sex":1,"language":"zh_CN","city":"Taiyuan","province":"Shanxi","country":"CN","headimgurl":"https:\/\/thirdwx.qlogo.cn\/mmopen\/vi_32\/Q0j4TwGTfTIZwLRHYxkV7v2CiciasMFpe65cvibs6xU95pGiavE082SKG6mbB2mibLedTgDnBQ9pPygK2CStv40uHicQ\/132","privilege":[],"unionid":"oWgGz1AMXbZaembWG-3jBmBMyDZc"}
@Controller
@RequestMapping("/api/ucenter/wx")
@CrossOrigin
public class WxApiController {
//1.請求微信二維碼
@GetMapping("login")
public String getWxCode() {
//固定地址 后面拼接參數 %s相當於占位符
String baseUrl = "https://open.weixin.qq.com/connect/qrconnect" +
"?appid=%s"+
"&redirect_uri=%s"+
"&response_type=code" +
"&scope=snsapi_login"+
"&state=%s"+
"#wechat_redirect";
//對redirect_url進行urlEncode編碼
String redirectUrl = ConstantPropertiesUtil.WX_OPEN_REDIRECT_URL;
try {
redirectUrl = URLEncoder.encode(redirectUrl, "UTF-8"); //url編碼
}catch (Exception e){
throw new GuliException(20001, e.getMessage());
}
String url = String.format(
baseUrl,
ConstantPropertiesUtil.WX_OPEN_APP_ID,
redirectUrl,
"renzhe"
);
//重定向到請求微信地址
return "redirect:"+url;
}
//獲取用戶信息
@GetMapping("callback")
public String callback(String code,String state){
try{
//1.獲取code值,臨時票據,類似於驗證碼
//2.拿着code請求微信地址,得到兩個值 access_token+openid
String baseAccessTokenUrl = "https://api.weixin.qq.com/sns/oauth2/access_token" +
"?appid=%s" +
"&secret=%s" +
"&code=%s" +
"&grant_type=authorization_code";
String accessTokenUrl = String.format(baseAccessTokenUrl,
ConstantPropertiesUtil.WX_OPEN_APP_ID,
ConstantPropertiesUtil.WX_OPEN_APP_SECRET,
code);
//請求這個拼接好的地址,最后返回兩個參數access_token+openid 使用httpclient請求
String accessTokenInfo = HttpClientUtils.get(accessTokenUrl);
//解析json字符串 將其字符串轉換成字符串 使其可以取值
Gson gson = new Gson();
HashMap map = gson.fromJson(accessTokenInfo, HashMap.class);
String access_token = (String)map.get("access_token");
String openid = (String)map.get("openid");
//把掃描人的信息添加到數據庫中
//判斷數據庫中是否存在相同微信信息,根據openid判斷
UcenterMember member = memberService.getOpenIdMember(openid);
if(member == null){//表中無數據
//3.拿着access_token和openid,再去請求微信提供的固定地址,獲取掃描人的信息
String baseUserInfoUrl = "https://api.weixin.qq.com/sns/userinfo?" +
"access_token=%s" +
"&openid=%s";
//拼接兩個參數
String baseUserInfo = String.format(baseUserInfoUrl, access_token, openid);
//使用httpclient去請求這個地址
String userInfo = HttpClientUtils.get(baseUserInfo);
//解析json字符串
HashMap<String,Object> userMap = gson.fromJson(userInfo, HashMap.class);
String nickname = (String)userMap.get("nickname");
//微信頭像
String headimgurl = (String)userMap.get("headimgurl");
member = new UcenterMember();
member.setOpenid(openid);
member.setNickname(nickname);
member.setAvatar(headimgurl);
memberService.save(member);
}
//因為cookie不能跨域,所有這個用戶信息不准備放入cookie中,而是放入路徑中
//使用jwt根據member對象生成一個token字符串
String token = JwtUtils.getJwtToken(member.getId(), member.getNickname());
//最后,返回首頁面,並通過路徑傳遞token字符串
return "redirect:http://localhost:3000?token="+token;
}catch (Exception e){
throw new GuliException(20001,"登錄失敗");
}
}
}
技術點:
(1)httpclient:使用它去請求地址然后得到結果,不需要從瀏覽器輸入url也能得到結果。httpclient工具類 主要方法為get,post方法
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.http.Consts;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.config.RequestConfig.Builder;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ConnectTimeoutException;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicNameValuePair;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import java.io.IOException;
import java.net.SocketTimeoutException;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
/**
* 依賴的jar包有:commons-lang-2.6.jar、httpclient-4.3.2.jar、httpcore-4.3.1.jar、commons-io-2.4.jar
* @author zhaoyb
*
*/
public class HttpClientUtils {
public static final int connTimeout=10000;
public static final int readTimeout=10000;
public static final String charset="UTF-8";
private static HttpClient client = null;
static {
PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager();
cm.setMaxTotal(128);
cm.setDefaultMaxPerRoute(128);
client = HttpClients.custom().setConnectionManager(cm).build();
}
public static String postParameters(String url, String parameterStr) throws ConnectTimeoutException, SocketTimeoutException, Exception{
return post(url,parameterStr,"application/x-www-form-urlencoded",charset,connTimeout,readTimeout);
}
public static String postParameters(String url, String parameterStr,String charset, Integer connTimeout, Integer readTimeout) throws ConnectTimeoutException, SocketTimeoutException, Exception{
return post(url,parameterStr,"application/x-www-form-urlencoded",charset,connTimeout,readTimeout);
}
public static String postParameters(String url, Map<String, String> params) throws ConnectTimeoutException,
SocketTimeoutException, Exception {
return postForm(url, params, null, connTimeout, readTimeout);
}
public static String postParameters(String url, Map<String, String> params, Integer connTimeout,Integer readTimeout) throws ConnectTimeoutException,
SocketTimeoutException, Exception {
return postForm(url, params, null, connTimeout, readTimeout);
}
public static String get(String url) throws Exception {
return get(url, charset, null, null);
}
public static String get(String url, String charset) throws Exception {
return get(url, charset, connTimeout, readTimeout);
}
/**
* 發送一個 Post 請求, 使用指定的字符集編碼.
*
* @param url
* @param body RequestBody
* @param mimeType 例如 application/xml "application/x-www-form-urlencoded" a=1&b=2&c=3
* @param charset 編碼
* @param connTimeout 建立鏈接超時時間,毫秒.
* @param readTimeout 響應超時時間,毫秒.
* @return ResponseBody, 使用指定的字符集編碼.
* @throws ConnectTimeoutException 建立鏈接超時異常
* @throws SocketTimeoutException 響應超時
* @throws Exception
*/
public static String post(String url, String body, String mimeType,String charset, Integer connTimeout, Integer readTimeout)
throws ConnectTimeoutException, SocketTimeoutException, Exception {
HttpClient client = null;
HttpPost post = new HttpPost(url);
String result = "";
try {
if (StringUtils.isNotBlank(body)) {
HttpEntity entity = new StringEntity(body, ContentType.create(mimeType, charset));
post.setEntity(entity);
}
// 設置參數
Builder customReqConf = RequestConfig.custom();
if (connTimeout != null) {
customReqConf.setConnectTimeout(connTimeout);
}
if (readTimeout != null) {
customReqConf.setSocketTimeout(readTimeout);
}
post.setConfig(customReqConf.build());
HttpResponse res;
if (url.startsWith("https")) {
// 執行 Https 請求.
client = createSSLInsecureClient();
res = client.execute(post);
} else {
// 執行 Http 請求.
client = HttpClientUtils.client;
res = client.execute(post);
}
result = IOUtils.toString(res.getEntity().getContent(), charset);
} finally {
post.releaseConnection();
if (url.startsWith("https") && client != null&& client instanceof CloseableHttpClient) {
((CloseableHttpClient) client).close();
}
}
return result;
}
/**
* 提交form表單
*
* @param url
* @param params
* @param connTimeout
* @param readTimeout
* @return
* @throws ConnectTimeoutException
* @throws SocketTimeoutException
* @throws Exception
*/
public static String postForm(String url, Map<String, String> params, Map<String, String> headers, Integer connTimeout,Integer readTimeout) throws ConnectTimeoutException,
SocketTimeoutException, Exception {
HttpClient client = null;
HttpPost post = new HttpPost(url);
try {
if (params != null && !params.isEmpty()) {
List<NameValuePair> formParams = new ArrayList<NameValuePair>();
Set<Entry<String, String>> entrySet = params.entrySet();
for (Entry<String, String> entry : entrySet) {
formParams.add(new BasicNameValuePair(entry.getKey(), entry.getValue()));
}
UrlEncodedFormEntity entity = new UrlEncodedFormEntity(formParams, Consts.UTF_8);
post.setEntity(entity);
}
if (headers != null && !headers.isEmpty()) {
for (Entry<String, String> entry : headers.entrySet()) {
post.addHeader(entry.getKey(), entry.getValue());
}
}
// 設置參數
Builder customReqConf = RequestConfig.custom();
if (connTimeout != null) {
customReqConf.setConnectTimeout(connTimeout);
}
if (readTimeout != null) {
customReqConf.setSocketTimeout(readTimeout);
}
post.setConfig(customReqConf.build());
HttpResponse res = null;
if (url.startsWith("https")) {
// 執行 Https 請求.
client = createSSLInsecureClient();
res = client.execute(post);
} else {
// 執行 Http 請求.
client = HttpClientUtils.client;
res = client.execute(post);
}
return IOUtils.toString(res.getEntity().getContent(), "UTF-8");
} finally {
post.releaseConnection();
if (url.startsWith("https") && client != null
&& client instanceof CloseableHttpClient) {
((CloseableHttpClient) client).close();
}
}
}
/**
* 發送一個 GET 請求
*
* @param url
* @param charset
* @param connTimeout 建立鏈接超時時間,毫秒.
* @param readTimeout 響應超時時間,毫秒.
* @return
* @throws ConnectTimeoutException 建立鏈接超時
* @throws SocketTimeoutException 響應超時
* @throws Exception
*/
public static String get(String url, String charset, Integer connTimeout,Integer readTimeout)
throws ConnectTimeoutException,SocketTimeoutException, Exception {
HttpClient client = null;
HttpGet get = new HttpGet(url);
String result = "";
try {
// 設置參數
Builder customReqConf = RequestConfig.custom();
if (connTimeout != null) {
customReqConf.setConnectTimeout(connTimeout);
}
if (readTimeout != null) {
customReqConf.setSocketTimeout(readTimeout);
}
get.setConfig(customReqConf.build());
HttpResponse res = null;
if (url.startsWith("https")) {
// 執行 Https 請求.
client = createSSLInsecureClient();
res = client.execute(get);
} else {
// 執行 Http 請求.
client = HttpClientUtils.client;
res = client.execute(get);
}
result = IOUtils.toString(res.getEntity().getContent(), charset);
} finally {
get.releaseConnection();
if (url.startsWith("https") && client != null && client instanceof CloseableHttpClient) {
((CloseableHttpClient) client).close();
}
}
return result;
}
/**
* 從 response 里獲取 charset
*
* @param ressponse
* @return
*/
@SuppressWarnings("unused")
private static String getCharsetFromResponse(HttpResponse ressponse) {
// Content-Type:text/html; charset=GBK
if (ressponse.getEntity() != null && ressponse.getEntity().getContentType() != null && ressponse.getEntity().getContentType().getValue() != null) {
String contentType = ressponse.getEntity().getContentType().getValue();
if (contentType.contains("charset=")) {
return contentType.substring(contentType.indexOf("charset=") + 8);
}
}
return null;
}
/**
* 創建 SSL連接
* @return
* @throws GeneralSecurityException
*/
private static CloseableHttpClient createSSLInsecureClient() throws GeneralSecurityException {
try {
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
public boolean isTrusted(X509Certificate[] chain,String authType) throws CertificateException {
return true;
}
}).build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new X509HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
@Override
public void verify(String host, SSLSocket ssl)
throws IOException {
}
@Override
public void verify(String host, X509Certificate cert)
throws SSLException {
}
@Override
public void verify(String host, String[] cns,
String[] subjectAlts) throws SSLException {
}
});
return HttpClients.custom().setSSLSocketFactory(sslsf).build();
} catch (GeneralSecurityException e) {
throw e;
}
}
public static void main(String[] args) {
try {
String str= post("https://localhost:443/ssl/test.shtml","name=12&page=34","application/x-www-form-urlencoded", "UTF-8", 10000, 10000);
//String str= get("https://localhost:443/ssl/test.shtml?name=12&page=34","GBK");
/*Map<String,String> map = new HashMap<String,String>();
map.put("name", "111");
map.put("page", "222");
String str= postForm("https://localhost:443/ssl/test.shtml",map,null, 10000, 10000);*/
System.out.println(str);
} catch (ConnectTimeoutException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (SocketTimeoutException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
依賴:
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
</dependency>
2)json轉換工具:gson或者fastjson或者jackson 將其字符串轉換成字符串 使其可以取值
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
</dependency>