钉钉微应用的免登录（前后端）

最近做了个钉钉企业内部微应用的项目。记录下自己的心得。
首先根据官方文档明白免登流程

但是，最近更新的开发者平台，已经不在提供corpSecret了，所以获取获取access_token就要获取获取appKey和appSecret，官方文档写的很清楚，获取access_token如下图所示：

封装一个AuthHelper 如下：
/**

• 1.获取accessToken

• 2.获取jsapi中的ticket

• 3.生成jsapiz中的鉴权sign

• 4.根据传入的临时code获取用户的基本信息,入userinfo

• 5.(ISV版本)根据userid获取详细用户信息

• @author lnexin
  */
  public class AuthHelper {

  // 钉钉api相关
  static String TOKEN_URL = “https://oapi.dingtalk.com/gettoken”;
  static String TICKET_URL = “https://oapi.dingtalk.com/get_jsapi_ticket”;
  static String USER_INFO_URL = “https://oapi.dingtalk.com/user/getuserinfo”;
  static String USER_ALL_URL = “https://oapi.dingtalk.com/user/get”;

  // 调整到1小时50分钟
  public static final long cacheTime = 1000 * 60 * 55 * 2;

  private static String ACCESS_TOKEN = null;
  private static String JSAPI_TICKET = null;
  private static long LAST_TIME = 0;

  /**

  • @param appKey

  • @param appSecret

  • @return 与钉钉服务器请求生成的accessToken
    */
    public static String getAccessToken(String appKey, String appSecret) {
    long curTime = System.currentTimeMillis();
    long differ = curTime - LAST_TIME;

    if (ACCESS_TOKEN != null && differ < cacheTime)
    return ACCESS_TOKEN;

    ACCESS_TOKEN = requestAccessToken(appKey, appSecret);
    LAST_TIME = curTime;

    return ACCESS_TOKEN;
    }

  /**

  • @param accessToken

  • @return 一个用于js鉴权的ticket
    */
    public static String getJsapiTicket(String accessToken) {
    long curTime = System.currentTimeMillis();
    long differ = curTime - LAST_TIME;

    if (JSAPI_TICKET != null && differ < cacheTime) {
    return JSAPI_TICKET;
    }
    JSAPI_TICKET = requestJsapiTicket(accessToken);
    return JSAPI_TICKET;
    }

  /**

  • 根据传入的相关参数生成sign
  • @param ticket
  • @param nonceStr
  • @param timeStamp
  • @param url
  • @return
    */
    public static String sign(String ticket, String nonceStr, long timeStamp, String url) {
    StringBuffer plain = new StringBuffer();
    plain.append(“jsapi_ticket=”).append(ticket);
    plain.append("&noncestr=").append(nonceStr);
    plain.append("×tamp=").append(String.valueOf(timeStamp));
    plain.append("&url=").append(url);
    MessageDigest sha;
    try {
    sha = MessageDigest.getInstance(“SHA-1”);
    sha.reset();
    sha.update(plain.toString().getBytes(“UTF-8”));
    return bytesToHex(sha.digest());
    } catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
    } catch (UnsupportedEncodingException e) {
    e.printStackTrace();
    }
    return null;
    }

  private static String requestAccessToken(String appKey, String appSecret) {
  StringBuffer url = new StringBuffer(TOKEN_URL);
  url.append("?appkey=").append(appKey);
  url.append("&appsecret=").append(appSecret);
  String result = null;
  try {
  result = HttpHelper.sendGet(url.toString());
  } catch (IOException e) {
  result = ReturnUtil.result("-1",
  “请求accessTokenc出错!appKey:” + appKey + “,appSecret:” + appSecret + “异常信息:” + e);
  }
  System.out.println(“appKey:” + appKey + “,appSecret:” + appSecret + “,result:” + result);
  return JsonUtil.getJsonNode(result).get(“access_token”).asText();
  }

  private static String requestJsapiTicket(String accessToken) {
  StringBuffer url = new StringBuffer(TICKET_URL);
  url.append("?access_token=").append(accessToken);
  String result = null;
  try {
  result = HttpHelper.sendGet(url.toString());
  } catch (IOException e) {
  result = ReturnUtil.result("-1", “请求JsapiTicket出错!accessToken:” + accessToken + “异常信息:” + e);
  }
  System.out.println(“accessToken:” + accessToken + “,result:” + result);
  return JsonUtil.getJsonNode(result).get(“ticket”).asText();
  }

  private static String bytesToHex(byte[] hash) {
  Formatter formatter = new Formatter();
  for (byte b : hash) {
  formatter.format("%02x", b);
  }
  String result = formatter.toString();
  formatter.close();
  return result;
  }

  /**

  • 获取用户信息
  • @param code

  •        用户相应的临时code
    

  • @param token

  •        根据相应corpid和corpsecret生成的access_token
    

  • @return 用户ID等相关信息
    /
    public static String getUserInfo(String code, String accessToken) {
    StringBuffer url = new StringBuffer(USER_INFO_URL);
    url.append("?access_token=").append(accessToken);
    url.append("&code=").append(code);
    String result = null;
    try {
    result = HttpHelper.sendGet(url.toString());
    } catch (IOException e) {
    result = ReturnUtil.result("-1", “请求User信息出错!code:” + code + “异常信息:” + e);
    }
    return result;
    }
    /*
  • 获取用户详细信息
  • @param userid 在某个corpid下的唯一用户userid
  • @param accessToken 据相应corpid和corpsecret生成的access_token
  • @return
    */
    public static String getUser(String userid, String accessToken) {
    StringBuffer url = new StringBuffer(USER_ALL_URL);
    url.append("?access_token=").append(accessToken);
    url.append("&userid=").append(userid);
    String result = null;
    try {
    result = HttpHelper.sendGet(url.toString());
    } catch (IOException e) {
    result = ReturnUtil.result("-1", “请求User信息出错!userid:” + userid + “异常信息:” + e);
    }
    return result;
    }

}

前端代码如下：

钉钉微应用免登陆

到这里基本OK了，这两个为主要代码，还有其他的封装页面比较简单，就不贴出来了