移动端第三方登录(微信)java验证并获取用户信息

授权流程说明

微信OAuth2.0授权登录让微信用户使用微信身份安全登录第三方应用或网站,在微信用户授权登录已接入微信OAuth2.0的第三方应用后,第三方可以获取到用户的接口调用凭证(access_token),通过access_token可以进行微信开放平台授权关系接口调用,从而可实现获取微信用户基本开放信息和帮助用户实现基础开放功能等。

微信OAuth2.0授权登录目前支持authorization_code模式,适用于拥有server端的应用授权。该模式整体流程为:

  1. 1. 第三方发起微信授权登录请求,微信用户允许授权第三方应用后,微信会拉起应用或重定向到第三方网站,并且带上授权临时票据code参数;

  2. 2. 通过code参数加上AppID和AppSecret等,通过API换取access_token;

  3. 3. 通过access_token进行接口调用,获取用户基本数据资源或帮助用户实现基本操作。

移动端第三方登录(微信)java验证并获取用户信息_第1张图片

第一步:请求CODE
移动应用微信授权登录来获取CODE,这个CODE只能用来获取一次access_toke,点击确认登录后就会反回CODE。
移动端第三方登录(微信)java验证并获取用户信息_第2张图片
第二步:移动端将CODE发送给服务器进行验证并获取用户信息

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Map;

import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.ContentType;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.util.EntityUtils;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;





public class WeiXinAuthService 
{

	private static final Logger logger = LoggerFactory.getLogger(WeiXinAuthService.class);
	
	public static final String WX_AUTH_LOGIN_URL = "https://api.weixin.qq.com/sns/oauth2/access_token";
	public static final String WX_USERINFO_URL = "https://api.weixin.qq.com/sns/userinfo";
	//appid和appSecret 是在公众平台上申请的
	//AppId
	public static final String WX_APP_ID = "wxb6411cbea5c*****";
	//AppSecret
	public static final String WX_APP_KEY = "86b91b295d23f34337b76cacd*******";

	

	
	public UserInfoData checkLogin(String code) 
	{
		//获取授权 access_token
		StringBuffer loginUrl = new StringBuffer();
		loginUrl.append(WX_AUTH_LOGIN_URL).append("?appid=")
				.append(WX_APP_ID).append("&secret=")
				.append(WX_APP_KEY).append("&code=").append(code)
				.append("&grant_type=authorization_code");
		String loginRet = WeiXinAuthService.get(loginUrl.toString());
		JSONObject grantObj = new JSONObject(loginRet);
		String errcode = grantObj.optString("errcode");
		if (!StringUtils.isEmpty(errcode)) 
		{
			logger.error("login weixin error"+loginRet);
			return null;
		}
		String openId = grantObj.optString("openid");
		if (StringUtils.isEmpty(openId)) 
		{
			logger.error("login weixin getOpenId error"+loginRet);
			return null;
		}
		
		String accessToken = grantObj.optString("access_token");
		String expiresIn = grantObj.optString("expires_in");
		String refreshToken = grantObj.optString("refresh_token");
		String scope = grantObj.optString("scope");
		
		//获取用户信息
		StringBuffer userUrl = new StringBuffer();
		userUrl.append(WX_USERINFO_URL).append("?access_token=").append(accessToken).append("&openid=").append(openId);
		String userRet = WeiXinAuthService.get(userUrl.toString());
		JSONObject userObj = new JSONObject(userRet);
		UserInfoData userInfo = new UserInfoData();
		userInfo.setOpenId(openId);
		userInfo.setAuthToken(accessToken);
		userInfo.setAuthRefreshToken(refreshToken);
		userInfo.setScope(scope);
		userInfo.setExpiresIn(Integer.valueOf(expiresIn));
		String nickname = userObj.optString("nickname");
		String sex = userObj.optString("sex");
		String userImg = userObj.optString("headimgurl");
		String unionid = userObj.optString("unionid");
		userInfo.setName(nickname);
		userInfo.setIcon(userImg);
		userInfo.setGender(sex);
		userInfo.setLoginId(unionid);
		return userInfo;
	}
	
	
	public static String get(String url) {
		String body = null;
		try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {		
			logger.info("create httppost:" + url);
			HttpGet get = new HttpGet(url);
			get.addHeader("Accept-Charset","utf-8");
			HttpResponse response = sendRequest(httpClient, get);
			body = parseResponse(response);
		} catch (IOException e) {
			logger.error("send post request failed: {}", e.getMessage());
		}

		return body;
	}
	
	private static String paramsToString(Map params) {
		StringBuilder sb = new StringBuilder();
		try{
			for (String key : params.keySet()) {
				sb.append(String.format("&%s=%s", key, URLEncoder.encode(params.get(key),StandardCharsets.UTF_8.toString())));
			}
		}catch(UnsupportedEncodingException e){
			logger.warn("{}: encode url parameters failed", e.getMessage());
		}
		return sb.length() > 0 ? "?".concat(sb.substring(1)) : "";
	}
	
	private static HttpResponse sendRequest(CloseableHttpClient httpclient, HttpUriRequest httpost)
			throws ClientProtocolException, IOException {
		HttpResponse response = null;
		response = httpclient.execute(httpost);
		return response;
	}
	
	private static String parseResponse(HttpResponse response) {
		logger.info("get response from http server..");
		HttpEntity entity = response.getEntity();

		logger.info("response status: " + response.getStatusLine());
		Charset charset = ContentType.getOrDefault(entity).getCharset();
		if (charset != null) {
			logger.info(charset.name());
		}

		String body = null;
		try {
			body = EntityUtils.toString(entity, "utf-8");
			logger.info("body " + body);
		} catch (IOException e) {
			logger.warn("{}: cannot parse the entity", e.getMessage());
		}

		return body;
	}


	

}


微信API:
https://open.weixin.qq.com/cgi-bin/showdocument?action=dir_list&t=resource/res_list&verify=1&id=open1419317851&token=&lang=zh_CN












你可能感兴趣的:(移动端第三方登录(微信)java验证并获取用户信息)