一、微信小程序中app.js中:
wx.login({ success: res => { if(res.code){ var code = res.code; wx.getSetting({ success: res => { if (res.authSetting['scope.userInfo']) { wx.getUserInfo({ success: res => { var encryptedData = res.encryptedData; var iv = res.iv; wx.request({ url: 'http://localhost:9001/method/decodeUserInfo',//发送到开发者服务器 method: 'post', data: { code: code, encryptedData:encryptedData,iv:iv }, dataType:'json', header: { 'content-type': 'application/x-www-form-urlencoded' }, success: function (rs) { console.log(rs); }, fail: function (e) { console.log(e); wx.showToast({ title: '网络异常!', duration: 2000 }); } }); if (this.userInfoReadyCallback) { this.userInfoReadyCallback(res) } } }) }else{ console.log("未授权"); } } }) } } })
二、开发者服务器中进行接收数据并解密数据:
1.控制器中代码:
@RequestMapping("/method/decodeUserInfo")
public String decodeUserInfo(HttpServletRequest request, HttpServletResponse response)throws Exception{
response.setHeader("Access-Control-Allow-Origin", "*");
String code = request.getParameter("code");
String encryptedData = request.getParameter("encryptedData");
String iv = request.getParameter("iv");
if(code.equals("") || code == null){return "failed";}
if(encryptedData.equals("") || encryptedData == null){return "failed";}
if(iv.equals("") || iv == null){return "failed";}
//////////////// 1、向微信服务器 使用登录凭证 code 获取 session_key 和 openid ////////////////
String url = "https://api.weixin.qq.com/sns/jscode2session?appid="+APPID+"&secret="+APPSECRET+"&js_code="+code+"&grant_type=authorization_code";
String result = HttpHandler.sendGet(url);
//解析相应内容(转换成json对象)
JSONObject json = JSONObject.fromObject(result);
//获取会话密钥(session_key)
String session_key = json.get("session_key").toString();
//用户的唯一标识(openid)
String openid = json.get("openid").toString();
System.out.println("session_key:"+session_key);
System.out.println("openid:"+openid);
//////////////// 2、对encryptedData加密数据进行AES解密其中包含这openid和unionid ////////////////
String data = AesCbcUtil.decrypt(encryptedData,session_key,iv,"UTF-8");
JSONObject jsonObject = JSONObject.fromObject(data);
String unionid = jsonObject.get("unionId").toString();
return unionid;
}
2.HttpHandler类中sendGet方法:
/** * 向指定URL发送GET方法的请求 * * @param url * 发送请求的URL * @return URL 所代表远程资源的响应结果 */ public static String sendGet(String url) { String result = ""; BufferedReader in = null; try { URL realUrl = new URL(url); // 打开和URL之间的连接 URLConnection connection = realUrl.openConnection(); // 设置通用的请求属性 connection.setRequestProperty("accept", "*/*"); connection.setRequestProperty("connection", "Keep-Alive"); connection.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); // 建立实际的连接 connection.connect(); // 获取所有响应头字段 Map<String, List<String>> map = connection.getHeaderFields(); // 遍历所有的响应头字段 for (String key : map.keySet()) { } // 定义 BufferedReader输入流来读取URL的响应 in = new BufferedReader(new InputStreamReader( connection.getInputStream())); String line; while ((line = in.readLine()) != null) { result += line; } } catch (Exception e) { System.out.println("发送GET请求出现异常!" + e); e.printStackTrace(); } // 使用finally块来关闭输入流 finally { try { if (in != null) { in.close(); } } catch (Exception e2) { e2.printStackTrace(); } } return result; }
3.AesCbcUtil中decrypt方法:
import org.apache.commons.codec.binary.Base64; import org.bouncycastle.jce.provider.BouncyCastleProvider; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import java.io.UnsupportedEncodingException; import java.security.*; import java.security.spec.InvalidParameterSpecException; /** * Created by yfs on 2018/2/6. * <p> * AES-128-CBC 加密方式 * 注: * AES-128-CBC可以自己定义“密钥”和“偏移量“。 * AES-128是jdk自动生成的“密钥”。 */ public class AesCbcUtil { static { //BouncyCastle是一个开源的加解密解决方案,主页在http://www.bouncycastle.org/ Security.addProvider(new BouncyCastleProvider()); } /** * AES解密 * * @param data //密文,被加密的数据 * @param key //秘钥 * @param iv //偏移量 * @param encodingFormat //解密后的结果需要进行的编码 * @return * @throws Exception */ public static String decrypt(String data, String key, String iv, String encodingFormat) throws Exception { // initialize(); //被加密的数据 byte[] dataByte = Base64.decodeBase64(data); //加密秘钥 byte[] keyByte = Base64.decodeBase64(key); //偏移量 byte[] ivByte = Base64.decodeBase64(iv); try { Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding"); SecretKeySpec spec = new SecretKeySpec(keyByte, "AES"); AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES"); parameters.init(new IvParameterSpec(ivByte)); cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化 byte[] resultByte = cipher.doFinal(dataByte); if (null != resultByte && resultByte.length > 0) { String result = new String(resultByte, encodingFormat); return result; } return null; } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } catch (InvalidParameterSpecException e) { e.printStackTrace(); } catch (InvalidKeyException e) { e.printStackTrace(); } catch (InvalidAlgorithmParameterException e) { e.printStackTrace(); } catch (IllegalBlockSizeException e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return null; } }
完成上面的几步就能成功实现微信小程序获得unionid.