微信小程序授权微信开放平台

开放平台注册

开发第三方平台，首先需要到微信开放平台申请注册第三方平台账号

创建第三方平台

第三方平台信息配置

第三方授权流程

详细流程说明可参照官网授权流程技术说明；

授权流程代码

获取第三方平台接口调用凭据“cSEO靠我omponent_verify_ticket”

出于安全考虑，在第三方平台创建审核通过后，微信服务器 每隔10分钟会向第三方的消息接收地址推送一次component_verify_ticket，用于获取SEO靠我第三方平台接口调用凭据。

package com.litte.controller.warrant;import com.litte.entity.reception.TWarrantInfo; SEO靠我 import com.litte.service.warrantinfo.TWarrantInfoService; import com.litte.service.warrSEO靠我antmerchant.TWarrantMerchantService; import com.litte.util.DateUtil; import com.littSEO靠我e.util.WinxinUtil; import net.sf.json.JSONObject; import org.apache.commons.lang.StrSEO靠我ingUtils; import org.dom4j.Document; import org.dom4j.DocumentException; impSEO靠我ort org.dom4j.DocumentHelper; import org.dom4j.Element; import org.slf4j.Logger; SEO靠我 import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.AutSEO靠我owired; import org.springframework.stereotype.Controller; import org.springframeworkSEO靠我.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapSEO靠我ping; import org.springframework.web.bind.annotation.ResponseBody;import javax.servlet.http.SEO靠我HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.BuSEO靠我fferedReader; import java.io.IOException; import java.io.PrintWriter; importSEO靠我 java.util.Calendar; import java.util.Date;@Controller @RequestMapping("/warrant") SEO靠我 public class WarrantController {private static final Logger LOGGER = LoggerFactory.getLogger(SEO靠我WarrantController.class);//公众号第三方平台的appidprivate static final String APPID = "wx9681884b28ed7927";//SEO靠我第三方平台申请时填写的接收消息的校验tokenprivate static final String TOKEN = "xinxingshang";// private static final StSEO靠我ring TOKEN = "xinxingshangstar";//第三方平台申请时填写的接收消息的加密symmetric_keyprivate static final String ENCODINSEO靠我GAESKEY = "xinxingshangstarkeykey11keyxinxingshangstar";private static final String SECRET = "a4d75cSEO靠我cc5b9ca0cef697116bc8c2e156";//获取"component_access_token"URLprivate static final String COMPONENT_TOKSEO靠我EN_URL = "https://api.weixin.qq.com/cgi-bin/component/api_component_token";// 获取"pre_auth_code"URLprSEO靠我ivate static final String PRE_AUTH_CODE = "https://api.weixin.qq.com/cgi-bin/component/api_create_prSEO靠我eauthcode?component_access_token=componentAccessToken";// 刷新令牌private static final String AUTHORIZERSEO靠我_REFRESH_TOKEN = "https://api.weixin.qq.com/cgi-bin/component/api_authorizer_token?component_access_SEO靠我token=componentAccessToken";@AutowiredTWarrantInfoService tWarrantInfoService;@AutowiredTWarrantMercSEO靠我hantService TWarrantMerchantService;/*** 获取"component_verify_ticket"** @Description:* @Author: Mr.JkSEO靠我x* @Date: 2019/4/3 16:03* 参考链接：https://blog.csdn.net/liaoyundababe/article/details/53537417* https:/SEO靠我/blog.csdn.net/zhangdaiscott/article/details/48269837*/@RequestMapping("/responseRequest")@ResponseBSEO靠我odypublic void responseRequest(HttpServletRequest request, HttpServletResponse response) throws AesESEO靠我xception, IOException {LOGGER.info("WeChat third-party platform --------- WeChat push Ticket messageSEO靠我 10 minutes-----------");output(response, "success"); // 输出响应的内容。processAuthorizeEvent(request);}/**SEO靠我* 处理授权事件的推送** @param request* @throws IOException* @throws AesException* @throws DocumentException*/SEO靠我public void processAuthorizeEvent(HttpServletRequest request)throws IOException, AesException {StrinSEO靠我g nonce = request.getParameter("nonce");String timestamp = request.getParameter("timestamp");String SEO靠我msgSignature = request.getParameter("msg_signature");LOGGER.info("=====WeChat third-party platform==SEO靠我====" + nonce + " " + timestamp + " " + msgSignature);StringBuilder sb = new StringBuilder();BuffereSEO靠我dReader in = request.getReader();String line;while ((line = in.readLine()) != null) {sb.append(line)SEO靠我;}String xml = sb.toString();LOGGER.info("Third-party platform is released on the whole network-----SEO靠我------------------original, Xml=" + xml);WXBizMsgCrypt pc = new WXBizMsgCrypt(TOKEN, ENCODINGAESKEY,SEO靠我 APPID);LOGGER.info("Third-party platform is released on the whole network-----------------------decSEO靠我ryption WXBizMsgCrypt new 成功");String xml1 = pc.decryptMsg(msgSignature, timestamp, nonce, xml);LOGGSEO靠我ER.info("Third-party platform is released on the whole network-----------------------After decryptioSEO靠我n, Xml=" + xml1);processAuthorizationEvent(xml1);}/*** 保存componentVerifyTicket** @param xml*/void prSEO靠我ocessAuthorizationEvent(String xml) {Document doc;try {doc = DocumentHelper.parseText(xml);Element rSEO靠我ootElt = doc.getRootElement();String componentVerifyTicket = rootElt.elementText("ComponentVerifyTicSEO靠我ket");LOGGER.info("Third-party platform is released on the whole network---------After decryption, CSEO靠我omponentVerifyTicket=" + componentVerifyTicket);if (StringUtils.isNotBlank(componentVerifyTicket)) {SEO靠我TWarrantInfo tWarrantInfo = new TWarrantInfo();tWarrantInfo.setId("053882ef3bed46c795bbd7da470e79cf"SEO靠我);tWarrantInfo.setComponentVerifyTicket(componentVerifyTicket);tWarrantInfo.setTicketCreateTime(DateSEO靠我Util.formatDate(new Date(), "yyyy-MM-dd HH:mm:ss"));int i = tWarrantInfoService.updateByPrimaryKeySeSEO靠我lective(tWarrantInfo);if (i > 0) {LOGGER.info("WeChat third-party platform------------component_veriSEO靠我fy_ticket data save success");} else {LOGGER.info("WeChat third-party platform------------component_SEO靠我verify_ticket data save failure");}}} catch (DocumentException e) {e.printStackTrace();}}/*** @DescrSEO靠我iption: 第三方平台全网发布,消息与事件接收URL* @Author: Mr.Jkx* @Date: 2019/5/8 18:10*/@RequestMapping(value = "/$APPSEO靠我ID$/xxsCallback")public void acceptMessageAndEvent(HttpServletRequest request, @PathVariable("APPID"SEO靠我) String appid,HttpServletResponse response) throws IOException, DocumentException, AesException {LOSEO靠我GGER.info("第三方平台全网发布---------{appid}/callback---------验证开始。。。。");String msgSignature = request.getPaSEO靠我rameter("msg_signature");LOGGER.info("第三方平台全网发布-------------{appid}/callback-----------验证开始。。。。msg_sSEO靠我ignature=" + msgSignature);if (!StringUtils.isNotBlank(msgSignature)) {return;// 微信推送给第三方开放平台的消息一定是加SEO靠我过密的，无消息加密无法解密消息}StringBuilder sb = new StringBuilder();BufferedReader in = request.getReader();StrinSEO靠我g line;while ((line = in.readLine()) != null) {sb.append(line);}in.close();String xml = sb.toString(SEO靠我);Document doc = DocumentHelper.parseText(xml);Element rootElt = doc.getRootElement();String toUserNSEO靠我ame = rootElt.elementText("ToUserName");//微信全网测试账号 // if (StringUtils.equalsIgnoreCase(toUseSEO靠我rName, APPID)) {LOGGER.info("全网发布接入检测消息反馈开始---------------APPID=" + appid + "-----------------------SEO靠我-toUserName=" + toUserName);checkWeixinAllNetworkCheck(request, response, xml); // }}public SEO靠我void checkWeixinAllNetworkCheck(HttpServletRequest request, HttpServletResponse response,String xml)SEO靠我 throws DocumentException, AesException, IOException {String nonce = request.getParameter("nonce");SSEO靠我tring timestamp = request.getParameter("timestamp");String msgSignature = request.getParameter("msg_SEO靠我signature");WXBizMsgCrypt pc = new WXBizMsgCrypt(TOKEN, ENCODINGAESKEY, APPID);xml = pc.decryptMsg(mSEO靠我sgSignature, timestamp, nonce, xml);Document doc = DocumentHelper.parseText(xml);Element rootElt = dSEO靠我oc.getRootElement();String msgType = rootElt.elementText("MsgType");String toUserName = rootElt.elemSEO靠我entText("ToUserName");String fromUserName = rootElt.elementText("FromUserName");LOGGER.info("---全网发布SEO靠我接入检测--step.1-----------msgType="+msgType+"-----------------toUserName="+toUserName+"----------------SEO靠我-fromUserName="+fromUserName); // LogUtil.info("---全网发布接入检测--step.2-----------xml="+xml);if(SEO靠我"event".equals(msgType)){ // LogUtil.info("---全网发布接入检测--step.3-----------事件消息--------");StriSEO靠我ng event = rootElt.elementText("Event");replyEventMessage(request,response,event,toUserName,fromUserSEO靠我Name);}else if("text".equals(msgType)){ // LogUtil.info("---全网发布接入检测--step.3-----------文本消息-SEO靠我-------");String content = rootElt.elementText("Content");processTextMessage(request,response,contenSEO靠我t,toUserName,fromUserName);}}public void replyEventMessage(HttpServletRequest request, HttpServletReSEO靠我sponse response, String event, String toUserName, String fromUserName) throws DocumentException, IOESEO靠我xception {String content = event + "from_callback"; // LogUtil.info("---全网发布接入检测------step.4SEO靠我-------事件回复消息 content="+content + " toUserName="+toUserName+" fromUserName="+fromUserName);replyTextSEO靠我Message(request,response,content,toUserName,fromUserName);}public void processTextMessage(HttpServleSEO靠我tRequest request, HttpServletResponse response,String content,String toUserName, String fromUserNameSEO靠我) throws IOException, DocumentException{if("TESTCOMPONENT_MSG_TYPE_TEXT".equals(content)){String retSEO靠我urnContent = content+"_callback";replyTextMessage(request,response,returnContent,toUserName,fromUserSEO靠我Name);}else if(StringUtils.startsWithIgnoreCase(content, "QUERY_AUTH_CODE")){output(response, "");//SEO靠我接下来客服API再回复一次消息replyApiTextMessage(request,response,content.split(":")[1],fromUserName);}}/*** 回复微信服SEO靠我务器"文本消息"* @param request* @param response* @param content* @param toUserName* @param fromUserName* @SEO靠我throws DocumentException* @throws IOException*/public void replyTextMessage(HttpServletRequest requeSEO靠我st, HttpServletResponse response, String content, String toUserName, String fromUserName) throws DocSEO靠我umentException, IOException {Long createTime = Calendar.getInstance().getTimeInMillis() / 1000;StrinSEO靠我gBuffer sb = new StringBuffer();sb.append("<xml>");sb.append("<ToUserName><![CDATA["+fromUserName+"]SEO靠我]></ToUserName>");sb.append("<FromUserName><![CDATA["+toUserName+"]]></FromUserName>");sb.append("<CSEO靠我reateTime>"+createTime+"</CreateTime>");sb.append("<MsgType><![CDATA[text]]></MsgType>");sb.append("SEO靠我<Content><![CDATA["+content+"]]></Content>");sb.append("</xml>");String replyMsg = sb.toString();StrSEO靠我ing returnvaleue = "";try {WXBizMsgCrypt pc = new WXBizMsgCrypt(TOKEN, ENCODINGAESKEY, APPID);returnSEO靠我valeue = pc.encryptMsg(replyMsg, createTime.toString(), "easemob"); // LOGGER.info("--------SEO靠我----------加密后的返回内容 returnvaleue： "+returnvaleue);} catch (AesException e) {e.printStackTrace();}outpSEO靠我ut(response, returnvaleue);}public void replyApiTextMessage(HttpServletRequest request, HttpServletRSEO靠我esponse response, String auth_code, String fromUserName) throws DocumentException, IOException {// 得SEO靠我到微信授权成功的消息后，应该立刻进行处理！！相关信息只会在首次授权的时候推送过来LOGGER.info("------step.1----使用客服消息接口回复粉丝----逻辑开始-----------SEO靠我------");try {LOGGER.info("------step.1----使用客服消息接口回复粉丝----逻辑开始-------------auth_code: "+auth_code+"SEO靠我 thirdWeixinService.getComponent_access_token:"+TOKEN);String url = "https://api.weixin.qq.com/cgi-bSEO靠我in/component/api_query_auth?component_access_token="+TOKEN;JSONObject jsonObject1 = new JSONObject()SEO靠我;jsonObject1.put("component_appid", APPID);jsonObject1.put("authorization_code", auth_code);JSONObjeSEO靠我ct jsonRes = WinxinUtil.doPostStr(url, jsonObject1.toString());LOGGER.info("------step.1----使用客服消息接口SEO靠我回复粉丝----逻辑开始---------------------jsonRes:"+jsonRes.toString());String msg = auth_code + "_from_api";SEO靠我JSONObject jsonObject = new JSONObject();jsonObject.put("touser", fromUserName);jsonObject.put("msgtSEO靠我ype", "text");JSONObject text = new JSONObject();text.put("content", msg);jsonObject.put("text", texSEO靠我t);WinxinUtil.doPostStr("https://api.weixin.qq.com/cgi-bin/message/custom/send?access_token="+TOKEN,SEO靠我 jsonObject.toString());} catch (Exception e) {e.printStackTrace();}}/*** 工具类：回复微信服务器"文本消息"* @param SEO靠我response* @param returnvaleue*/public void output(HttpServletResponse response, String returnvaleue)SEO靠我 {try {PrintWriter pw = response.getWriter();pw.write(returnvaleue);pw.flush();} catch (IOException SEO靠我e) {e.printStackTrace();}} }

获取第三方平台“component_access_token”

第三方平台通过自己的component_appid（即在微信开放平SEO靠我台管理中心的第三方平台详情页中的AppID和AppSecret）和component_appsecret，以及component_verify_ticket（每10分钟推送一次的安全ticket）来获SEO靠我取自己的接口调用凭据（component_access_token）

/*** @Description: “component_access_token”获取* 有效期2小时* @Author: MrSEO靠我.Jkx* @Date: 2019/4/19 16:57* SpringBoot定时任务，每个110分钟获取一次，并保存到数据库*/@Scheduled(fixedRate = 6600000)pubSEO靠我lic void getComponentAccessToken() {System.out.println("-------------get component_access_token-----SEO靠我----------");WarrantController warrantController = new WarrantController();try {// 从数据库获取微信推送的“compoSEO靠我nent_verify_ticket”TWarrantInfo tWarrantInfo = tWarrantInfoService.selectByPrimaryKey("053882ef3bed4SEO靠我6c795bbd7da470e79cf");String componentVerifyTicket = tWarrantInfo.getComponentVerifyTicket();// 根据“cSEO靠我omponentVerifyTicket”获取“component_access_token”String componentAccessToken = getComponentAccessTokenSEO靠我(componentVerifyTicket);// 数据库保存微信推送加密信息“component_access_token”TWarrantInfo tWarrantInfoData = new SEO靠我TWarrantInfo();tWarrantInfoData.setComponentAccessToken(componentAccessToken);editWarrantInfo(tWarraSEO靠我ntInfoData);} catch (IOException e) {e.printStackTrace();}}/*** @Description: 编辑授权信息* @Author: Mr.JkSEO靠我x* @Date: 2019/4/20 10:12*/public void editWarrantInfo(TWarrantInfo tWarrantInfo) {tWarrantInfo.setISEO靠我d("053882ef3bed46c795bbd7da470e79cf");if (StringUtils.isNotBlank(tWarrantInfo.getComponentAccessTokeSEO靠我n())) {tWarrantInfo.setTokenCreateTime(DateUtil.formatDate(new Date(), "yyyy-MM-dd HH:mm:ss"));}if (SEO靠我StringUtils.isNotBlank(tWarrantInfo.getPreAuthCode())) {tWarrantInfo.setCodeCreateTime(DateUtil.formSEO靠我atDate(new Date(), "yyyy-MM-dd HH:mm:ss"));}int i = tWarrantInfoService.updateByPrimaryKeySelective(SEO靠我tWarrantInfo);if (i > 0) {LOGGER.info("WeChat third-party platform------------data save success");} SEO靠我else {LOGGER.info("WeChat third-party platform------------data save failure");}}/*** @Description: 获SEO靠我取"component_access_token"* @Author: Mr.Jkx* @Date: 2019/4/9 9:45*/public String getComponentAccessToSEO靠我ken(String componentVerifyTicket) throws IOException {/**拼装待发送的Json*/JSONObject json = new JSONObjecSEO靠我t();json.accumulate("component_appid", APPID);json.accumulate("component_appsecret", SECRET);json.acSEO靠我cumulate("component_verify_ticket", componentVerifyTicket);LOGGER.info("第三方授权：获取component_access_tokSEO靠我en:getComponentAccessToken:请求参数json={}", json);/**发送Https请求到微信*/JSONObject retJSONObject = WinxinUtiSEO靠我l.doPostStr(COMPONENT_TOKEN_URL, json.toString());String component_access_token = retJSONObject.getSSEO靠我tring("component_access_token");LOGGER.info("第三方授权：获取component_access_token回执数据:getComponentAccessToSEO靠我ken:component_access_token={}", component_access_token);return component_access_token;}

获取预授权码“pre_auSEO靠我th_code”

第三方平台通过自己的接口调用凭据（component_access_token）来获取用于授权流程准备的预授权码（pre_auth_code）

/*** @Description: 获取SEO靠我预授权码“pre_auth_code”* 有效期10分钟* @Author: Mr.Jkx* @Date: 2019/4/19 16:57* SpringBoot定时任务，每隔9分钟获取一次，并保存到SEO靠我数据库*/@Scheduled(fixedRate = 540000)public void getpreAuthCode() {System.out.println("---------------SEO靠我get pre_auth_code-------------");WarrantController warrantController = new WarrantController();try {SEO靠我// 从数据库获取“component_access_token”令牌TWarrantInfo tWarrantInfo = tWarrantInfoService.selectByPrimaryKeSEO靠我y("053882ef3bed46c795bbd7da470e79cf");String component_access_token = tWarrantInfo.getComponentAccesSEO靠我sToken();// 根据“component_access_token”获取“pre_auth_code”String preAuthCodeData = getPreAuthCodeData(cSEO靠我omponent_access_token);// 数据库保存预授权码“pre_auth_code”TWarrantInfo tWarrantInfoData = new TWarrantInfo()SEO靠我;tWarrantInfoData.setPreAuthCode(preAuthCodeData);editWarrantInfo(tWarrantInfoData);} catch (IOExcepSEO靠我tion e) {e.printStackTrace();}}/*** @Description: 获取"pre_auth_code"(预授权码)* @Author: Mr.Jkx* @Date: 2SEO靠我019/4/9 10:21*/public String getPreAuthCodeData(String component_access_token) throws IOException {JSEO靠我SONObject json = new JSONObject();json.accumulate("component_appid", APPID);json.accumulate("componeSEO靠我nt_access_token", component_access_token);String url = PRE_AUTH_CODE.replace("componentAccessToken",SEO靠我 component_access_token);/**发送Https请求到微信*/JSONObject retStr = WinxinUtil.doPostStr(url, json.toStrinSEO靠我g());LOGGER.info("第三方授权：ThirdPartyServiceImpl:getPreAuthCode:retStr={}", retStr);JSONObject retJSONOSEO靠我bject = JSONObject.fromObject(retStr);/**在返回结果中获取pre_auth_code*/String pre_auth_code = retJSONObjectSEO靠我.getString("pre_auth_code");LOGGER.info("==========第三方授权：获取pre_auth_code:{}", pre_auth_code);return SEO靠我pre_auth_code;}

使用授权码换取公众号或小程序的接口调用凭据和授权信息

通过授权码和自己的接口调用凭据（component_access_token），换取公众号或小程序的接口调用凭据（auSEO靠我thorizer_access_token和用于前者快过期时用来刷新它的authorizer_refresh_token）和授权信息（授权了哪些权限等信息）

/*** @Description: 刷新令SEO靠我牌“authorizer_refresh_token”* 有效期2小时* @Author: Mr.Jkx* @Date: 2019/4/19 16:57*/@Scheduled(fixedRate =SEO靠我 6600000)public void refreshAuthorizerRefreshToken() {System.out.println("---------------get authoriSEO靠我zer_refresh_token-------------");WarrantController warrantController = new WarrantController();try {SEO靠我// 授权方appid{}，接口调用凭据刷新令牌查询List<TWarrantMerchant> tWarrantMerchantList = TWarrantMerchantService.selTSEO靠我WarrantMerchant();// 从数据库获取“component_access_token”令牌TWarrantInfo tWarrantInfo = tWarrantInfoServiceSEO靠我.selectByPrimaryKey("053882ef3bed46c795bbd7da470e79cf");String component_access_token = tWarrantInfoSEO靠我.getComponentAccessToken();List<TWarrantMerchant> tWarrantMerchants = refreshAuthorizerRefreshToken(SEO靠我tWarrantMerchantList, component_access_token);if (tWarrantMerchants.size() > 0) {for (TWarrantMerchaSEO靠我nt tWarrantMerchant : tWarrantMerchants) {long currentTime = new Date().getTime() + 120 * 60 * 1000;SEO靠我Date date = new Date(currentTime);tWarrantMerchant.setDeadline(date);TWarrantMerchantService.updTWarSEO靠我rantMerchant(tWarrantMerchant);}} else {System.out.println("---------------No authorizer_refresh_tokSEO靠我en needs to updated-------------");}} catch (IOException e) {e.printStackTrace();}}/*** @DescriptionSEO靠我: 刷新令牌“authorizer_refresh_token”* @Author: Mr.Jkx* @Date: 2019/5/6 17:58*/public List<TWarrantMerchaSEO靠我nt> refreshAuthorizerRefreshToken(List<TWarrantMerchant> tWarrantMerchants, String component_access_SEO靠我token) throws IOException {List<TWarrantMerchant> tWarrantMerchantList = new ArrayList<>();// 查找需要刷新SEO靠我令牌的数据for (TWarrantMerchant tWarrantMerchant : tWarrantMerchants) { // Date deadline = tWarraSEO靠我ntMerchant.getDeadline(); // if (deadline.getTime() - new Date().getTime() < 600000) {tWarraSEO靠我ntMerchantList.add(tWarrantMerchant); // }}// 重新获取令牌List<TWarrantMerchant> authorizerRefreshSEO靠我Token = getAuthorizerRefreshToken(tWarrantMerchantList, component_access_token);return authorizerRefSEO靠我reshToken;}/*** @Description: 重新获取令牌* @Author: Mr.Jkx* @Date: 2019/5/6 18:39*/private List<TWarrantMSEO靠我erchant> getAuthorizerRefreshToken(List<TWarrantMerchant> tWarrantMerchantList, String component_accSEO靠我ess_token) throws IOException {List<TWarrantMerchant> tWarrantMerchants = new ArrayList<>();for (TWaSEO靠我rrantMerchant tWarrantMerchant : tWarrantMerchantList) {JSONObject json = new JSONObject();json.accuSEO靠我mulate("component_appid", APPID);json.accumulate("authorizer_appid", tWarrantMerchant.getAuthorizatiSEO靠我onAppid());json.accumulate("authorizer_refresh_token", tWarrantMerchant.getAuthorizerRefreshToken())SEO靠我;/**发送Https请求到微信*/String url = AUTHORIZER_REFRESH_TOKEN.replace("componentAccessToken", component_acSEO靠我cess_token);JSONObject retStr = WinxinUtil.doPostStr(url, json.toString());LOGGER.info("==========第三SEO靠我方授权： 令牌刷新{}", retStr);JSONObject retJSONObject = JSONObject.fromObject(retStr);/**在返回结果中获取pre_auth_cSEO靠我ode*/LOGGER.info("==========第三方授权：令牌刷新:{}", retJSONObject);String authorizer_refresh_token = retJSONSEO靠我Object.getString("authorizer_refresh_token");// 接口调用凭据刷新令牌String authorizer_access_token = retJSONObSEO靠我ject.getString("authorizer_access_token");// 小程序授权令牌LOGGER.info("==========第三方授权：获取到的新令牌:{}", retJSOSEO靠我NObject);// 授权商户信息保存TWarrantMerchant updTWarrantMerchant = new TWarrantMerchant();updTWarrantMerchanSEO靠我t.setId(tWarrantMerchant.getId());// 接口调用凭据刷新令牌updTWarrantMerchant.setAuthorizerRefreshToken(authoriSEO靠我zer_refresh_token);updTWarrantMerchant.setAuthorizerAccessToken(authorizer_access_token);tWarrantMerSEO靠我chants.add(updTWarrantMerchant);}return tWarrantMerchants;}

触发授权页面

准备好授权所需的必要信息，请求授权页面，扫码授权。

页面js实现

// 页SEO靠我面授权完成跳转页面“https://www.xxxxx.com/xxx/pages/set1.html” $(function(){$("#bingLink").click(functSEO靠我ion(){// 请求获取必要信息postCreaterHttp(/warrantPhone/warrantMessage,{},function(res){if("200" == res.errorSEO靠我Code){var url=https://mp.weixin.qq.com/cgi-bin/componentloginpage?component_appid=+res.message.compoSEO靠我nentAppid+&pre_auth_code=+res.message.preAuthCode+&redirect_uri=https://www.xxxxx.com/xxx/pages/set1SEO靠我.html;window.open(url);// 请求授权页面}else if("300" == res.errorCode){layui.use(layer, function() {var laSEO靠我yer = layui.layer;layer.msg("账号已经绑定【" + res.appletsName + "】");})}})})})

后台接口实现

@RequestMapping("warraSEO靠我ntPhone") @Controller public class WarrantPhoneController {// 第三方appidprivate staticSEO靠我 final String COMPONENT_APPID = "wx9681884b28ed7927";//回调地址，此处没有用到private static final String REDIRESEO靠我CT_URI = "https://www.xinxingshangstar.com/warrant/warrantBack";@AutowiredTWarrantInfoMapper tWarranSEO靠我tInfoMapper;@AutowiredTWarrantMerchantMapper tWarrantMerchantMapper;/*** @Description: 查询为授权准备的信息* @SEO靠我Author: Mr.Jkx* @UpdateDate: 2019/5/10 15:44*/@RequestMapping("/warrantMessage")@ResponseBodypublic SEO靠我Map<String, Object> getWarrantMessageByPhone(TWarrantMerchant tWarrantMerchant){Map<String, Object> SEO靠我resMap = new HashMap<>();// 根据授权方APPID查询此商户是否授权TWarrantMerchant tWarrantMerchantData = tWarrantMerchSEO靠我antMapper.selWarrantMerchant(tWarrantMerchant);if(null == tWarrantMerchantData){// 数据库查询授权信息TWarrantSEO靠我Info warrantMessageByPhone = tWarrantInfoMapper.selectByPrimaryKey("053882ef3bed46c795bbd7da470e79cfSEO靠我");warrantMessageByPhone.setComponentAppid(COMPONENT_APPID);warrantMessageByPhone.setRedirectUri(REDSEO靠我IRECT_URI);resMap.put("errorCode", "200");resMap.put("message", warrantMessageByPhone);resMap.put("aSEO靠我ppletsName", "");}else{resMap.put("errorCode", "300");resMap.put("message", JsonUtil.toJsonString(neSEO靠我w TWarrantInfo()));resMap.put("appletsName", tWarrantMerchantData.getNickName());}return resMap;} SEO靠我 }

授权完成根据“authCode”（授权码）请求获取授权信息

请求获取授权信息，及授权小程序信息；

本项目，前端js实现

$(function () {var src = window.locaSEO靠我tion.href;var num = 5if (src.indexOf("?auth_code=") > -1) {src = src.split("?auth_code=")[1]}if (srcSEO靠我.indexOf("&expires_in=") > -1) {src = src.split("&expires_in=")[0]}// 用授权码，请求获取授权信息postCreaterHttp(/SEO靠我merchant/addMerchantWarrantInfo, {authCode: src}, function (res) {if (res.errorCode == 200) {$("#waiSEO靠我t").html("配置成功！")} else if (res.errorCode == 100) {$("#wait").html("账号已经授权！")} else {$("#wait").htmlSEO靠我("配置失败！请重新授权")}$(".icon-success,.link").show();setInterval(function () {num = num - 1$(".link span")SEO靠我.html(num)if (num < 1) {window.location.href = "https://www.xxx.com/xxx/pages/index.html"}}, 1000)})SEO靠我})

后端实现

package com.litte.controller.warrantmerchant;import com.litte.controller.warrant.WarrantControSEO靠我ller; import com.litte.entity.reception.TWarrantInfo; import com.litte.entity.receptSEO靠我ion.TWarrantMerchant; import com.litte.service.jurisdiction.UserService; import com.SEO靠我litte.service.warrantinfo.TWarrantInfoService; import com.litte.service.warrantmerchant.TWarSEO靠我rantMerchantService; import com.litte.util.WinxinUtil; import net.sf.json.JSONObjectSEO靠我; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; imporSEO靠我t org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; SEO靠我 import org.springframework.stereotype.Controller; import org.springframework.web.bind.SEO靠我annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody;imporSEO靠我t java.io.IOException; import java.util.Map;/** * @Description: 授权商户信息相关 * @SEO靠我Author: Mr.Jkx * @UpdateDate: 2019/5/10 15:44 */ @Controller @RequesSEO靠我tMapping("/merchant") public class TWarrantMerchantController {private static final Logger LSEO靠我OGGER = LoggerFactory.getLogger(WarrantController.class);//公众号第三方平台的appidprivate static final StringSEO靠我 APPID = "APPID ";// 授权码获取授权公众号小程序信息private static final String API_QUERY_AUTH = "https://api.weixinSEO靠我.qq.com/cgi-bin/component/api_query_auth?component_access_token=componentAccessToken";// 获取授权商户信息priSEO靠我vate static final String API_GET_AUTHORIZER_INFO = "https://api.weixin.qq.com/cgi-bin/component/api_SEO靠我get_authorizer_info?component_access_token=componentAccessToken";@AutowiredTWarrantMerchantService TSEO靠我WarrantMerchantService;@AutowiredTWarrantInfoService tWarrantInfoService;@AutowiredUserService userSSEO靠我ervice;@RequestMapping("/addMerchantWarrantInfo")@ResponseBodypublic Map<String, String> addMerchantSEO靠我WarrantInfo(TWarrantMerchant tWarrantMerchant) throws IOException {int i = 0;String auth_code = tWarSEO靠我rantMerchant.getAuthCode(); // 授权码LOGGER.info("==========第三方授权：扫码授权页面回调，授权码:{}", auth_code);// 从数据库获SEO靠我取“component_access_token”令牌TWarrantInfo tWarrantInfo = tWarrantInfoService.selectByPrimaryKey("05388SEO靠我2ef3bed46c795bbd7da470e79cf");String component_access_token = tWarrantInfo.getComponentAccessToken()SEO靠我;JSONObject json = new JSONObject();json.accumulate("component_appid", APPID);json.accumulate("authoSEO靠我rization_code", auth_code);/**发送Https请求到微信*/String url = API_QUERY_AUTH.replace("componentAccessTokeSEO靠我n", component_access_token);JSONObject retStr = WinxinUtil.doPostStr(url, json.toString());LOGGER.inSEO靠我fo("==========第三方授权： 授权码获取授权公众号小程序{}", retStr);JSONObject retJSONObject = JSONObject.fromObject(retSSEO靠我tr);/**在返回结果中获取pre_auth_code*/LOGGER.info("==========第三方授权：获取授权者信息:{}", retJSONObject);String authorSEO靠我ization_info = retJSONObject.getString("authorization_info");// 授权方信息载体authorization_infoJSONObject SEO靠我jsonObject = JSONObject.fromObject(authorization_info);String authorizer_appid = jsonObject.getStrinSEO靠我g("authorizer_appid");// 授权方appidString authorizerAccessToken = jsonObject.getString("authorizer_accSEO靠我ess_token");// 授权方令牌(配置小程序服务器域名会用到，随着令牌刷新，此字段也会刷新)// 获取授权商户信息Map<String, String> resMap = getTWarranSEO靠我tMerchantInfo(authorizer_appid, tWarrantMerchant.getCreater(), authorizerAccessToken);if(StringUtilsSEO靠我.equals("200", resMap.get("errorCode"))){// 修改授权状态i = userService.updateWarrantType(tWarrantMerchantSEO靠我.getCreater());if(i > 0){resMap.put("errorCode", "200");}else{resMap.put("errorCode", "400");}}returSEO靠我n resMap;}/*** @Description: 获取授权商户信息* @Author: Mr.Jkx* @Date: 2019/5/6 18:57*/private Map<String, SSEO靠我tring> getTWarrantMerchantInfo(String authorizer_appid, String creater, String authorizerAccessTokenSEO靠我) throws IOException {// 从数据库获取“component_access_token”令牌TWarrantInfo tWarrantInfo = tWarrantInfoSerSEO靠我vice.selectByPrimaryKey("053882ef3bed46c795bbd7da470e79cf");String component_access_token = tWarrantSEO靠我Info.getComponentAccessToken();JSONObject json = new JSONObject();json.accumulate("component_appid",SEO靠我 APPID);json.accumulate("authorizer_appid", authorizer_appid);/**发送Https请求到微信*/String url = API_GET_SEO靠我AUTHORIZER_INFO.replace("componentAccessToken", component_access_token);JSONObject retStr = WinxinUtSEO靠我il.doPostStr(url, json.toString());LOGGER.info("==========第三方授权： 获取授权商户信息{}", retStr);JSONObject retSEO靠我JSONObject = JSONObject.fromObject(retStr);/**在返回结果中获取pre_auth_code*/LOGGER.info("==========第三方授权：获取SEO靠我授权商户信息:{}", retJSONObject);//授权商户信息保存数据库Map<String, String> resMap = insertTWarrantMerchantInfo(retJSEO靠我SONObject, creater, authorizerAccessToken);return resMap;}/*** @Description: 授权商户信息保存数据库* @Author: MSEO靠我r.Jkx* @Date: 2019/5/6 19:00*/private Map<String, String> insertTWarrantMerchantInfo(JSONObject retJSEO靠我SONObject, String creater, String authorizerAccessToken) {Map<String, String> resMap = TWarrantMerchSEO靠我antService.insertTWarrantMerchant(retJSONObject, creater, authorizerAccessToken);return resMap;} SEO靠我 } /*** @Description: 授权商户信息保存数据库* @Author: Mr.Jkx* @Date: 2019/5/6 19:00*/ @OveSEO靠我rridepublic Map<String, String> insertTWarrantMerchant(JSONObject retJSONObject, String creater, StrSEO靠我ing authorizerAccessToken) {Map<String, String> resMap = new HashMap<>();int i= 0;TWarrantMerchant tSEO靠我WarrantMerchant = new TWarrantMerchant();// 有效期long currentTime = new Date().getTime() + 120 * 60 * SEO靠我1000;Date date = new Date(currentTime);String authorizerInfo = retJSONObject.getString("authorizer_iSEO靠我nfo");// 授权方公众号小程序具体信息载体authorization_infoJSONObject jsonObject = JSONObject.fromObject(authorizerInSEO靠我fo);String authorizationInfo = retJSONObject.getString("authorization_info");// 授权方公众号小程序授权信息载体authoSEO靠我rization_infoJSONObject jsonObject1 = JSONObject.fromObject(authorizationInfo);String serviceTypeInfSEO靠我o = jsonObject.getString("service_type_info");JSONObject jsonObject2 = JSONObject.fromObject(serviceSEO靠我TypeInfo);String verifyTypeInfo = jsonObject.getString("verify_type_info"); // 授权方认证类型，-1代表未认证，0代表微信SEO靠我认证JSONObject jsonObject3 = JSONObject.fromObject(verifyTypeInfo);// 授权方APPIDString authorizerAppid =SEO靠我 jsonObject1.getString("authorizer_appid");tWarrantMerchant.setId(UUIDUtil.getUUID());tWarrantMerchaSEO靠我nt.setAuthorizationAppid(authorizerAppid);tWarrantMerchant.setAuthorizerRefreshToken(jsonObject1.getSEO靠我String("authorizer_refresh_token"));tWarrantMerchant.setNickName(jsonObject.getString("nick_name"));SEO靠我tWarrantMerchant.setHeadImg(jsonObject.getString("head_img"));tWarrantMerchant.setServiceTypeInfo(jsSEO靠我onObject2.getString("id"));tWarrantMerchant.setVerifyTypeInfo(jsonObject3.getString("id"));tWarrantMSEO靠我erchant.setUserName(jsonObject.getString("user_name"));tWarrantMerchant.setPrincipalName(jsonObject.SEO靠我getString("principal_name"));tWarrantMerchant.setAlias(jsonObject.getString("alias")); // tWSEO靠我arrantMerchant.setBusinessInfo(jsonObject.getString("business_info"));tWarrantMerchant.setQrcodeUrl(SEO靠我jsonObject.getString("qrcode_url")); // tWarrantMerchant.setAuthorizationInfo(jsonObject.getSEO靠我String("authorization_info")); // tWarrantMerchant.setFuncInfo(jsonObject.getString("func_inSEO靠我fo")); // tWarrantMerchant.setMiniprograminfo(jsonObject.getString("miniprograminfo"));tWarrSEO靠我antMerchant.setCreateTime(DateUtil.formatDate(new Date(),"yyyy-MM-dd HH:mm:ss"));tWarrantMerchant.seSEO靠我tDeadline(date);tWarrantMerchant.setCreater(creater);tWarrantMerchant.setAuthorizerAccessToken(authoSEO靠我rizerAccessToken);// 根据授权方APPID查询此商户是否授权 // TWarrantMerchant tWarrantMerchant1 = new TWarranSEO靠我tMerchant(); // tWarrantMerchant1.setCreater(creater); // TWarrantMerchant tWarrantMSEO靠我erchantData1 = tWarrantMerchantMapper.selWarrantMerchant(tWarrantMerchant1); // if(null != tSEO靠我WarrantMerchantData1 && StringUtils.equals("1", tWarrantMerchantData1.getWarrantType())){ //SEO靠我 resMap.put("errorCode", "100"); // return resMap; // }else{TWarrantMerchant tWarranSEO靠我tMerchant2 = new TWarrantMerchant();tWarrantMerchant2.setAuthorizationAppid(authorizerAppid);TWarranSEO靠我tMerchant tWarrantMerchantData2 = tWarrantMerchantMapper.selWarrantMerchant(tWarrantMerchant2);if(nuSEO靠我ll != tWarrantMerchantData2){tWarrantMerchant.setId(tWarrantMerchantData2.getId());i = tWarrantMerchSEO靠我antMapper.updateByPrimaryKeySelective(tWarrantMerchant);}else{i = tWarrantMerchantMapper.insertSelecSEO靠我tive(tWarrantMerchant);}if(i>0){resMap.put("errorCode", "200");LOGGER.info("=======第三方授权：授权商户信息入库完毕！SEO靠我！！");return resMap;}else{resMap.put("errorCode", "300");LOGGER.info("=======第三方授权：授权商户信息入库失败！！！");reSEO靠我turn resMap;} // }}