java applet wechat authorized login and decryption to obtain wechat user information

1. Wechat authorized login   decrypt   Required jar   package


2. According to the foreground   wx.login Parameters of   Decrypt openid   etc.

        Reception   Transmitted   parameter     1 code   two   encryptedData 3 iv     (you can browse wechat open platform for the method of obtaining parameters at the front desk)

        First step   First, according to   code   obtain   SessionKey   object   Inside this object   Contains   openId   And sessionkey   character string   , sessionKey   String is one of the important parameters for obtaining mobile phone number


      SessionKey   sessionKey = Users.with(new AppSetting(appId, appSecret)).code2Session(code);
        String sessionKeyStr = sessionKey.getSessionKey();
        String openId = sessionKey.getOpenId();

among   appId   And appSecret   Are small programs applied on the public platform   after   From wechat   Applet coding   and   Secret key

Get user   openid,   At this point   The project has its own logic.

Including but not limited to   Create a new user   Or log in   wait.

You can use openId   Generate token   Other information   be used for   Front and rear interaction

3 decrypt user privacy data

public JSONObject getUserInfo(String encryptedData, String sessionKey, String iv){
        // Encrypted data
        byte[] dataByte = Base64.decode(encryptedData);
        // Encryption key
        byte[] keyByte = Base64.decode(sessionKey);
        // Offset
        byte[] ivByte = Base64.decode(iv);
        try {
            // If the key is less than 16 bits, supplement it. The content in this if is very important
            int base = 16;
            if (keyByte.length % base != 0) {
                int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
                byte[] temp = new byte[groups * base];
                Arrays.fill(temp, (byte) 0);
                System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
                keyByte = temp;
            AlgorithmParameterSpec ivSpec = new IvParameterSpec(ivByte);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            SecretKeySpec keySpec = new SecretKeySpec(keyByte, "AES");
            // Set to decryption mode
            cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
            String resultString = new String(cipher.doFinal(dataByte), "UTF-8");
            return JSONUtil.parseObj(resultString);
        } catch (Exception e) {
        return null;

encryptedData   And iv   All are foreground calls   Wechat api   Get parameters

String sessionKey   stay   Use code   Obtained SessionKey   Object   contain

resultString at this time   Does it include the user's mobile phone number

    "phoneNumber": "13580006666",
    "purePhoneNumber": "13580006666",
    "countryCode": "86",
        "timestamp": TIMESTAMP

It is worth mentioning that   After April this year   Get user UnionId through wechat   Do not proceed   decrypt   adopt   First step   Obtained SessionKey   object   You can get UnionId

But I'm actually developing it   unionId not obtained   And the project has no rigid requirements for this   No   Dig deeper. That I don't know now   how   Get unionId    

four   The front desk can   direct   call   Wechat api     wx.getUserInfo () get users   head portrait   nickname   Other information

Conclusion: due to the time relationship, I made such a rough introduction   Wechat authorized login. As a developer with more than one year's experience   There are still many deficiencies. Welcome everyone   Criticism and guidance----   Next article   I will explain it in detail   Wechat applet payment logic

Tags: Java Mini Program wechat

Posted on Fri, 24 Sep 2021 07:01:03 -0400 by sniped22