Shulou(Shulou.com)06/01 Report--

Today, I will talk to you about Java based on the Wechat official account interface to achieve authorization login source code and principle analysis, many people may not quite understand, in order to make you better understand, the editor summarized the following, I hope you can get something according to this article.

The prerequisite for authorized login operation on Wechat official account must be registered on Wechat public platform account. Note that Subscription account does not support authorized login operation, so Subscription account registered by individual developers cannot be realized. The Wechat platform account of an enterprise account must be registered and the specific registration process will not be introduced in detail. If you have any questions, you can go to the Wechat official account platform to view specific documents.

Next, let's talk about the specific Wechat authorization login process. Open the official website of Wechat Development document (https://mp.weixin.qq.com/wiki), and find "Wechat Web Authorization" in "Wechat Web Development". The implementation of Wechat authorization login is described in detail, as shown in the figure:

AppId and AppSecret parameters are shown in the following figure:

The web authorization process is divided into four steps:

1. Guide the user to the authorization page to agree to the authorization and obtain the code

2. Exchange for web page authorization access_token through code (different from access_token in basic support)

3. If necessary, developers can refresh the web license access_token to avoid expiration.

4. Obtain basic user information through web authorization access_token and openid (UnionID mechanism is supported)

Step 1: first, you need to get the code. Send the link as follows: https://open.weixin.qq.com/connect/oauth3/authorize?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope=SCOPE&state=STATE#wechat_redirect

Parameters appid, redirect_uri, response_type, scope and state are described as shown below:

Note: when scope is snsapi_base (silent authorization), the authorization page will not pop up; when scope is snsapi_userinfo (manual authorization), the authorization page will pop up and the relevant information of the user can be obtained.

There are two ways of Wechat authorization.

The first silent authorization: the login user will not be prompted to return the user code directly, but if the login user has a follow official account, he will not be able to get all the information of the login user.

The web authorization initiated by snsapi_base for scope is used to obtain the openid of the user entering the page and is silently authorized and automatically redirected to the callback page. What the user perceives is to go directly to the callback page (often the business page).

The second kind of manual authorization: the authorization page pops up, and the login user can get the information of the login user after clicking OK.

The web authorization initiated by snsapi_userinfo for scope is used to obtain the basic information of the user. However, this kind of authorization requires the user to agree manually, and because the user has agreed, the basic information of the user can be obtained without attention after authorization.

Reference case:

Silent authorization https://open.weixin.qq.com/connect/oauth3/authorize?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope=snsapi_base&state=STATE#wechat_redirect

Manually authorize https://open.weixin.qq.com/connect/oauth3/authorize?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope=snsapi_userinfo&state=STATE#wechat_redirect

Step 2: obtain the web page authorization access_token ticket through the code value

Each time the login user is authorized to carry a different code, the code can only be used once and expires automatically in 5 minutes.

Https://api.weixin.qq.com/sns/oauth3/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code

Parameters appid, secret, code and grant_type are described as shown below:

Step 3: refresh access_token (if required)

Because access_token has a short validity period, when the access_token times out, you can use refresh_token to refresh. The refresh_token is valid for 30 days. When the refresh_token expires, you need to re-authorize it.

Step 4: pull user information (scope is required to be snsapi_userinfo)

The scope of web page authorization for obtaining user information is snsapi_userinfo, and developers can obtain user information through access_token and openid. The specific links are as follows: https://api.weixin.qq.com/sns/userinfo?access_token=ACCESS_TOKEN&openid=OPENID&lang=zh_CN

Parameters access_token, openid and lang are described as shown below:

Specifically implement the official account authorization login code of Wechat, and enter our backend login call method through the callback url entered.

If the login is successfully authorized, the correct json format data will be returned, otherwise the failure will return the corresponding error code.

After reading the above, do you have any further understanding of Java's source code and principle analysis of authorized login based on the official account interface of Wechat? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.