package com.jdc.jdcproject.controller; import com.google.gson.Gson; import com.jdc.jdcproject.entity.Users; import com.jdc.jdcproject.exceptionhandler.JdcException; import com.jdc.jdcproject.service.IUsersService; import com.jdc.jdcproject.utils.ConstantUtils; import com.jdc.jdcproject.utils.HttpUtils; import com.jdc.jdcproject.utils.JwtUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.CrossOrigin; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import javax.servlet.http.HttpSession; import java.io.UnsupportedEncodingException; import java.net.URLEncoder; import java.util.HashMap; @Controller @RequestMapping("/api/ucenter/wx") @CrossOrigin public class WxApiController { @Autowired private IUsersService usersService; @GetMapping("login") public String genQrConnect(HttpSession session) { // 微信开放平台授权baseUrl String baseUrl = "https://open.weixin.qq.com/connect/qrconnect" + "?appid=%s" + "&redirect_uri=%s" + "&response_type=code" + "&scope=snsapi_login" + "&state=%s" + "#wechat_redirect"; // 回调地址 String redirectUrl = ConstantUtils.WX_OPEN_REDIRECT_URL; //获取业务服务器重定向地址 try { redirectUrl = URLEncoder.encode(redirectUrl, "UTF-8"); //url编码 } catch (UnsupportedEncodingException e) { throw new JdcException(20001, e.getMessage()); } // 防止csrf攻击(跨站请求伪造攻击) //String state = UUID.randomUUID().toString().replaceAll("-", "");//一般情况下会使用一个随机数 String state = "imhelen";//为了让大家能够使用我搭建的外网的微信回调跳转服务器,这里填写你在ngrok的前置域名 System.out.println("state = " + state); // 采用redis等进行缓存state 使用sessionId为key 30分钟后过期,可配置 //键:"wechar-open-state-" + httpServletRequest.getSession().getId() //值:satte //过期时间:30分钟 //生成qrcodeUrl String qrcodeUrl = String.format( baseUrl, ConstantUtils.WX_OPEN_APP_ID, redirectUrl, state); return "redirect:" + qrcodeUrl; } @GetMapping("callback") public String callback(String code, String state, HttpSession session) { try { //得到授权临时票据code System.out.println("code = " + code); System.out.println("state = " + state); //向认证服务器发送请求换取access_token String baseAccessTokenUrl = "https://api.weixin.qq.com/sns/oauth2/access_token" + "?appid=%s" + "&secret=%s" + "&code=%s" + "&grant_type=authorization_code"; String accessTokenUrl = String.format(baseAccessTokenUrl, ConstantUtils.WX_OPEN_APP_ID, ConstantUtils.WX_OPEN_APP_SECRET, code); String result = HttpUtils.get(accessTokenUrl); System.out.println("accessToken=============" + result); //解析json字符串 Gson gson = new Gson(); HashMap map = gson.fromJson(result, HashMap.class); String accessToken = (String) map.get("access_token"); String openid = (String) map.get("openid"); //查询数据库当前用用户是否曾经使用过微信登录 /* Users member = usersService.getByOpenid(openid); if (member == null) { System.out.println("新用户注册"); //访问微信的资源服务器,获取用户信息 String baseUserInfoUrl = "https://api.weixin.qq.com/sns/userinfo" + "?access_token=%s" + "&openid=%s"; String userInfoUrl = String.format(baseUserInfoUrl, accessToken, openid); String resultUserInfo = null; resultUserInfo = HttpUtils.get(userInfoUrl); System.out.println("resultUserInfo==========" + resultUserInfo); HashMap mapUserInfo = gson.fromJson(resultUserInfo, HashMap.class); String nickname = (String) mapUserInfo.get("nickname"); String headimgurl = (String) mapUserInfo.get("headimgurl"); }*/ //String memberIdByJwtToken = JwtUtils.getJwtToken(member.getId(), member.getUsername()); return "redirect:http://localhost:8000?token=" ; } catch (Exception e) { throw new JdcException(20001, "登陆失败"); } } }