微信小程序解密手机号

接收三个参数:分别是wx.login()接口获取的code,调起获取手机号按钮的两个参数encryptedData和iv;
调用auth.code2Session接口可以解析出openid,session_key和unionid,session_key是用来解密个人信息的关键参数。
查看登录凭证校验官方文档
查看获取手机号官方文档
注意点:前端在吊起获取手机号的按钮之前一定要先调用wx.login()这个先后顺序一定不能错,不然会出现解密错误的情况

获取手机号方法,结合自己需求改造

import net.sf.json.JSONObject;

public class getWeixinTelephone {
    public static String getTelePhone(String code,String encryptedData,String iv) {
        String code2SessionUrl = "https://api.weixin.qq.com/sns/jscode2session?appid=APPID&secret=SECRET&js_code=JSCODE&grant_type=authorization_code";
        String appId = "1234321234";//填写自己真实的appid
        String appSecret = "qewretryrutitoyoupu";//填写自己真实的appSecret
        code2SessionUrl = code2SessionUrl.replace("APPID", appId);
        code2SessionUrl = code2SessionUrl.replace("SECRET", appSecret);
        code2SessionUrl = code2SessionUrl.replace("JSCODE", code);

        JSONObject jsonObject;
        try {
            //后台调用接口获得返回值
            jsonObject = JSONObject.fromObject(HttpUtil.get(code2SessionUrl));
        } catch (Exception e) {
            e.printStackTrace();
            return "系统错误";
        }
        //调用上面的url的返回值可以解析出openid,session_key和unionid,这里只取用sessionKey用于解密手机号码
        String sessionKey = jsonObject.get("session_key").toString();
        //工具类调用解密方法解密
        String result = WeiXinUtils.decrypt(encryptedData, sessionKey, iv);
        //转化为json格式获取手机号码
        JSONObject josn = JSONObject.fromObject(result);
        return (String) josn.get("phoneNumber");
    }
}

WeiXinUtils解密工具类

import sun.misc.BASE64Decoder;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.AlgorithmParameters;

public class WeiXinUtils {
    public static String decrypt(String encryptedData, String sessionKey, String ivStr) {
        try {
            BASE64Decoder decoder = new BASE64Decoder();
            AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
            params.init(new IvParameterSpec(org.apache.commons.codec.binary.Base64.decodeBase64(ivStr)));
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decoder.decodeBuffer(sessionKey), "AES"), params);
            String originalString = new String(cipher.doFinal(decoder.decodeBuffer(encryptedData)), StandardCharsets.UTF_8);
            return originalString;
        } catch (Exception e) {
            throw new RuntimeException("AES解密失败", e);
        }
    }
}

HttpUtil工具类


import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.TrustManager; import java.io.BufferedReader; import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStream; import java.net.HttpURLConnection; import java.net.URL; import java.net.URLEncoder; import java.util.Map; import java.util.Map.Entry; public class HttpUtil { private static final String DEFAULT_CHARSET = "UTF-8"; private static final String _GET = "GET"; // GET private static final String _POST = "POST";// POST public static final int DEF_CONN_TIMEOUT = 30000; public static final int DEF_READ_TIMEOUT = 30000; /** * 初始化http请求参数 * * @param url * @param method * @param headers * @return * @throws Exception */ private static HttpURLConnection initHttp(String url, String method, Map<String, String> headers) throws Exception { URL _url = new URL(url); HttpURLConnection http = (HttpURLConnection) _url.openConnection(); // 连接超时 http.setConnectTimeout(DEF_CONN_TIMEOUT); // 读取超时 --服务器响应比较慢,增大时间 http.setReadTimeout(DEF_READ_TIMEOUT); http.setUseCaches(false); http.setRequestMethod(method); http.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); http.setRequestProperty( "User-Agent", "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36"); if (null != headers && !headers.isEmpty()) { for (Entry<String, String> entry : headers.entrySet()) { http.setRequestProperty(entry.getKey(), entry.getValue()); } } http.setDoOutput(true); http.setDoInput(true); http.connect(); return http; } /** * 初始化http请求参数 * * @param url * @param method * @return * @throws Exception */ private static HttpsURLConnection initHttps(String url, String method, Map<String, String> headers) throws Exception { TrustManager[] tm = {new MyX509TrustManager()}; System.setProperty("https.protocols", "TLSv1"); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, tm, new java.security.SecureRandom()); // 从上述SSLContext对象中得到SSLSocketFactory对象 SSLSocketFactory ssf = sslContext.getSocketFactory(); URL _url = new URL(url); HttpsURLConnection http = (HttpsURLConnection) _url.openConnection(); // 设置域名校验 http.setHostnameVerifier(new HttpUtil().new TrustAnyHostnameVerifier()); // 连接超时 http.setConnectTimeout(DEF_CONN_TIMEOUT); // 读取超时 --服务器响应比较慢,增大时间 http.setReadTimeout(DEF_READ_TIMEOUT); http.setUseCaches(false); http.setRequestMethod(method); http.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); http.setRequestProperty( "User-Agent", "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36"); if (null != headers && !headers.isEmpty()) { for (Entry<String, String> entry : headers.entrySet()) { http.setRequestProperty(entry.getKey(), entry.getValue()); } } http.setSSLSocketFactory(ssf); http.setDoOutput(true); http.setDoInput(true); http.connect(); return http; } /** * @return 返回类型: * @throws Exception * @description 功能描述: get 请求 */ public static String get(String url, Map<String, String> params, Map<String, String> headers) throws Exception { HttpURLConnection http = null; if (isHttps(url)) { http = initHttps(initParams(url, params), _GET, headers); } else { http = initHttp(initParams(url, params), _GET, headers); } InputStream in = http.getInputStream(); BufferedReader read = new BufferedReader(new InputStreamReader(in, DEFAULT_CHARSET)); String valueString = null; StringBuffer bufferRes = new StringBuffer(); while ((valueString = read.readLine()) != null) { bufferRes.append(valueString); } in.close(); if (http != null) { http.disconnect();// 关闭连接 } return bufferRes.toString(); } public static String get(String url) throws Exception { return get(url, null); } public static String get(String url, Map<String, String> params) throws Exception { return get(url, params, null); } public static String post(String url, String params) throws Exception { HttpURLConnection http = null; if (isHttps(url)) { http = initHttps(url, _POST, null); } else { http = initHttp(url, _POST, null); } OutputStream out = http.getOutputStream(); out.write(params.getBytes(DEFAULT_CHARSET)); out.flush(); out.close(); InputStream in = http.getInputStream(); BufferedReader read = new BufferedReader(new InputStreamReader(in, DEFAULT_CHARSET)); String valueString = null; StringBuffer bufferRes = new StringBuffer(); while ((valueString = read.readLine()) != null) { bufferRes.append(valueString); } in.close(); if (http != null) { http.disconnect();// 关闭连接 } return bufferRes.toString(); } /** * 功能描述: 构造请求参数 * * @return 返回类型: * @throws Exception */ public static String initParams(String url, Map<String, String> params) throws Exception { if (null == params || params.isEmpty()) { return url; } StringBuilder sb = new StringBuilder(url); if (url.indexOf("?") == -1) { sb.append("?"); } sb.append(map2Url(params)); return sb.toString(); } /** * map构造url * * @return 返回类型: * @throws Exception */ public static String map2Url(Map<String, String> paramToMap) throws Exception { if (null == paramToMap || paramToMap.isEmpty()) { return null; } StringBuffer url = new StringBuffer(); boolean isfist = true; for (Entry<String, String> entry : paramToMap.entrySet()) { if (isfist) { isfist = false; } else { url.append("&"); } url.append(entry.getKey()).append("="); String value = entry.getValue(); if (null != value && value != "") { url.append(URLEncoder.encode(value, DEFAULT_CHARSET)); } } return url.toString(); } /** * 检测是否https * * @param url */ private static boolean isHttps(String url) { return url.startsWith("https"); } public class TrustAnyHostnameVerifier implements HostnameVerifier { @Override public boolean verify(String hostname, SSLSession session) { return true;// 直接返回true } } }

发表评论

电子邮件地址不会被公开。 必填项已用*标注