接收三个参数:分别是wx.login()接口获取的code,调起获取手机号按钮的两个参数encryptedData和iv;
调用auth.code2Session接口可以解析出openid,session_key和unionid,session_key是用来解密个人信息的关键参数。
查看登录凭证校验官方文档
查看获取手机号官方文档
注意点:前端在吊起获取手机号的按钮之前一定要先调用wx.login()这个先后顺序一定不能错,不然会出现解密错误的情况
获取手机号方法,结合自己需求改造
import net.sf.json.JSONObject;
public class getWeixinTelephone {
public static String getTelePhone(String code,String encryptedData,String iv) {
String code2SessionUrl = "https://api.weixin.qq.com/sns/jscode2session?appid=APPID&secret=SECRET&js_code=JSCODE&grant_type=authorization_code";
String appId = "1234321234";//填写自己真实的appid
String appSecret = "qewretryrutitoyoupu";//填写自己真实的appSecret
code2SessionUrl = code2SessionUrl.replace("APPID", appId);
code2SessionUrl = code2SessionUrl.replace("SECRET", appSecret);
code2SessionUrl = code2SessionUrl.replace("JSCODE", code);
JSONObject jsonObject;
try {
//后台调用接口获得返回值
jsonObject = JSONObject.fromObject(HttpUtil.get(code2SessionUrl));
} catch (Exception e) {
e.printStackTrace();
return "系统错误";
}
//调用上面的url的返回值可以解析出openid,session_key和unionid,这里只取用sessionKey用于解密手机号码
String sessionKey = jsonObject.get("session_key").toString();
//工具类调用解密方法解密
String result = WeiXinUtils.decrypt(encryptedData, sessionKey, iv);
//转化为json格式获取手机号码
JSONObject josn = JSONObject.fromObject(result);
return (String) josn.get("phoneNumber");
}
}
WeiXinUtils解密工具类
import sun.misc.BASE64Decoder;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.AlgorithmParameters;
public class WeiXinUtils {
public static String decrypt(String encryptedData, String sessionKey, String ivStr) {
try {
BASE64Decoder decoder = new BASE64Decoder();
AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
params.init(new IvParameterSpec(org.apache.commons.codec.binary.Base64.decodeBase64(ivStr)));
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decoder.decodeBuffer(sessionKey), "AES"), params);
String originalString = new String(cipher.doFinal(decoder.decodeBuffer(encryptedData)), StandardCharsets.UTF_8);
return originalString;
} catch (Exception e) {
throw new RuntimeException("AES解密失败", e);
}
}
}
HttpUtil工具类
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.util.Map;
import java.util.Map.Entry;
public class HttpUtil {
private static final String DEFAULT_CHARSET = "UTF-8";
private static final String _GET = "GET"; // GET
private static final String _POST = "POST";// POST
public static final int DEF_CONN_TIMEOUT = 30000;
public static final int DEF_READ_TIMEOUT = 30000;
/**
* 初始化http请求参数
*
* @param url
* @param method
* @param headers
* @return
* @throws Exception
*/
private static HttpURLConnection initHttp(String url, String method,
Map<String, String> headers) throws Exception {
URL _url = new URL(url);
HttpURLConnection http = (HttpURLConnection) _url.openConnection();
// 连接超时
http.setConnectTimeout(DEF_CONN_TIMEOUT);
// 读取超时 --服务器响应比较慢,增大时间
http.setReadTimeout(DEF_READ_TIMEOUT);
http.setUseCaches(false);
http.setRequestMethod(method);
http.setRequestProperty("Content-Type",
"application/x-www-form-urlencoded");
http.setRequestProperty(
"User-Agent",
"Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36");
if (null != headers && !headers.isEmpty()) {
for (Entry<String, String> entry : headers.entrySet()) {
http.setRequestProperty(entry.getKey(), entry.getValue());
}
}
http.setDoOutput(true);
http.setDoInput(true);
http.connect();
return http;
}
/**
* 初始化http请求参数
*
* @param url
* @param method
* @return
* @throws Exception
*/
private static HttpsURLConnection initHttps(String url, String method,
Map<String, String> headers) throws Exception {
TrustManager[] tm = {new MyX509TrustManager()};
System.setProperty("https.protocols", "TLSv1");
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tm, new java.security.SecureRandom());
// 从上述SSLContext对象中得到SSLSocketFactory对象
SSLSocketFactory ssf = sslContext.getSocketFactory();
URL _url = new URL(url);
HttpsURLConnection http = (HttpsURLConnection) _url.openConnection();
// 设置域名校验
http.setHostnameVerifier(new HttpUtil().new TrustAnyHostnameVerifier());
// 连接超时
http.setConnectTimeout(DEF_CONN_TIMEOUT);
// 读取超时 --服务器响应比较慢,增大时间
http.setReadTimeout(DEF_READ_TIMEOUT);
http.setUseCaches(false);
http.setRequestMethod(method);
http.setRequestProperty("Content-Type",
"application/x-www-form-urlencoded");
http.setRequestProperty(
"User-Agent",
"Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36");
if (null != headers && !headers.isEmpty()) {
for (Entry<String, String> entry : headers.entrySet()) {
http.setRequestProperty(entry.getKey(), entry.getValue());
}
}
http.setSSLSocketFactory(ssf);
http.setDoOutput(true);
http.setDoInput(true);
http.connect();
return http;
}
/**
* @return 返回类型:
* @throws Exception
* @description 功能描述: get 请求
*/
public static String get(String url, Map<String, String> params,
Map<String, String> headers) throws Exception {
HttpURLConnection http = null;
if (isHttps(url)) {
http = initHttps(initParams(url, params), _GET, headers);
} else {
http = initHttp(initParams(url, params), _GET, headers);
}
InputStream in = http.getInputStream();
BufferedReader read = new BufferedReader(new InputStreamReader(in,
DEFAULT_CHARSET));
String valueString = null;
StringBuffer bufferRes = new StringBuffer();
while ((valueString = read.readLine()) != null) {
bufferRes.append(valueString);
}
in.close();
if (http != null) {
http.disconnect();// 关闭连接
}
return bufferRes.toString();
}
public static String get(String url) throws Exception {
return get(url, null);
}
public static String get(String url, Map<String, String> params)
throws Exception {
return get(url, params, null);
}
public static String post(String url, String params)
throws Exception {
HttpURLConnection http = null;
if (isHttps(url)) {
http = initHttps(url, _POST, null);
} else {
http = initHttp(url, _POST, null);
}
OutputStream out = http.getOutputStream();
out.write(params.getBytes(DEFAULT_CHARSET));
out.flush();
out.close();
InputStream in = http.getInputStream();
BufferedReader read = new BufferedReader(new InputStreamReader(in,
DEFAULT_CHARSET));
String valueString = null;
StringBuffer bufferRes = new StringBuffer();
while ((valueString = read.readLine()) != null) {
bufferRes.append(valueString);
}
in.close();
if (http != null) {
http.disconnect();// 关闭连接
}
return bufferRes.toString();
}
/**
* 功能描述: 构造请求参数
*
* @return 返回类型:
* @throws Exception
*/
public static String initParams(String url, Map<String, String> params)
throws Exception {
if (null == params || params.isEmpty()) {
return url;
}
StringBuilder sb = new StringBuilder(url);
if (url.indexOf("?") == -1) {
sb.append("?");
}
sb.append(map2Url(params));
return sb.toString();
}
/**
* map构造url
*
* @return 返回类型:
* @throws Exception
*/
public static String map2Url(Map<String, String> paramToMap)
throws Exception {
if (null == paramToMap || paramToMap.isEmpty()) {
return null;
}
StringBuffer url = new StringBuffer();
boolean isfist = true;
for (Entry<String, String> entry : paramToMap.entrySet()) {
if (isfist) {
isfist = false;
} else {
url.append("&");
}
url.append(entry.getKey()).append("=");
String value = entry.getValue();
if (null != value && value != "") {
url.append(URLEncoder.encode(value, DEFAULT_CHARSET));
}
}
return url.toString();
}
/**
* 检测是否https
*
* @param url
*/
private static boolean isHttps(String url) {
return url.startsWith("https");
}
public class TrustAnyHostnameVerifier implements HostnameVerifier {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;// 直接返回true
}
}
}