本文介绍了如何在微信小程序中通过前端获取code后,调用微信接口获取session_key,并使用AES解密获取用户手机号的过程,包括所需依赖和关键步骤。
微信小程序获取手机号需要后台进行解密
以java为例
想要获取用户在小程序里面的手机号,需要用户先在小程序里面登录,因为微信小程序提供的登录接口(这个接口在微信开发文档里面有)里面返回值有一个code,
前端拿到这个code后再进行访问微信的另外一个接口,传三个参数:刚获取的code和appId和appSecret(appId和appSecret在小程序管理后台可以看见)
String params = "appid=" + appId + "&secret=" + appSecret + "&js_code=" + code + "&grant_type=" + "authorization_code";
// 发送请求
String result = HttpRequest.sendGet("https://api.weixin.qq.com/sns/jscode2session", params);
return jsonObject.getString("session_key");
我是用java写的,你们可以根据自己情况改
获取到sessionKey之后
前端在访问一个微信小程序提高的获取手机号接口,得到三个返回值,其中有两个返回值(encryptedData和iv使我们解密的时候需要用到的)再搭配刚才获取的sessionKey把这三个值传给java后端,后端进行解密
后端需要干的工作:
导入依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.68</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.79</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.15</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk16</artifactId>
<version>1.46</version>
</dependency>
第一步
定义接口获取前端提供的三个参数
@RequestMapping("/phone")
public String getPhone(
@RequestParam("encryptedData") String encryptedData,
@RequestParam("sessionKey") String sessionKey,
@RequestParam("iv") String iv) {
return decrypt(encryptedData, sessionKey, iv);
}
第二步
定义解密方法对这三个方法进行解密
/**
* 解密数据
*
* @return
* @throws Exception
*/
public static String decrypt(String encryptedData, String sessionKey, String iv) {
String result = "";
try {
AES aes = new AES();
byte[] resultByte = aes.decrypt(Base64.decodeBase64(encryptedData), Base64.decodeBase64(sessionKey), Base64.decodeBase64(iv));
if (null != resultByte && resultByte.length > 0) {
result = new String(WxPKCS7Encoder.decode(resultByte));
// 这里也可以让前端把appid传过来,在做一下检验,我没做,懒得做
}
} catch (Exception e) {
result = "";
e.printStackTrace();
}
return result;
}
将解密和工具类创建好
package com.zhm.utls;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
/**
* AES加密
*/
public class AES {
public static boolean initialized = false;
/**
* AES解密
* @param content
* 密文
* @return
* @throws InvalidAlgorithmParameterException
* @throws NoSuchProviderException
*/
public byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException {
initialize();
try {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
Key sKeySpec = new SecretKeySpec(keyByte, "AES");
cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化
byte[] result = cipher.doFinal(content);
return result;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (NoSuchProviderException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
public static void initialize() {
if (initialized){
return;
}
Security.addProvider(new BouncyCastleProvider());
initialized = true;
}
// 生成iv
public static AlgorithmParameters generateIV(byte[] iv) throws Exception {
AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
params.init(new IvParameterSpec(iv));
return params;
}
}
第二个解密工具类
package com.zhm.utls;
import java.nio.charset.Charset;
import java.util.Arrays;
/**
* 微信小程序加解密
* @author liuyazhuang
*
*/
public class WxPKCS7Encoder {
private static final Charset CHARSET = Charset.forName("utf-8");
private static final int BLOCK_SIZE = 32;
/**
* 获得对明文进行补位填充的字节.
*
* @param count
* 需要进行填充补位操作的明文字节个数
* @return 补齐用的字节数组
*/
public static byte[] encode(int count) {
// 计算需要填充的位数
int amountToPad = BLOCK_SIZE - (count % BLOCK_SIZE);
if (amountToPad == 0) {
amountToPad = BLOCK_SIZE;
}
// 获得补位所用的字符
char padChr = chr(amountToPad);
String tmp = new String();
for (int index = 0; index < amountToPad; index++) {
tmp += padChr;
}
return tmp.getBytes(CHARSET);
}
/**
* 删除解密后明文的补位字符
*
* @param decrypted
* 解密后的明文
* @return 删除补位字符后的明文
*/
public static byte[] decode(byte[] decrypted) {
int pad = decrypted[decrypted.length - 1];
if (pad < 1 || pad > 32) {
pad = 0;
}
return Arrays.copyOfRange(decrypted, 0, decrypted.length - pad);
}
/**
* 将数字转化成ASCII码对应的字符,用于对明文进行补码
*
* @param a
* 需要转化的数字
* @return 转化得到的字符
*/
public static char chr(int a) {
byte target = (byte) (a & 0xFF);
return (char) target;
}
}
你也可以写成一个,根据自己需求来
扫一扫
2886
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
