微信支持的Authorization code授权模式(公众号开发)(开放平台资料中心中的代公众号发起网页授权)
<p> </p><p>链接:https://blog.csdn.net/ASZJBGD/article/details/82838356</p>
<p>主要流程分为两步:</p>
<p>1.获取code</p>
<p>2.通过code换取accesstoken</p>
<p>流程图:<img class="has" src="https://res.wx.qq.com/op_res/cNgeYEhPpeFMYJyrjYblAf95s1eAd42nmfeDoqxSw7NBsUsVMzrUdNaf183jcqgu" alt=""></p>
<p>第一步:请求CODE</p>
<p>请求方法</p>
<p>在确保微信公众账号拥有授权作用域(scope参数)的权限的前提下(一般而言,已微信认证的服务号拥有snsapi_base和snsapi_userinfo),使用微信客户端打开以下链接(严格按照以下格式,包括顺序和大小写,并请将参数替换为实际内容):</p>
<pre name="code" class="has"><code class="hljs perl">https:<span class="hljs-regexp">//open.weixin.qq.com/<span class="hljs-keyword">connect/oauth2/authorize?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope=SCOPE&<span class="hljs-keyword">state=STATE&component_appid=component_appid<span class="hljs-comment">#wechat_redirect
</span></span></span></span></code></pre>
<p>若提示“该链接无法访问”,请检查参数是否填写错误,是否拥有scope参数对应的授权作用域权限。</p>
<p>参数说明</p>
<div class="table-box">
<table>
<thead>
<tr><th>参数</th><th>是否必须</th><th>说明</th></tr>
</thead>
<tbody>
<tr>
<td>appid</td>
<td>是</td>
<td>公众号的appid</td>
</tr>
<tr>
<td>redirect_uri</td>
<td>是</td>
<td>重定向地址,需要urlencode,这里填写的应是服务开发方的回调地址</td>
</tr>
<tr>
<td>response_type</td>
<td>是</td>
<td>填code</td>
</tr>
<tr>
<td>scope</td>
<td>是</td>
<td>授权作用域,拥有多个作用域用逗号(,)分隔</td>
</tr>
<tr>
<td>state</td>
<td>否</td>
<td>重定向后会带上state参数,开发者可以填写任意参数值,最多128字节</td>
</tr>
<tr>
<td>component_appid</td>
<td>是</td>
<td>服务方的appid,在申请创建公众号服务成功后,可在公众号服务详情页找到</td>
</tr>
</tbody>
</table>
</div>
<p>返回说明</p>
<p>用户允许授权后,将会重定向到redirect_uri的网址上,并且带上code, state以及appid</p>
<pre name="code" class="has"><code class="hljs perl">redirect_uri?code=CODE&<span class="hljs-keyword">state=STATE&appid=APPID
</span></code></pre>
<p>若用户禁止授权,则重定向后不会带上code参数,仅会带上state参数</p>
<pre name="code" class="has"><code class="hljs perl">redirect_uri?<span class="hljs-keyword">state=STATE
</span></code></pre>
<p>第二步:通过code换取access_token</p>
<p>请求方法</p>
<p>获取第一步的code后,请求以下链接获取access_token:</p>
<pre name="code" class="has"><code class="hljs java">https:<span class="hljs-comment">//api.weixin.qq.com/sns/oauth2/component/access_token?appid=APPID&code=CODE&grant_type=authorization_code&component_appid=COMPONENT_APPID&component_access_token=COMPONENT_ACCESS_TOKEN
</span></code></pre>
<p>需要注意的是,由于安全方面的考虑,对访问该链接的客户端有IP白名单的要求。</p>
<p>参数说明</p>
<div class="table-box">
<table>
<thead>
<tr><th>参数</th><th>是否必须</th><th>说明</th></tr>
</thead>
<tbody>
<tr>
<td>appid</td>
<td>是</td>
<td>公众号的appid</td>
</tr>
<tr>
<td>code</td>
<td>是</td>
<td>填写第一步获取的code参数</td>
</tr>
<tr>
<td>grant_type</td>
<td>是</td>
<td>填authorization_code</td>
</tr>
<tr>
<td>component_appid</td>
<td>是</td>
<td>服务开发方的appid</td>
</tr>
<tr>
<td>component_access_token</td>
<td>是</td>
<td>服务开发方的access_token</td>
</tr>
</tbody>
</table>
</div>
<p>返回说明</p>
<p>正确的返回:</p>
<ol class="hljs-ln">
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line">{</div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"access_token":<span class="hljs-string">"ACCESS_TOKEN",</span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"expires_in":<span class="hljs-number">7200,</span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"refresh_token":<span class="hljs-string">"REFRESH_TOKEN",</span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"openid":<span class="hljs-string">"OPENID",</span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"scope":<span class="hljs-string">"SCOPE"</span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line">}</div>
</div>
</li>
</ol>
<div class="table-box">
<table>
<thead>
<tr><th>参数</th><th>说明</th></tr>
</thead>
<tbody>
<tr>
<td>access_token</td>
<td>接口调用凭证</td>
</tr>
<tr>
<td>expires_in</td>
<td>access_token接口调用凭证超时时间,单位(秒)</td>
</tr>
<tr>
<td>refresh_token</td>
<td>用户刷新access_token</td>
</tr>
<tr>
<td>openid</td>
<td>授权用户唯一标识</td>
</tr>
<tr>
<td>scope</td>
<td>用户授权的作用域,使用逗号(,)分隔</td>
</tr>
</tbody>
</table>
</div>
<p>错误返回样例:</p>
<pre name="code" class="has"><code class="hljs java">{<span class="hljs-string">"errcode":<span class="hljs-number">40029,<span class="hljs-string">"errmsg":<span class="hljs-string">"invalid code"}
</span></span></span></span></code></pre>
<p>第三步:刷新access_token(如果需要)</p>
<p>由于access_token拥有较短的有效期,当access_token超时后,可以使用refresh_token进行刷新,refresh_token拥有较长的有效期(30天),当refresh_token失效的后,需要用户重新授权。</p>
<p>请求方法</p>
<p>获取第一步的code后,请求以下链接获取access_token:</p>
<pre name="code" class="has"><code class="hljs java">https:<span class="hljs-comment">//api.weixin.qq.com/sns/oauth2/component/refresh_token?appid=APPID&grant_type=refresh_token&component_appid=COMPONENT_APPID&component_access_token=COMPONENT_ACCESS_TOKEN&refresh_token=REFRESH_TOKEN
</span></code></pre>
<p>参数说明</p>
<div class="table-box">
<table>
<thead>
<tr><th>参数</th><th>是否必须</th><th>说明</th></tr>
</thead>
<tbody>
<tr>
<td>appid</td>
<td>是</td>
<td>公众号的appid</td>
</tr>
<tr>
<td>grant_type</td>
<td>是</td>
<td>填refresh_token</td>
</tr>
<tr>
<td>refresh_token</td>
<td>是</td>
<td>填写通过access_token获取到的refresh_token参数</td>
</tr>
<tr>
<td>component_appid</td>
<td>是</td>
<td>服务开发商的appid</td>
</tr>
<tr>
<td>component_access_token</td>
<td>是</td>
<td>服务开发方的access_token</td>
</tr>
</tbody>
</table>
</div>
<p>返回说明</p>
<p>正确的返回:</p>
<ol class="hljs-ln">
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line">{</div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"access_token":<span class="hljs-string">"ACCESS_TOKEN",</span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"expires_in":<span class="hljs-number">7200,</span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"refresh_token":<span class="hljs-string">"REFRESH_TOKEN",</span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"openid":<span class="hljs-string">"OPENID",</span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"scope":<span class="hljs-string">"SCOPE"</span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line">}</div>
</div>
</li>
</ol>
<div class="table-box">
<table>
<thead>
<tr><th>参数</th><th>说明</th></tr>
</thead>
<tbody>
<tr>
<td>access_token</td>
<td>接口调用凭证</td>
</tr>
<tr>
<td>expires_in</td>
<td>access_token接口调用凭证超时时间,单位(秒)</td>
</tr>
<tr>
<td>refresh_token</td>
<td>用户刷新access_token</td>
</tr>
<tr>
<td>openid</td>
<td>授权用户唯一标识</td>
</tr>
<tr>
<td>scope</td>
<td>用户授权的作用域,使用逗号(,)分隔</td>
</tr>
</tbody>
</table>
</div>
<p>错误返回样例::</p>
<pre name="code" class="has"><code class="hljs java">{<span class="hljs-string">"errcode":<span class="hljs-number">40029,<span class="hljs-string">"errmsg":<span class="hljs-string">"invalid code"}
</span></span></span></span></code></pre>
<p>第四步:通过网页授权access_token获取用户基本信息(需授权作用域为snsapi_userinfo)</p>
<p>如果网页授权作用域为snsapi_userinfo,则此时开发者可以通过access_token和openid拉取用户信息了。</p>
<p>请求方法</p>
<pre name="code" class="has"><code class="hljs java">http:GET(请使用https协议) https:<span class="hljs-comment">//api.weixin.qq.com/sns/userinfo?access_token=ACCESS_TOKEN&openid=OPENID&lang=zh_CN
</span></code></pre>
<p>参数说明</p>
<div class="table-box">
<table>
<thead>
<tr><th>参数</th><th>描述</th></tr>
</thead>
<tbody>
<tr>
<td>access_token</td>
<td>网页授权接口调用凭证,注意:此access_token与基础支持的access_token不同</td>
</tr>
<tr>
<td>openid</td>
<td>用户的唯一标识</td>
</tr>
<tr>
<td>lang</td>
<td>返回国家地区语言版本,zh_CN 简体,zh_TW 繁体,en 英语</td>
</tr>
</tbody>
</table>
</div>
<p>返回说明</p>
<p>正确时返回的JSON数据包如下:</p>
<ol class="hljs-ln">
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line">{</div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"openid":<span class="hljs-string">" OPENID", </span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">" nickname": NICKNAME, </span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"sex":<span class="hljs-string">"1", </span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"province":<span class="hljs-string">"PROVINCE" </span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"city":<span class="hljs-string">"CITY", </span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"country":<span class="hljs-string">"COUNTRY", </span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"headimgurl": <span class="hljs-string">"http://wx.qlogo.cn/mmopen/g3MonUZtNHkdmzicIlibx6iaFqAc56vxLSUfpb6n5WKSYVY0ChQKkiaJSgQ1dZuTOgvLLrhJbERQQ4eMsv84eavHiaiceqxibJxCfHe/46", </span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"privilege":[ <span class="hljs-string">"PRIVILEGE1" <span class="hljs-string">"PRIVILEGE2" ], </span></span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line"><span class="hljs-string">"unionid": <span class="hljs-string">"o6_bmasdasdsad6_2sgVt7hMZOPfL"</span></span></div>
</div>
</li>
<li>
<div class="hljs-ln-numbers"> </div>
<div class="hljs-ln-code">
<div class="hljs-ln-line">}</div>
</div>
</li>
</ol>
<div class="table-box">
<table>
<thead>
<tr><th>参数</th><th>描述</th></tr>
</thead>
<tbody>
<tr>
<td>openid</td>
<td>用户的唯一标识</td>
</tr>
<tr>
<td>nickname</td>
<td>用户昵称</td>
</tr>
<tr>
<td>sex</td>
<td>用户的性别,值为1时是男性,值为2时是女性,值为0时是未知</td>
</tr>
<tr>
<td>province</td>
<td>用户个人资料填写的省份</td>
</tr>
<tr>
<td>city</td>
<td>普通用户个人资料填写的城市</td>
</tr>
<tr>
<td>country</td>
<td>国家,如中国为CN</td>
</tr>
<tr>
<td>headimgurl</td>
<td>用户头像,最后一个数值代表正方形头像大小(有0、46、64、96、132数值可选,0代表640*640正方形头像),用户没有头像时该项为空。若用户更换头像,原有头像URL将失效。</td>
</tr>
<tr>
<td>privilege</td>
<td>用户特权信息,json 数组,如微信沃卡用户为(chinaunicom)</td>
</tr>
<tr>
<td>unionid</td>
<td>只有在用户将公众号绑定到微信开放平台帐号后,才会出现该字段。详见: 获取用户个人信息(UnionID机制)</td>
</tr>
</tbody>
</table>
</div>
<p>错误时微信会返回JSON数据包如下(示例为openid无效):</p>
<pre name="code" class="has"><code class="hljs java">{<span class="hljs-string">"errcode":<span class="hljs-number">40003,<span class="hljs-string">"errmsg":<span class="hljs-string">" invalid openid "}</span></span></span></span></code></pre>
</div>
<div id="MySignature" role="contentinfo">
此博客只是为了记忆相关知识点,大部分为网络上的文章,在此向各个文章的作者表示感谢!<br><br>
来源:https://www.cnblogs.com/mark5/p/11393470.html
頁:
[1]