一、本节要点
1.获取jsapi_ticket
//2.获取getJsapiTicket的接口地址,有效期为7200秒
private static final String GET_JSAPITICKET_URL="https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=ACCESS_TOKEN&type=jsapi"; /**
* @desc :2.获取JsapiTicket
*
* @param accessToken 有效凭证
* @return
* @throws Exception String
*/
public static String getJsapiTicket(String accessToken) throws Exception {
//1.获取请求url
String url=GET_JSAPITICKET_URL.replace("ACCESS_TOKEN", accessToken); //2.发起GET请求,获取返回结果
JSONObject jsonObject=HttpHelper.doGet(url);
logger.info("jsonObject:"+jsonObject.toJSONString()); //3.解析结果,获取accessToken
String jsapiTicket="";
if (null != jsonObject) {
//4.错误消息处理
if (jsonObject.getInteger("errcode")!=null && 0 != jsonObject.getInteger("errcode")) {
int errCode = jsonObject.getInteger("errcode");
String errMsg = jsonObject.getString("errmsg");
throw new Exception("error code:"+errCode+", error message:"+errMsg);
//5.成功获取jsapiTicket
}else {
jsapiTicket=jsonObject.getString("ticket");
}
} return jsapiTicket;
}
2.JS-SDK 使用权限签名算法
/**
* @desc :4.获取前端jsapi需要的配置参数
*
* @param request
* @return String
*/
public static String getJsapiConfig(HttpServletRequest request){ //1.准备好参与签名的字段
//1.1 url
/*
*以http://localhost/test.do?a=b&c=d为例
*request.getRequestURL的结果是http://localhost/test.do
*request.getQueryString的返回值是a=b&c=d
*/
String urlString = request.getRequestURL().toString();
String queryString = request.getQueryString();
String queryStringEncode = null;
String url;
if (queryString != null) {
queryStringEncode = URLDecoder.decode(queryString);
url = urlString + "?" + queryStringEncode;
} else {
url = urlString;
} //1.2 noncestr
String nonceStr=UUID.randomUUID().toString(); //随机数
//1.3 timestamp
long timeStamp = System.currentTimeMillis() / 1000; //时间戳参数 String signedUrl = url; String accessToken = null;
String ticket = null; String signature = null; //签名 try {
//1.4 jsapi_ticket
accessToken=getAccessToken(Env.APP_ID, Env.APP_SECRET);
ticket=getJsapiTicket(accessToken); //2.进行签名,获取signature
signature=getSign(ticket,nonceStr,timeStamp,signedUrl); } catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
} logger.info("accessToken:"+accessToken);
logger.info("ticket:"+ticket);
logger.info("nonceStr:"+nonceStr);
logger.info("timeStamp:"+timeStamp);
logger.info("signedUrl:"+signedUrl);
logger.info("signature:"+signature);
logger.info("appId:"+Env.APP_ID); String configValue = "{signature:'" + signature + "',nonceStr:'" + nonceStr + "',timeStamp:'"
+ timeStamp + "',appId:'" + Env.APP_ID + "'}";
logger.info("configValue:"+configValue); return configValue;
} /**
* @desc : 4.1 生成签名的函数
*
* @param ticket jsticket
* @param nonceStr 随机串,自己定义
* @param timeStamp 生成签名用的时间戳
* @param url 需要进行免登鉴权的页面地址,也就是执行dd.config的页面地址
* @return
* @throws Exception String
*/ public static String getSign(String jsTicket, String nonceStr, Long timeStamp, String url) throws Exception {
String plainTex = "jsapi_ticket=" + jsTicket + "&noncestr=" + nonceStr + "×tamp=" + timeStamp + "&url=" + url;
System.out.println(plainTex);
try {
MessageDigest crypt = MessageDigest.getInstance("SHA-1");
crypt.reset();
crypt.update(plainTex.getBytes("UTF-8"));
return byteToHex(crypt.digest());
} catch (NoSuchAlgorithmException e) {
throw new Exception(e.getMessage());
} catch (UnsupportedEncodingException e) {
throw new Exception(e.getMessage());
}
} /**
* @desc :4.2 将bytes类型的数据转化为16进制类型
*
* @param hash
* @return
* String
*/
private static String byteToHex(byte[] hash) {
Formatter formatter = new Formatter();
for (byte b : hash) {
formatter.format("%02x", new Object[] { Byte.valueOf(b) });
}
String result = formatter.toString();
formatter.close();
return result;
}
2.1 签名生成规则
(1)参与签名的字段包括:
noncestr(随机字符串),
有效的jsapi_ticket,
timestamp(时间戳),
url(当前网页的URL,不包含#及其后面部分) 。
(2)对所有待签名参数按照字段名的ASCII 码从小到大排序(字典序)后,使用URL键值对的格式 (即 key1=value1&key2=value2…)拼接成字符串string1。这里需要注意的是所有参数名均为小写字符。对string1作sha1加密,字段名和字段值都采用原始值,不进行URL 转义。
(3)对string1进行sha1签名,得到signature:
2.2 签名算法应用实例
(1)待签名参数:
noncestr=Wm3WZYTPz0wzccnW
jsapi_ticket=sM4AOVdWfPE4DxkXGEs8VMCPGGVi4C3VM0P37wVUCFvkVAy_90u5h9nbSlYy3-Sl-HhTdfl2fzFy1AOcHKP7qg
timestamp=1414587457
url=http://mp.weixin.qq.com
(2)字典序
string1=jsapi_ticket=sM4AOVdWfPE4DxkXGEs8VMCPGGVi4C3VM0P37wVUCFvkVAy_90u5h9nbSlYy3-Sl-HhTdfl2fzFy1AOcHKP7qg&noncestr=Wm3WZYTPz0wzccnW×tamp=1414587457&url=http://mp.weixin.qq.com
(3)sha1加密
signature=sha1(string1)
3.JS-SDK使用步骤
(1)绑定域名
测试号:
(2)引入JS文件
在需要调用JS接口的页面引入如下JS文件,(支持https):http://res.wx.qq.com/open/js/jweixin-1.2.0.js
<script type="text/javascript" src="http://res.wx.qq.com/open/js/jweixin-1.2.0.js"></script>
(3)通过config接口注入权限验证配置
//1.jsapi签名校验
wx.config({
beta: true,// 必须这么写,否则在微信插件有些jsapi会有问题
debug: true, // 开启调试模式,调用的所有api的返回值会在客户端alert出来,若要查看传入的参数,可以在pc端打开,参数信息会通过log打出,仅在pc端时才会打印。
appId: _config.appId, // 必填,公众号的唯一标识
timestamp: _config.timeStamp, // 必填,生成签名的时间戳
nonceStr: _config.nonceStr, // 必填,生成签名的随机串
signature: _config.signature,// 必填,签名,见附录1
jsApiList: [ 'checkJsApi', 'onMenuShareAppMessage',
'onMenuShareWechat', 'startRecord', 'stopRecord',
'onVoiceRecordEnd', 'playVoice', 'pauseVoice', 'stopVoice',
'uploadVoice', 'downloadVoice', 'chooseImage',
'previewImage', 'uploadImage', 'downloadImage',
'getNetworkType', 'openLocation', 'getLocation',
'hideOptionMenu', 'showOptionMenu', 'hideMenuItems',
'showMenuItems', 'hideAllNonBaseMenuItem',
'showAllNonBaseMenuItem', 'closeWindow', 'scanQRCode',
'previewFile', 'openEnterpriseChat',
'selectEnterpriseContact','chooseInvoice' ]// 必填,需要使用的JS接口列表,所有JS接口列表见附录2
});
(4)通过ready接口处理成功验证
(5) 通过error接口处理失败验证
//2.jsapi签名校验失败后执行error
wx.error(function(err){
alert('wx error: ' + JSON.stringify(err));
// config信息验证失败会执行error函数,如签名过期导致验证失败,具体错误信息可以打开config的debug模式查看,也可以在返回的res参数中查看,对于SPA可以在这里更新签名。
});
4.图片上传
4.1 图片上传的流程
(1)使用 jssdk 上传图片到微信服务器,返回图片对应的mediaId( 即 serverId)
//2.2 上传图片
var images = {
localId : [],
serverId : []
};
$("#uploadImg").click(function(){
//2.2.1拍照或从手机相册中选图
wx.chooseImage({
success : function(res) {
images.localId = res.localIds;
alert('已选择 ' + res.localIds.length + ' 张图片');
//2.2.2 上传图片
uploadImg();
}
});
}); // 2.2.2 上传图片
function uploadImg() {
if (images.localId.length == 0) {
alert('请先使用 chooseImage 接口选择图片');
return;
}
var i = 0, length = images.localId.length;
images.serverId = []; function upload() {
wx.uploadImage({
localId : images.localId[i],
success : function(res) {
i++;
alert('已上传:' + i + '/' + length);
images.serverId.push(res.serverId);
//将serverId上传至服务器
alert("ajax请求即将执行--"); $.ajax({
type : "POST",
url : "http://se9mxs.natappfree.cc/weixin_gz/uploadimg",
data : {
serverId : res.serverId
},
dataType : "text",
success : function(data) {
alert(data);
} }); if (i < length) {
upload();
}
},
fail : function(res) {
alert(JSON.stringify(res));
}
});
}
upload();
};
(2)使用素材管理接口,根据 mediaId 从微信服务器将图片下载至服务器本地。参见:Java微信公众平台开发_06_素材管理
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String mediaId=request.getParameter("serverId");
System.out.println("serverId:"+mediaId);
try {
String accessToken=AuthHelper.getAccessToken(Env.APP_ID, Env.APP_SECRET);
//String savePath=System.getProperty("user.dir").replaceAll("\\\\", "/")+"/WebContent/img/"+mediaId+".png";
String fileDir=request.getSession().getServletContext().getRealPath("").replaceAll("\\\\", "/")+"/img/";
System.out.println("fileDir:"+fileDir);
//2.调用业务类,获取临时素材
TempMaterialService.getTempMaterial(accessToken, mediaId, fileDir);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
PrintWriter out = response.getWriter();
out.print("HHHHHHHHHH");
out.close();
out = null;
}
二、代码实现
1.前端页面—uploadImg.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JSSDK之上传图片</title>
<script src="js/jquery-3.2.1.min.js"></script>
<script type="text/javascript"
src="http://res.wx.qq.com/open/js/jweixin-1.2.0.js"></script> <script type="text/javascript">
var _config =
<%=com.ray.weixin.gz.util.AuthHelper.getJsapiConfig(request)%>
;
</script> <script type="text/javascript" src="js/auth.js"></script> </head>
<body> <div align="center">
<img id="userImg" alt="头像" src="">
</div> <div align="center">
<span>UserName:</span>
<div id="userName" style="display: inline-block"></div>
</div> <div align="center">
<span>UserId:</span>
<div id="userId" style="display: inline-block"></div>
</div> <div align="center">
<span class="desc">是否验证成功</span>
<button class="btn btn_primary" id="yanzheng">验证</button>
</div> <div align="center">
<span class="desc">测试按钮</span>
<button class="btn btn_primary" id="ceshi">测试</button>
</div> <div align="center">
<span class="desc">上传图片按钮</span>
<button class="btn btn_primary" id="uploadImg">上传图片</button>
</div> <div align="center">
<span class="desc">拍照上传图片按钮</span>
<button class="btn btn_primary" id="uploadImgFromCamera">拍照上传</button>
</div> <div align="center">
<span class="desc">扫码按钮</span>
<button class="btn btn_primary" id="qrcode" >扫码</button>
</div>
</body>
</html>
auth.js
//1.jsapi签名校验
wx.config({
beta: true,// 必须这么写,否则在微信插件有些jsapi会有问题
debug: true, // 开启调试模式,调用的所有api的返回值会在客户端alert出来,若要查看传入的参数,可以在pc端打开,参数信息会通过log打出,仅在pc端时才会打印。
appId: _config.appId, // 必填,公众号的唯一标识
timestamp: _config.timeStamp, // 必填,生成签名的时间戳
nonceStr: _config.nonceStr, // 必填,生成签名的随机串
signature: _config.signature,// 必填,签名,见附录1
jsApiList: [ 'checkJsApi', 'onMenuShareAppMessage',
'onMenuShareWechat', 'startRecord', 'stopRecord',
'onVoiceRecordEnd', 'playVoice', 'pauseVoice', 'stopVoice',
'uploadVoice', 'downloadVoice', 'chooseImage',
'previewImage', 'uploadImage', 'downloadImage',
'getNetworkType', 'openLocation', 'getLocation',
'hideOptionMenu', 'showOptionMenu', 'hideMenuItems',
'showMenuItems', 'hideAllNonBaseMenuItem',
'showAllNonBaseMenuItem', 'closeWindow', 'scanQRCode',
'previewFile', 'openEnterpriseChat',
'selectEnterpriseContact','chooseInvoice' ]// 必填,需要使用的JS接口列表,所有JS接口列表见附录2
}); //2.jsapi签名校验成功后执行ready
wx.ready(function(){
// config信息验证后会执行ready方法,所有接口调用都必须在config接口获得结果之后,config是一个客户端的异步操作,所以如果需要在页面加载时就调用相关接口,则须把相关接口放在ready函数中调用来确保正确执行。对于用户触发时才调用的接口,则可以直接调用,不需要放在ready函数中。 //2.1 提示jsapi签名验证成功
$("#yanzheng").html("验证成功"); $("#ceshi").click(function(){
alert("ceshiaaa"); }); $("#checkJsApi").click(function(){
wx.checkJsApi({
jsApiList: [ 'checkJsApi', 'onMenuShareAppMessage',
'onMenuShareWechat', 'startRecord', 'stopRecord',
'onVoiceRecordEnd', 'playVoice', 'pauseVoice', 'stopVoice',
'uploadVoice', 'downloadVoice', 'chooseImage',
'previewImage', 'uploadImage', 'downloadImage',
'getNetworkType', 'openLocation', 'getLocation',
'hideOptionMenu', 'showOptionMenu', 'hideMenuItems',
'showMenuItems', 'hideAllNonBaseMenuItem',
'showAllNonBaseMenuItem', 'closeWindow', 'scanQRCode',
'previewFile', 'openEnterpriseChat',
'selectEnterpriseContact','chooseInvoice' ], // 需要检测的JS接口列表,所有JS接口列表见附录2,
success: function(res) {
// 以键值对的形式返回,可用的api值true,不可用为false
// 如:{"checkResult":{"chooseImage":true},"errMsg":"checkJsApi:ok"}
}
}); }); //2.2 上传图片
var images = {
localId : [],
serverId : []
};
$("#uploadImg").click(function(){
//2.2.1拍照或从手机相册中选图
wx.chooseImage({
success : function(res) {
images.localId = res.localIds;
alert('已选择 ' + res.localIds.length + ' 张图片');
//2.2.2 上传图片
uploadImg();
}
});
}); // 2.2.2 上传图片
function uploadImg() {
if (images.localId.length == 0) {
alert('请先使用 chooseImage 接口选择图片');
return;
}
var i = 0, length = images.localId.length;
images.serverId = []; function upload() {
wx.uploadImage({
localId : images.localId[i],
success : function(res) {
i++;
alert('已上传:' + i + '/' + length);
images.serverId.push(res.serverId);
//将serverId上传至服务器
alert("ajax请求即将执行--"); $.ajax({
type : "POST",
url : "http://se9mxs.natappfree.cc/weixin_gz/uploadimg",
data : {
serverId : res.serverId
},
dataType : "text",
success : function(data) {
alert(data);
} }); if (i < length) {
upload();
}
},
fail : function(res) {
alert(JSON.stringify(res));
}
});
}
upload();
}; //2.3 扫一扫
$("#qrcode").click(function(){
wx.scanQRCode({
needResult: 1, // 默认为0,扫描结果由微信处理,1则直接返回扫描结果,
scanType: ["qrCode","barCode"], // 可以指定扫二维码还是一维码,默认二者都有
success: function (res) {
var result = res.resultStr; // 当needResult 为 1 时,扫码返回的结果
alert(result); },
fail:function (res) {
var result = res.resultStr; // 当needResult 为 1 时,扫码返回的结果
alert(result); }
}); }); //2.4 拉起发票列表
//注意,调用此接口时,config接口必须传入beta参数。
$("#showInvoice").click(function(){
alert("timestamp:"+invoice_config.timestamp);
alert("nonceStr:"+invoice_config.nonceStr);
alert("signType:"+invoice_config.signType);
alert("cardSign:"+invoice_config.cardSign); wx.invoke('chooseInvoice', {
'timestamp': invoice_config.timestamp, // 卡券签名时间戳
'nonceStr' : invoice_config.nonceStr, // 卡券签名随机串
'signType' : invoice_config.signType, // 签名方式,默认'SHA1'
'cardSign' : invoice_config.cardSign, // 卡券签名
}, function(res) {
// 这里是回调函数
alert("aaaaaa");
alert(JSON.stringify(res)); // 返回的结果
}); }); }); //2.jsapi签名校验失败后执行error
wx.error(function(err){
alert('wx error: ' + JSON.stringify(err));
// config信息验证失败会执行error函数,如签名过期导致验证失败,具体错误信息可以打开config的debug模式查看,也可以在返回的res参数中查看,对于SPA可以在这里更新签名。
});
2.web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<display-name>weixin_gz</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list> <!--微信公众号回调-->
<servlet>
<servlet-name>weixin</servlet-name>
<servlet-class>com.ray.weixin.gz.controller.WeiXinServlet</servlet-class>
</servlet> <servlet-mapping>
<servlet-name>weixin</servlet-name>
<url-pattern>/weixin</url-pattern>
</servlet-mapping>
<!-- 微信公众号回调--> <servlet>
<description></description>
<display-name>uploadimg</display-name>
<servlet-name>uploadimg</servlet-name>
<servlet-class>com.ray.weixin.gz.controller.UploadImgServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>uploadimg</servlet-name>
<url-pattern>/uploadimg</url-pattern>
</servlet-mapping> </web-app>
3.上传图片servlet—UploadImgServlet
package com.ray.weixin.gz.controller; import java.io.IOException;
import java.io.PrintWriter; import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.ray.weixin.gz.config.Env;
import com.ray.weixin.gz.service.tempmaterial.TempMaterialService;
import com.ray.weixin.gz.util.AuthHelper; /**
* Servlet implementation class UploadImgServlet
*/
public class UploadImgServlet extends HttpServlet {
private static final long serialVersionUID = 1L; /**
* @see HttpServlet#HttpServlet()
*/
public UploadImgServlet() {
super();
// TODO Auto-generated constructor stub
} /**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
response.getWriter().append("Served at: ").append(request.getContextPath());
} /**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String mediaId=request.getParameter("serverId");
System.out.println("serverId:"+mediaId); try {
String accessToken=AuthHelper.getAccessToken(Env.APP_ID, Env.APP_SECRET); //String savePath=System.getProperty("user.dir").replaceAll("\\\\", "/")+"/WebContent/img/"+mediaId+".png";
String fileDir=request.getSession().getServletContext().getRealPath("").replaceAll("\\\\", "/")+"/img/";
System.out.println("fileDir:"+fileDir); //2.调用业务类,获取临时素材
TempMaterialService.getTempMaterial(accessToken, mediaId, fileDir); } catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
} PrintWriter out = response.getWriter();
out.print("HHHHHHHHHH");
out.close();
out = null; } }
4.素材管理业务类—TempMaterialService.java
package com.ray.weixin.gz.controller; import java.io.IOException;
import java.io.PrintWriter; import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.ray.weixin.gz.config.Env;
import com.ray.weixin.gz.service.tempmaterial.TempMaterialService;
import com.ray.weixin.gz.util.AuthHelper; /**
* Servlet implementation class UploadImgServlet
*/
public class UploadImgServlet extends HttpServlet {
private static final long serialVersionUID = 1L; /**
* @see HttpServlet#HttpServlet()
*/
public UploadImgServlet() {
super();
// TODO Auto-generated constructor stub
} /**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
response.getWriter().append("Served at: ").append(request.getContextPath());
} /**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String mediaId=request.getParameter("serverId");
System.out.println("serverId:"+mediaId); try {
String accessToken=AuthHelper.getAccessToken(Env.APP_ID, Env.APP_SECRET); //String savePath=System.getProperty("user.dir").replaceAll("\\\\", "/")+"/WebContent/img/"+mediaId+".png";
String fileDir=request.getSession().getServletContext().getRealPath("").replaceAll("\\\\", "/")+"/img/";
System.out.println("fileDir:"+fileDir); //2.调用业务类,获取临时素材
TempMaterialService.getTempMaterial(accessToken, mediaId, fileDir); } catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
} PrintWriter out = response.getWriter();
out.print("HHHHHHHHHH");
out.close();
out = null; } }
其他的同上一节