企业微信中第三⽅应⽤:⽤户授权登录
只做授权登录的话,直接看⾝份验证模块扫码授权登录就可以了1。构建授权url
@ApiOperation(\"构造⽹页授权链接\")
@ApiImplicitParams({@ApiImplicitParam(name = \"state\⽤于企业或服务商⾃⾏校验session\ @ApiImplicitParam(name = \"redirectUri\授权登录之后⽬的跳转⽹址\@GetMapping(\"/auth/qywxUrl\")
public Result makeUrl(@RequestParam(value = \"state\") String state,@RequestParam(value = \"redirectUri\ String qywxAuthUrl = thirdAuth.getQywxAuthUrl(corpID, redirectUri, state); return Result.success(qywxAuthUrl);}
public String getQywxAuthUrl(String appid,String redirectUri, String state){ String qywxAuthUrl = \"\"; try {
// redirect_uri需要经过⼀次urlencode作为参数
String redirectUri_encode = java.net.URLEncoder.encode(redirectUri, \"UTF-8\");
qywxAuthUrl = \"https://open.work.weixin.qq.com/wwopen/sso/3rd_qrConnect?appid=\"+appid+\"&redirect_uri=\"+redirectUri_encode+\"&state=\"+state+\"&usertype=member\"; } catch (UnsupportedEncodingException e) { e.printStackTrace(); }
return qywxAuthUrl;}
必须在指定域名下请求这个url ,然后拿到auth_code2。获取登录⽤户信息先获取服务商凭证
/**
* 获取服务商凭证 */
public String getProviderToken(String corpid,String providerSecret) { String providerToken = null;
if (StringUtils.isNotEmpty(corpid) && StringUtils.isNotEmpty(providerSecret)) { String url = \"https://qyapi.weixin.qq.com/cgi-bin/service/get_provider_token\"; JSONObject parma = new JSONObject(); parma.put(\"corpid\
parma.put(\"provider_secret\
String str = restTemplate.postForObject(url, parma.toString(), String.class); JSONObject response = JSONObject.parseObject(str); if (response.containsKey(\"provider_access_token\")) {
providerToken = response.getString(\"provider_access_token\"); } }
return providerToken;}
//获取登录⽤户信息
public String getUserInfo(String accessToken,String authCode) { String userInfo = null;
if (StringUtils.isNotEmpty(accessToken) && StringUtils.isNotEmpty(authCode)) {
String url = \"https://qyapi.weixin.qq.com/cgi-bin/service/get_login_info?access_token=\" + accessToken; JSONObject parma = new JSONObject(); parma.put(\"auth_code\
String str = restTemplate.postForObject(url, parma.toString(), String.class); JSONObject response = JSONObject.parseObject(str); if (response.containsKey(\"user_info\")) {
userInfo = response.getString(\"user_info\"); } }
return userInfo; }
先扫码绑定⽤户信息 再登录校验⽤户信息
