第一步:获取微信推送component_verify_ticket
try { WXBizMsgCrypt wxBizMsgCrypt = new WXBizMsgCrypt(MyApp.token, MyApp.encodingAesKey, MyApp.OpenAppId); String postData = GetPostData(request); String msgSignature = request.getParameter("msg_signature"); String timeStamp = request.getParameter("timestamp"); String nonce = request.getParameter("nonce"); String ret = wxBizMsgCrypt.decryptMsg(msgSignature, timeStamp, nonce, postData); // 得到component_verify_ticket DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); DocumentBuilder db = dbf.newDocumentBuilder(); StringReader sr = new StringReader(ret); InputSource is = new InputSource(sr); Document document = db.parse(is); Element root = document.getDocumentElement(); NodeList nodelist1 = root .getElementsByTagName("ComponentVerifyTicket"); if (nodelist1.item(0) != null) { // 因为全网发布的时候,传过来的xml不含有ComponentVerifyTicket字段,直接使用会造成空指针 MyApp.component_verify_ticket = nodelist1.item(0) .getTextContent(); // 有效时间10分钟 } setPreState("component_verify_ticket", MyApp.component_verify_ticket); // 保存到文件中 } catch (Exception e) { e.printStackTrace(); } response.setContentType("text/plain; charset=utf-8"); response.setHeader("Pragma", "no-cache"); response.addHeader("Cache-Control", "must-revalidate"); response.addHeader("Cache-Control", "no-cache"); response.addHeader("Cache-Control", "no-store"); response.setDateHeader("Expires", 0); response.setCharacterEncoding("utf-8"); PrintWriter out = response.getWriter(); out.print("success"); out.flush(); out.close(); 第二步: 获取第三方平台component_access_tokenString component_aceess_token_url = getComponentAccessTokenUrl; JSONObject jsonObject = new JSONObject(); jsonObject.put("component_appid", MyApp.OpenAppId); jsonObject.put("component_appsecret", MyApp.OpenAppSecret); jsonObject.put("component_verify_ticket", MyApp.component_verify_ticket); String jsonStr = jsonObject.toString(); System.out.println("提交给微信获取component_access_token的JSON:" + jsonStr); MyResponse myResponse = HttpUtil.request( component_aceess_token_url, false, jsonStr .getBytes("UTF-8"), true); 第三步:获取预授权码pre_auth_code
String pre_auth_code_url = getpreauthcodeUrl; pre_auth_code_url = pre_auth_code_url.replace("ACCESSTOKEN", componentAccessToken); JSONObject jsonObject = new JSONObject(); jsonObject.put("component_appid", MyApp.OpenAppId); String jsonStr = jsonObject.toString(); MyResponse myResponse = HttpUtil.request(pre_auth_code_url, false, jsonStr.getBytes("UTF-8"), true); String PreAuthCodeStr = myResponse.getString(); JSONObject PreAuthCodeJson = JSONObject.fromObject(PreAuthCodeStr); value = PreAuthCodeJson.getString("pre_auth_code"); System.out.println("预授权码::" + value); 第四 步:使用授权码换取公众号的接口调用凭据和授权信息 和
//授权后回调URI,得到授权码(authorization_code)和过期时间 //获取(刷新)授权公众号的接口调用凭据(令牌) String schoolId = request.getParameter("schoolId"); String auth_code = request.getParameter("auth_code"); //授权码 有效期10分钟 String authorization_info_url = getauthorization_info; authorization_info_url = authorization_info_url.replace("ACCESSTOKEN", GetPreAuthCode.getComponentAccessToken()); JSONObject jsonObject = new JSONObject(); jsonObject.put("component_appid", OpenAppId); jsonObject.put("authorization_code",auth_code); String jsonStr = jsonObject.toString(); MyResponse myResponse = HttpUtil.request(authorization_info_url, false , jsonStr.getBytes("UTF-8"), true); String authorization_info = myResponse.getString(); JSONObject object = JSONObject.parseObject(authorization_info); System.out.println("授权信息:"+object); object = object.getJSONObject("authorization_info"); String authorizer_appid = object.getString("authorizer_appid");//授权方appid String authorizer_refresh_token = object.getString("authorizer_refresh_token");//接口调用凭据刷新令牌 //获取授权方的公众号帐号基本信息 System.out.println("获取公众号基本信息。。。。。。"); String getauthorization_info_url = get_authorizer_info; authorization_info_url = getauthorization_info_url.replace("ACCESSTOKEN", GetPreAuthCode.getComponentAccessToken()); JSONObject jsonObject2 = new JSONObject(); jsonObject2.put("component_appid", OpenAppId); jsonObject2.put("authorizer_appid",authorizer_appid); String jsonStr2 = jsonObject2.toString(); MyResponse myResponse2 = HttpUtil.request(authorization_info_url, false , jsonStr2.getBytes("UTF-8"), true); String authorizer_info = myResponse2.getString(); JSONObject object2 = JSONObject.parseObject(authorizer_info); System.out.println("公众号基本信息:"+object2) 其让接口尚未使用,所以这里不作说明。 全网发布: if (("gh_3c884a361561").equals(toUserName)) { if(nodelist6.item(0)!= null){ content = nodelist6.item(0).getTextContent(); } if(("event").equals(msgType)){ //事件消息 System.out.println("进去了吗。。。。。。。。"); textMessage.setContent("LOCATION" + "from_callback"); String respMessage = MessageUtil .textMessageToXml(textMessage); String result = wxBizMsgCrypt.encryptMsg(respMessage, timeStamp, nonce); respXml = result; }else if(("text").equals(msgType)){ //普通文本消息 if (content.contains("TESTCOMPONENT_MSG_TYPE_TEXT")) { content = "TESTCOMPONENT_MSG_TYPE_TEXT_callback"; textMessage.setContent(content); String respMessage = MessageUtil .textMessageToXml(textMessage); String result = wxBizMsgCrypt.encryptMsg(respMessage, timeStamp, nonce); respXml = result; }else if(content.contains("QUERY_AUTH_CODE")){ //返回api文本消息 response.getWriter().print(""); content = content.substring(content.indexOf(":") + 1); System.out.println(content); String authorization_info_url = "https://api.weixin.qq.com/cgi-bin/component/api_query_auth?component_access_token=ACCESSTOKEN"; authorization_info_url = authorization_info_url .replace("ACCESSTOKEN", GetPreAuthCode .getComponentAccessToken()); JSONObject jsonObject = new JSONObject(); jsonObject.put("component_appid", MyApp.OpenAppId); jsonObject.put("authorization_code", content); String jsonStr = jsonObject.toString(); MyResponse myResponse = HttpUtil.request( authorization_info_url, false, jsonStr .getBytes("UTF-8"), true); String authorization_info = myResponse.getString(); JSONObject object = JSONObject .parseObject(authorization_info); System.out.println("授权信息:" + object); object = object.getJSONObject("authorization_info"); String accssToken = object .getString("authorizer_access_token"); System.out.println("accsstoken:" + accssToken); String url22 = "https://api.weixin.qq.com/cgi-bin/message/custom/send?access_token=ACCESS_TOKEN"; String dataMessage = ""; dataMessage += "{"; dataMessage += "\"touser\":\"" + fromUserName + "\","; dataMessage += "\"msgtype\":\"text\","; dataMessage += "\"text\":"; dataMessage += "{"; dataMessage += "\"content\":\"" + content + "_from_api" + "\""; dataMessage += "}"; dataMessage += "}"; url22 = url22.replace("ACCESS_TOKEN", accssToken); MyResponse mString = HttpUtil.request(url22, false, dataMessage.getBytes("UTF-8"), true); } } } 就个人经历,总结易导致不通过点: 1.处理返回普通文本和事件消息记得加密; 2.处理返回api文本注意回复一个空字符串以及注意调用客服接口时的数据格式,曾经吃过亏,报过 invalid openid. 3.可能是我太过不幸运,测试了上百次都是没有得到过事件消息的推送,测试各种方法,最后没办法,怀疑权限集那里,勾上了一些就好了。 最后吐槽一些,微信文档写的真的不咋的,坑太多。
