image.png

image.png

创建第三方平台，最重要的就是需要填写上面的信息

注意项：
授权测试公众号列表: 一定要将自己测试用的小程序账号的 原始ID添加进去，不然没授权
授权事件接收URL： 第三方平台创建成功后，微信每10分钟会向这个url，推送一个ticket，用于后续授权操作很有必要。
注意，这里并没有参数签名接口认证的操作，直接解密包含ticket的信息即可，与微信服务号和企业号开发有一定区别，参数也有所不同

获取ticket 代码如下：
controller

/**
 * 授权回调
 *
 * @param response 返回值
 * @param paramsMap 授权参数
 * @param wx3rdAuthorizedDto 加密内容
 */
@RequestMapping(value = "/pmall/authorizedCallback")
public void authorizedCallback(HttpServletResponse response, @RequestParam Map<String, String> paramsMap, @RequestBody Wx3rdAuthorizedDto wx3rdAuthorizedDto) throws BusinessException, AesException, IOException {
    // 获得微信推送的参数
    String result = appletsService.authorizedCallback(WxAccountName.WX_3RD, paramsMap, wx3rdAuthorizedDto);
    response.getWriter().write(result);
}

service

@Override
 public String authorizedCallback(WxAccountName wxAccountName,         Map<String, String> paramsMap, Wx3rdAuthorizedDto wx3rdAuthorizedDto) throws AesException, BusinessException {
    String nonce = paramsMap.get("nonce");
    String timestamp = paramsMap.get("timestamp");
    String signature = paramsMap.get("signature");
    String msgSignature = paramsMap.get("msg_signature");
    if (!StringUtils.isNotBlank(msgSignature)) {
        LOGGER.info("applets msgSignature is null");
        return "failed";// 微信推送给第三方开放平台的消息一定是加过密的，无消息加密无法解密消息
    }
    WxAccountDto accountDto = wxAccountService.getAccountByName(wxAccountName);
  boolean isValid = signString(accountDto.getMsgPublicKey(), timestamp, nonce).equals(signature);
    if (!isValid) {
        LOGGER.info("applets signature is error");
        return "failed";
    }

    WXBizMsgCrypt wxBizMsgCrypt = new WXBizMsgCrypt(accountDto.getMsgPublicKey(), accountDto.getMsgPrivateKey(), accountDto.getAppId());
    String encryptXml = wxBizMsgCrypt.Decrypt3rdEncrypt(msgSignature, timestamp, nonce, wx3rdAuthorizedDto.getEncrypt());
    Wx3rdMsgDto wx3rdMsgDto = formXML(Wx3rdMsgDto.class, encryptXml);
    if ("component_verify_ticket".equals(wx3rdMsgDto.getInfoType())) {
        wxAccountService.updateAccountTicket(WxAccountName.WX_3RD, wx3rdMsgDto.getComponentVerifyTicket());
    }
    LOGGER.info("applets authorized success ");
    return "success";
}


/**
 * 签名认证
 *
 * @param needSignArray 需要签名的数组
 * @return 签名结果
 */
private String signString(String... needSignArray) {
    List<String> needSignList = CollectionUtilPlus.asList(needSignArray);
    try {
        Collections.sort(needSignList);
    } catch (Exception e) {
        LOGGER.error("signString error: in[{}] out[{}]", needSignArray, needSignList);
        throw e;
    }

    String needSign = CollectionUtilPlus.join(needSignList, StringUtilPlus.EMPTY);
    return DigestUtils.sha1Hex(needSign);
}


/**
 * xml转化对象
 *
 * @param clazz 类
 * @param xml   xml文件
 * @param <T>   泛型
 * @return 对象
 */
private static <T> T formXML(Class<T> clazz, String xml) {
    JAXBContext jaxbContext = null;
    T object = null;
    if (xml != null && !"".equals(xml)) {
        try {
            jaxbContext = JAXBContext.newInstance(clazz);
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(xml.getBytes("UTF-8"));
            Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
            JAXBElement<T> jaxbElement = unmarshaller.unmarshal(new StreamSource(byteArrayInputStream), clazz);
            object = (T) jaxbElement.getValue();
        } catch (Exception e) {
            LOGGER.error("error when unmarshalling from a xml string");
        }
    }
    return object;
}

其中用到的WXBizMsgCrypt 自行去微信下载即可。wxAccountService相关的都是业务操作，自行填写相关业务即可。

通过此方法，至此我们就能获取到了ticket