微信上传下载图片功能若想使用JS-SDK接口,首先需要通过wx.config接口进行权限验证,其中参数appId、timestamp、nonceStr、signature、jsApiList需要进行赋值。
wx.config({
debug: false,
appId: 'wxe49d******43c1cd',
timestamp: timestamp,
nonceStr: nonceStr,
signature: signature,
jsApiList: ["chooseImage","previewImage","uploadImage","downloadImage"]
});
一、获取access_token access_token是公众号的全局唯一票据,公众号调用各接口时都需使用access_token。可以通过AppID和SECRET调用本接口来获取access_token。AppID和SECRET可在微信公众平台开发者中心页中获得。
def getAccessToken()
{
def APPID = ""
def SECRET = ""
URL url = new URL("https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=APPID&secret=SECRET")
def params = "APPID=" + URLEncoder.encode(APPID, 'UTF-8') + "&SECRET=" + URLEncoder.encode(SECRET, 'UTF-8')
HttpURLConnection connection = (HttpURLConnection) url.openConnection()
connection.setDoOutput(true)
connection.setRequestMethod("POST")
connection.outputStream.withWriter { Writer writer -> writer.write params }
def response = connection.inputStream.withReader { Reader reader -> reader.text }
def accessToken = JSON.parse(response).getAt("access_token")
return accessToken
}
注:access_token的有效期7200秒,所以必须在自己的服务全局缓存access_token值
二、获取jsapi_ticket
jsapi_ticket是公众号用于调用微信JS接口的临时票据,通过access_token来获取。
def getTicket(String accessToken)
{
URL url = new URL("https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=ACCESS_TOKEN&type=jsapi")
def params = "ACCESS_TOKEN=" + URLEncoder.encode(accessToken, 'UTF-8')
HttpURLConnection connection = (HttpURLConnection) url.openConnection()
connection.setDoOutput(true)
connection.setRequestMethod("POST")
connection.outputStream.withWriter { Writer writer -> writer.write params }
def response = connection.inputStream.withReader { Reader reader -> reader.text }
def ticket = JSON.parse(response).getAt("ticket")
return ticket
}
注:jsapi_ticket的有效期为7200秒,由于获取jsapi_ticket的api调用次数非常有限,频繁刷新jsapi_ticket会导致api调用受限,所以必须在自己的服务全局缓存jsapi_ticket值
三、生成 signature 签名 签名生成规则:参与签名的字段包括noncestr(随机字符串), 有效的jsapi_ticket, timestamp(时间戳), url(当前网页的URL,不包含#及其后面部分)。对所有待签名参数按照字段名的ASCII 码从小到大排序后,使用URL键值对的格式(即key1=value1&key2=value2…)拼接成字符串string1。这里需要注意的是所有参数名均为小写字符。对string1作sha1加密,字段名和字段值都采用原始值,不进行URL 转义。def wxGetConfigParams()
{
def access_token = getAccessToken()
def jsapi_ticket = getTicket(access_token)
def nonceStr = UUID.randomUUID().toString()
def time = (System.currentTimeMillis() / 1000).toString()
def timestamp = time.substring(0, time.lastIndexOf("."))
def url = request.getRequestURL()
def signature = getSignature(jsapi_ticket, nonceStr, timestamp, url.toString())
// TODO
// 将access_token、jsapi_ticket缓存到全局变量中
// 将signature、nonceStr、timestamp带回到页面
}
def getSignature(String jsapi_ticket, String nonce_str, String timestamp, String url)
{
def string1 = "jsapi_ticket=" + jsapi_ticket + "&noncestr=" + nonce_str + "×tamp=" + timestamp + "&url=" + url
MessageDigest crypt = MessageDigest.getInstance("SHA-1")
crypt.reset()
crypt.update(string1.getBytes("UTF-8"))
byteToHex(crypt.digest())
}
def byteToHex(final byte[] hash)
{
Formatter formatter = new Formatter()
for (byte b :hash)
{
formatter.format("%02x", b)
}
formatter.toString()
}
注:
(1)签名用的noncestr和timestamp必须与wx.config中的nonceStr和timestamp相同
(2)签名用的url必须是调用JS接口页面的完整URL
(3)处于安全考虑,开发者必须在服务器实现签名的逻辑
微信JS接口签名校验工具:http://mp.weixin.qq.com/debug/cgi-bin/sandbox?t=jsapisign