problem overview
Regarding this problem, the blogger encountered it when he obtained the CODE of the WeChat official account for the next step of verification and obtained the openid and access_token during the development of the WeChat official account.
Callback address:
After the development is completed, make a WeChat callback and request the Oauth2 authorization redirection domain name of the WeChat official account to report an error: " redirect_uri parameter error "
As shown below:
Solution
1. This is a bit misleading. It took half a day to deal with parameter errors. After checking the official documents carefully, I found out that the domain name used needs to be authorized in the background of the official account to use it.
2. The official document is a misleading operation that needs to be transcoded. In fact, it does not need to be transcoded. The redirect_uri is directly authorized in the background of the WeChat official account, and then it can be used!
3. WeChat authorizes the domain name accessed by callback
first step:
Log in to "WeChat Official Account Platform" > Settings and Development > Official Account Settings > Function Settings > Web Page Authorization Domain Name > Settings, domain name, as shown in the figure below:
Note: When setting the domain name, a file similar to a certificate for the WeChat topic will be downloaded.
Step two:
The callback page needs to be under this domain name to ensure safety and reliability. Upload the certificate file obtained in the previous step to the directory of the web server (or virtual host) where the domain name or path points to (if you fill in the domain name, place the file at the root of the domain name Just under the directory!
third step:
Execute the WeChat callback request again and find that it works! ! !
Knowledge Supplement:
1. Instructions on webpage authorization callback domain name:
1. Before the WeChat official account requests user webpage authorization, the developer needs to go to "Development - Interface Permission - Webpage Service - Webpage Account - Webpage Authorization to obtain basic user information on the official website of the official platform. In the configuration option of ", modify the authorization callback domain name. Please note that the domain name (a character string) is filled in here, not the URL, so please do not add protocol headers such as http://.
2. The configuration specification of the authorization callback domain name is a full domain name. For example, the domain name that requires webpage authorization is: www.qq.com. After configuration, the pages under this domain name will be http://www.qq.com/music.html, http:// www.qq.com/login.html can perform OAuth2.0 authentication. But http://pay.qq.com, http://music.qq.com, http://qq.com cannot perform OAuth2.0 authentication.
3. If the official account login is authorized to a third-party developer for management, there is no need to make any settings, and the third party can replace the official account to realize the web page authorization.
2. The difference between the two scopes of webpage authorization:
1. The webpage authorization initiated by snsapi_base as the scope is used to obtain the openid of the user entering the page, and it is silently authorized and automatically jumps to the callback page. What the user perceives is to directly enter the callback page (often a business page).
2. The web page authorization initiated with snsapi_userinfo as the scope is used to obtain the basic information of the user. However, this kind of authorization requires the user's manual consent, and since the user has agreed, the basic information of the user can be obtained after authorization without paying attention.
3. The "obtain user basic information interface" in the user management interface is to obtain the user's basic information according to the user's OpenID after the user and the official account have message interaction or follow-up event push. This interface, including other WeChat interfaces, requires the user (that is, openid) to follow the official account before calling it successfully.
3. About the difference between web page authorization access_token and ordinary access_token
1. WeChat web page authorization is realized through the OAuth2.0 mechanism. After the user authorizes the official account, the official account can obtain a unique interface call certificate for web page authorization (web page authorization access_token ), through the web page to authorize access_token, you can call the post-authorization interface, such as obtaining basic user information.
2. For other WeChat interfaces, you need to call the ordinary access_token obtained through the "obtain access_token" interface in the basic support.
Well, about the solution to the error of the redirect_uri parameter in the development of the WeChat public account, the solution to the error of the domain name parameter in the Oauth2 authorized redirection is written here. If you have any questions or encounter any problems, please scan the QR code to ask questions, and you can also leave me a message Oh, I will answer them in detail one by one.
Xiehouyu: "Learning together, making progress together", I also hope that everyone will pay more attention to the IT community of CSND.
| author: | Andy |
| Contact the author: | [email protected] |
| Source: | CSDN (Chinese Software Developer Network) |
| Original text: | https://blog.csdn.net/Hello_World_QWP/article/details/126400134 |
| Copyright Notice: | This article is the blogger's original article, please be sure to indicate the source of the blog post when reprinting! |