WeChat platform

First, WeChat has three platforms: WeChat public platform, providing services such as public, small programs, primarily to editors), WeChat open platform (web, mobile, and small program management platform and WeChat development of the third party documents, mainly for developers), WeChat merchant platform (in become WeChat merchants, answer the letter detail payment services). In addition, there is a wechat service platform for service providers.

The official documentation has the following description:

Wechat Open Platform — Third-party platform (hereinafter referred to as third-party platform), the official platform provided by wechat team for all third-party developers who have passed the developer qualification certification. That is to say, the first step is to have a developer qualification certification, certification application is best as a company, need to pay 300 yuan fee

After or small program administrator to get the public authorises, based on the platform, the third party service providers can interface by calling the official ability, for merchants to provide the public number operation, small procedure such as registration, generation and development services, and to provide the public and small program related industry solutions, activities such as marketing, plug-in ability of all-round service. That is to say, the second step needs to have an account in the wechat public platform, and opened a small program or public number and other services, the so-called to cook rice first tao rice, in the opening service must be ready to be opened before the service.

Here are some basic concepts:

  • A few ID

An AppID is the id number of a service application. Each AppID of a service application (small program, public account, mobile terminal, WEB terminal) is unique. Similarly, OpenID is the id number of the user in each service application. In other words, the OpenID of a wechat user in different service applications is also unique. Therefore, OpenID is not a global variable, which means that the user does not register with wechat and become a legitimate user of wechat Company. An ID is generated for all wechat service applications at the same time. Only after users authorize their identity information in each service application, an OpenID linked to the service platform will be generated. In order to facilitate the unified management of many service applications under a company, the same user has a unionID between all service applications bound under an open platform, that is, the identity number of all products under the open platform of wechat users. For example, the OpenID of applets A of user A on this platform is X, the OpenID of applets B on this platform is Y, and the unionID of this user is Z.

  • Open platform accounts of merchants and service providers

Understand a concept here: “Direct connection model” and “service provider model”

Direct connection mode:Merchants develop their own systems to connect with wechat Pay for transactions, and the money is directly settled into the settlement account of merchants, which is called“Directly Connected Merchant”

Service provider mode: Some merchants do not have the ability to develop, so they choose the “service providers” that have already moved into wechat Pay to support their business. Such merchants are “inter-connected merchants”.

Therefore, to enter into a service provider, can not have the ability to develop business technology research and development

  • Binding and Authorization

“Binding” means that the merchant binds its public account or small program account to the merchant’s open platform, and “authorization” means that the merchant authorizes its public account or small program scan code to the third-party platform account of the service provider. Here, I understand that the merchant will “bind” the application on its own public platform to its own open platform, and the service application can unify the user account with the mobile application, website application, public account and other small programs under the account through the unionID mechanism.

“Licensing” refers to the fact that a business does not have the ability to develop, so it authorizes a third-party service provider to do the development.

  • A few Token

If your company is developed by itself, it will use access_token. If you rely on outsourcing platform development, you need COMPONent_Access_Token and AUTHORizer_Access_Token to get the permissions of merchants and open third-party interfaces on behalf of merchants

WeChat landing

Wechat OAuth2.0 Authorized Login Allows wechat users to securely log in to third-party applications or websites with wechat identity. After a wechat user authorizes to log in to a third-party application that has access to wechat OAuth2.0, the third party can obtain the user’s interface call certificate (Access_token). Access_token can be used to invoke the authorization relationship interface of wechat open platform, so as to obtain basic open information of wechat users and help users to realize basic open functions. Wechat OAuth2.0 authorization login currently supports authorization_code mode, which is suitable for application authorization with server side.

The authorization_code mode refers to that the user application first applies for an authorization code and then uses this code to obtain the token

Development:OAuth2.0To obtainaccess_tokenThere are four ways:

  • Implicit Grant

The user is redirected to the authentication server. The user enters the account password and returns to the application page to access the resource server using the returned Token. This mode applies to applications that can only pass third-party authentication without background management

  • Authorization Code Grant

The most mainstream validation method on the market. After accessing the application, the user will be redirected to the authentication server for authorization. The user returns the code with the client_id to the application server, and the application server retrieves the code. Client_id Client_secret Exchanged for access_token and refresh_token to access the resource server. The application server cannot obtain the user’s account password and has restricted access to third-party resources, ensuring high security

  • Resource Owner Password Credentials Grant

A user accesses the application page and enters the account password required by the third-party platform. The application server then requests the authentication server with the information. After the authentication succeeds, the application server returns a Token to access static resources using the Token. This limitation is extremely high, for example, the application platform and the third party platform are brothers, such as wechat and QQ

  • The Client Credentials Grant mode

Users can access the static resource server without hindrance by obtaining the Token through the authentication mode defined on the application end. This approach has very low security and is generally provided to fully trusted server-side services without user involvement

WeChat pay

In order to ensure the security of payment, it is necessary to go through complicated procedures, including data review and agreement signing

API v3

To sum up, the RESTFUL interface style adopts THE JSON front-end and back-end data interaction, uses the asymmetric SHA256-RSA digital signature algorithm, and uses AES-256-GCM to encrypt and protect key callback information, which improves security. In addition, you only need to carry the certificate serial number, simplifying operations

Some common oneskey

  • Direct connection mode:

  • Service provider mode:

More accessorial keys for service developers to call permissions, outsourcing development

Pay for the product

  • Payment code payment: in offline scenarios, merchants use devices to scan users’ QR codes for payment
  • Native payment: often referred to as scan code payment, often used in PC websites, mobile phone scan code payment
  • JSAPI webpage payment: namely, the daily public account payment, you can click the page link in wechat public account, moments of friends, chat session, or use wechat “Scan scan” to scan the page address TWO-DIMENSIONAL code to open the HTML5 page of the merchant in wechat, and place an order to complete the payment in the page
  • APP payment: APP payment refers to the existing APP of the merchant. By connecting with the wechat Payment API and SDK, the transaction can be transferred from the merchant APP to the wechat APP, and the user can jump back to the merchant APP after completing the payment
  • Mini program payment: Mini program payment refers to a scenario in which users complete transactions within the mini program through the connection of wechat Payment API within the existing mini program of merchants

Ali Cloud Platform

First of all, attach the official flow chart of SMS service:

The first step is to have an identity in Ali Cloud: registered account, real name authentication…

Real-name authentication is best in the form of enterprise authentication, otherwise it will be greatly discriminated against in SMS services, as shown in the picture:

Know some nouns:

  • SMS signature: An SMS signature is created based on a user’s identity. You are advised to set the SMS signature to the full name or short name of the organization where the account body belongs. For example, the mic Quiz
  • SMS template: An SMS template consists of variables and template content. You can customize SMS content using variables.
    • SMS notification (0.045 yuan/piece) For example: Dear Myqu.com users, you have successfully opened the membership service!
    • Verification code (0.045 yuan/piece) For example, your verification code is 123456. The verification code is valid within 5 minutes. Do not disclose the verification code to others
    • Promotion SMS (0.055 yuan/piece) such as: Mai Qu evaluation benefits come! .

Control method:

  • Console usage: The SMS service console supports creating SMS content, sending SMS messages, collecting and displaying service data, such as sending volume, sending record, cost, and log analysis, and setting the receiving mode of message receipt and contacts
  • API/SDKUse: [API Overview document](An overview of the API (aliyun.com)) Use AliyunOpenAPIDeveloper portal or Ali CloudSDKComplete common operations, such as adding an SMS signature, adding an SMS template, sending an SMS service, and querying details about sending an SMS message, and send the specified SMS message to a domestic or foreign mobile phone number

Note: After we pass the application signature and template review, we can test on the console or through the API/SDK provided by Ali Cloud to obtain the return status code, etc. The advantage of the console is that you can better view the full range of data visualized, such as logs, sent volumes, sent records, etc., while the API/SDK makes it easier for backend personnel to use it for personalized development