This is the sixth day of my participation in Gwen Challenge

background

I have done work related to wechat public number before. This article will talk about the main points without involving any codes. Our client has a number of subsidiaries, and each subsidiary has its own wechat public account. The company hopes to use the company’s wechat official account to authorize the users of all subsidiaries. In this way, the head office gets the user information of all subsidiaries and collects payments from the head office’s payment merchants. There’s not a lot of text here, it’s all in the picture.


Basic knowledge of wechat authorization

Pre-development preparation

Wechat official account/developer account with webpage authorization

Because we have prepared the wechat public account here, there is no problem, but the public account needs to open the relevant interface.





The server and domain name required by the development environment are resolved to the server and IP address whitelists are configured

Basic Settings -> IP address whitelist



Public account setting -> Function Setting -> domain name binding [JS interface security domain name, web authorized domain name]

The domain name can be bound only after the verification file is uploaded to the server





Web page authorization

Web page authorization front and back end interaction process



Front-end code writing

window.location.href=`https://open.weixin.qq.com/connect/oauth2/authorize?appid=${appId}&redirect_uri=${window.location. origin}/api/wp/auth?params=${params}&response_type=code&scope=snsapi_userinfo&state=STATE&connect_redirect=1#wechat_redi rect`;Copy the code

Wechat public account menu jump link first jump to the front page, then jump to wechat check, callback back to the back end, in the redirect to the front end.



Ali Cloud environment considerations

When configuring the IP address whitelist, Aliyun may need to configure two IP addresses, one for the entry IP address and the other for the exit IP address. You can view the specific IP address information when the system reports an error.

Pay the configuration

Add merchant Account

Wechat public account -> wechat Pay -> Associated payment merchants





Payment required configuration parameters

Specific API documentation: pay.weixin.qq.com/wiki/doc/ap…

Merchants pay for authorized domain names





Front-end payment operation







A single wechat public account authorizes multiple wechat public accounts

scenario

The company may have multiple subsidiaries, and the parent company wants to authorize the user information of all branches through the public account of the parent company. The drainage here is not the public number concerned about drainage, but user information.



Normal wechat public account for authorization, as shown below:





What is it that decides to use that public number for authorization?

This is the appId in the code below.

window.location.href=`https://open.weixin.qq.com/connect/oauth2/authorize?appid=${appId}&redirect_uri=The ${window.location.origin}/api/wp/auth? params=${params}&response_type=code&scope=snsapi_userinfo&state=STATE&connect_redirect=1#wechat_redirect`;
Copy the code


How to authorize single wechat signal in multiple wechat public accounts


The key point is the appId here, which is not modified with different wechat accounts, but all wechat public accounts use a single wechat public account appId and secreat.






How to configure the development, test, and production environments

Multiple environments means that different wechat public accounts will be used for verification in different environments.

The development environment



Test environment/production environment


What changes do we need to make based on the development environment when we need to deploy our test and production environments? As shown in the following figure, the relevant data and configuration need to be modified.







Database Field Description

{
    "cityId":"872"."cityName":"* * * *"."wx_token":"token"."wx_app_id":"xxxxxxxx"."wx_secret":"yyyyyyyy"."sub_app_id":"xxxxxxxx"."sub_secret":"yyyyyyyy"."deletedStatus":"0"
}
Copy the code

AppId and secret are sub_app_id and sub_secret. Since the two fields are used for authorization, namely development/test/production, they are the same. Because it is a single wechat public number authorized multiple wechat signals.




Scan message push scenario

The flow chart

Scan code scene has become very common in today’s life.







Relevant documents of TWO-DIMENSIONAL code

Developers.weixin.qq.com/doc/offiacc…



The wechat public account server needs to be enabled for wechat push messages. You need to configure it.



Background interface writing

Assume that the top interface is /testCallBack/${storeId}. There will be two interfaces with the same name, one is GET/POST.

  • The GET request will be verified when we configure wechat server and enable it. If there is no such interface, the verification will fail.
  • A POST request is a concrete business response message.
 	/** * Test wechat callback */
    @GetMapping(value = "/testCallBack/{storeId}")
    public void testWxCallBack(@RequestParam(name = "signature", required = false) String signature,
                               @RequestParam(name = "timestamp", required = false) String timestamp,
                               @RequestParam(name = "nonce", required = false) String nonce,
                               @RequestParam(name = "echostr", required = false) String echostr,
                               @PathVariable(value = "storeId") String storeId,
                               HttpServletResponse response) {**** **** ****}/** * wechat callback message processing **@param request
     * @param response
     * @throws IOException
     * @throws DocumentException
     */
    @PostMapping(value = "/testCallBack/{storeId}", produces = {"application/xml; charset=UTF-8"})
    @ResponseBody
    public void testWxCallBack(a) {**** **** ****}Copy the code


And single wechat authorization integration

The contradiction here is: suppose we have twenty subsidiaries, each of which has its own wechat public account. The subsidiary can conduct drainage through two-dimensional code scanning, and the drainage is the wechat public account of the subsidiary that users need to follow. However, the page after following the subsidiary is authorized by the wechat public number of the parent company.

  • Single wechat authorization
  • Multiple wechat signals push messages






Database Field Description

{
    "cityId":"872"."cityName":"* * *"."wx_token":"token"."wx_app_id":"xxxxxxxx"."wx_secret":"yyyyyyyy"."sub_app_id":"xxxxxxxx"."sub_secret":"yyyyyyyy"."deletedStatus":"0"
}
Copy the code
  • “Wx_token “: qr code push, refers to the above multiple wechat signal push subsidiary wechat public account token
  • “Wx_app_id “: the qr code push is used, which refers to the appId of the wechat public account of the subsidiary pushed by the above wechat signals
  • “Wx_secret “: the use of QR code push refers to the secret of the wechat public number pushed by the subsidiaries by the above multiple wechat signals
  • “Sub_app_id “: for authorized use, it refers to the appId of the wechat official account of the authorized parent company
  • “Sub_secret “: for authorized use, it refers to the secret of the wechat official account of the parent company authorized by wechat



Database field summary:

  • The sub field varies in different environments. In an environment, the configurations of all subsidiaries are the same.
  • The WX field is the same in different environments. In the same environment, the configurations of all subsidiaries are different.