-
获取access_token
访问微信公众平台,申请开发者账号,创建一个公众号,获取AppID和AppSecret。
通过https请求方式,向以下URL发送请求,即可获得access_token:
https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=APPID&secret=APPSECRET
其中APPID和APPSECRET是创建公众号时获得的,该请求方式在WeChat官网有详细介绍,可以参考官网。
-
生成JS-SDK权限验证的签名
向以下URL发GET请求获取jsapi_ticket:
https://api.weixin.qq.com/cgi-bin/ticket/getticket?type=jsapi&access_token=ACCESS_TOKEN
该请求成功后会返回下面的JSON数据格式:
{ "errcode":0, "errmsg":"ok", "ticket":"kgt8ON7yVITDhtdwci0qeY6HX5zfjk0z7yT7TpzmQzteAeVytSjSZdWmLplNe6R0GDgozON06VYJSTqtYKcsdQ", "expires_in":7200 }
其中errcode为0时代表请求成功,ticket为返回的JS-SDK权限验证的签名。expires_in为失效时间,单位为秒,即7200秒(2小时)后ticket则会失效。
-
生成noncestr和timestamp
noncestr是16位的随机字符串,timestamp是当前的时间戳,以秒为单位。
-
生成签名signature
signature是通过对noncestr、timestamp、url、jsapi_ticket进行SHA-1签名算法得到的16进制字符串。url为当前页面的URL,不包含#及其后面部分。
-
JS代码实现
在PHP代码中,可以使用相关函数进行请求操作和生成signature的计算。以下是一个简单示例:
//获取access_token
function getAccessToken($appid, $appsecret){
$url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=".$appid."&secret=".$appsecret;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$output = curl_exec($ch);
curl_close($ch);
$jsoninfo = json_decode($output, true);
$access_token = $jsoninfo["access_token"];
return $access_token;
}
//生成jsapi_ticket
function getJsApiTicket($access_token){
$url = "https://api.weixin.qq.com/cgi-bin/ticket/getticket?type=jsapi&access_token=".$access_token;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$output = curl_exec($ch);
curl_close($ch);
$jsoninfo = json_decode($output, true);
$ticket = $jsoninfo["ticket"];
return $ticket;
}
//生成随机字符串
function createNonceStr($length = 16){
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$str = "";
for ($i = 0; $i < $length; $i++){
$str .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
return $str;
}
//生成签名signature
function getSignature($jsapi_ticket, $noncestr, $timestamp, $url){
$string = "jsapi_ticket=".$jsapi_ticket."&noncestr=".$noncestr."×tamp=".$timestamp."&url=".$url;
$signature = sha1($string);
return $signature;
}
//调用示例
$appid = "你的AppID";
$appsecret = "你的AppSecret";
$url = "http://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"];
$access_token = getAccessToken($appid, $appsecret);
$jsapi_ticket = getJsApiTicket($access_token);
$noncestr = createNonceStr();
$timestamp = time();
$signature = getSignature($jsapi_ticket, $noncestr, $timestamp, $url);
//输出结果
echo "noncestr:".$noncestr."
";
echo "timestamp:".$timestamp."
";
echo "signature:".$signature."
";