Functional Description
Log in through pin-sweep code and get the logged-in user information.This eliminates the need to develop your own login system.Relatively convenient.
Background description
Now E is the main push, and the official case is E. In fact, the background call process of this E application is different from the original scanner login.So to do this, you need to check the old api documentation.The address is as follows: https://open-doc.dingtalk.com/dingdocold
For compatibility, the old api and url should no longer be changed.So now make a set of templates, you can copy the code directly.Modify some configurations to run.
Development process
Here we make a few changes to the scene.(Download sdk to do it yourself)
Create inspection information for scanner delivery
On a pinned developer platform, Scavenger Login creates an authorization.The main information is as follows
|Field to Submit|Description| | :- | :- | |Name | Name of authorized microapplication | |Description | Scavenger login is used, mainly to describe the scenario used | |Authorization Page LOGO Address | This will appear on the middle page of the authorization page, starting with http or https| |Callback Domain Name | Callback URL, starting with http or https|
Note here is the callback domain name, which is the page that jumps after sweeping, which will be used later.Once created, we can see appId and appSecret.
Create QR Code
The main use here is jump, which is more convenient, a url solution.
This is the url above.There are several places where the parameter passed needs to be modified where the appid is the one you get in the first step.redirect_uri is the jump page you write in the first step (jump page is actually a request to get specific information, the scan is only validated, we also record who is logged in, get specific information and jump to the page to do).The state is essentially used here to disable caching, which is a get request that needs to be done with the rest of the parameters unchanged.
Remaining steps
The next steps are more mechanized and go to the official documents if you are interested.These codes don't need to be modified; I've abstracted them into methods.
Emphasis
Some information we need to get, appid, appSecret, callback url.
Code
@RestController @RequestMapping("") public class DingLoginController { private static final String URL = "http://127.0.0.1:8080/loginInfo"; private static final String DINGDING_URL = "https://oapi.dingtalk.com"; private static final String METHOD_GET = "GET"; private static final String APP_ID = ""; private static final String APP_SECRET = ""; @RequestMapping("/login") public void login(HttpServletResponse response) throws IOException { StringBuilder stringBuilder = new StringBuilder(); stringBuilder.append(DINGDING_URL).append("/connect/qrconnect?appid=" + APP_ID + "&") .append("response_type=code&scope=snsapi_login&state=") .append(System.currentTimeMillis()).append("&redirect_uri=").append(URL); response.sendRedirect(stringBuilder.toString()); } @RequestMapping("/loginInfo") public JSONResult login(String code) throws ApiException { String accessToken = getAccessToken(APP_ID, APP_SECRET); String persistentCode = getPersistentCode(accessToken, code); JSONObject infos= JSONObject.parseObject(persistentCode); String openid = infos.getString("openid"); String persistent_code = infos.getString("persistent_code"); String unionid = infos.getString("unionid"); String snsToken = getSnsToken(accessToken,openid,persistent_code); String userInfo = getUserInfo(snsToken); return JSONResult.ok(userInfo); } public String getAccessToken(String appId, String appSecret) throws ApiException { OapiSnsGettokenResponse response = null; DingTalkClient client = new DefaultDingTalkClient(DINGDING_URL + "/sns/gettoken"); OapiSnsGettokenRequest request = new OapiSnsGettokenRequest(); request.setAppid(appId); request.setAppsecret(appSecret); request.setHttpMethod(METHOD_GET); response = client.execute(request); String body = response.getBody(); JSONObject jo = JSON.parseObject(body); String errcode = jo.getString("errcode"); String access_token = null; if ("0".equals(errcode)) { access_token = (String) jo.get("access_token"); } return access_token; } public String getPersistentCode(String accessToken, String code) throws ApiException { OapiSnsGetPersistentCodeResponse response = null; DingTalkClient client = new DefaultDingTalkClient(DINGDING_URL + "/sns/get_persistent_code"); OapiSnsGetPersistentCodeRequest request = new OapiSnsGetPersistentCodeRequest(); request.setTmpAuthCode(code); response = client.execute(request, accessToken); return response.getBody(); } public String getSnsToken(String accessToken,String openId,String persistentCode) throws ApiException { OapiSnsGetSnsTokenResponse response = null; DingTalkClient client = new DefaultDingTalkClient(DINGDING_URL + "/sns/get_sns_token"); OapiSnsGetSnsTokenRequest request = new OapiSnsGetSnsTokenRequest(); request.setPersistentCode(persistentCode); request.setOpenid(openId); response = client.execute(request, accessToken); return response.getSnsToken(); } public String getUserInfo(String snsToken) throws ApiException { OapiSnsGetuserinfoResponse response = null; DingTalkClient client = new DefaultDingTalkClient(DINGDING_URL + "/sns/getuserinfo"); OapiSnsGetuserinfoRequest request = new OapiSnsGetuserinfoRequest(); request.setSnsToken(snsToken); request.setHttpMethod(METHOD_GET); response = client.execute(request); return response.getBody(); } }
Copy the above code and then modify APP_ID, APP_SECRET, where URL = " http://127.0.0.1:8080/loginInfo "because the code below says that the access path is loginInfo.If you want to modify the url, remember to also modify the URL mapping of the code below.
Then we can publish it. When we visit login, a two-dimensional code will pop up. After you log in with a pin scanner, you can see the user information of the scanner code returned.