开放平台注册

开发第三方平台，首先需要到微信开放平台申请注册第三方平台账号

创建第三方平台

第三方平台信息配置

第三方授权流程

详细流程说明可参照官网授权流程技术说明；

授权流程代码

获取第三方平台接口调用凭据“component_verify_ticket”

出于安全考虑，在第三方平台创建审核通过后，微信服务器 每隔10分钟会向第三方的消息接收地址推送一次component_verify_ticket，用于获取第三方平台接口调用凭据。

package com.litte.controller.warrant;import com.litte.entity.reception.TWarrantInfo;import com.litte.service.warrantinfo.TWarrantInfoService;import com.litte.service.warrantmerchant.TWarrantMerchantService;import com.litte.util.DateUtil;import com.litte.util.WinxinUtil;import net.sf.json.JSONObject;import org.apache.commons.lang.StringUtils;import org.dom4j.Document;import org.dom4j.DocumentException;import org.dom4j.DocumentHelper;import org.dom4j.Element;import org.slf4j.Logger;import org.slf4j.LoggerFactory;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.PathVariable;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.ResponseBody;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.BufferedReader;import java.io.IOException;import java.io.PrintWriter;import java.util.Calendar;import java.util.Date;@Controller@RequestMapping("/warrant")public class WarrantController {    private static final Logger LOGGER = LoggerFactory.getLogger(WarrantController.class);    //公众号第三方平台的appid    private static final String APPID = "wx9681884b28ed7927";    //第三方平台申请时填写的接收消息的校验token    private static final String TOKEN = "xinxingshang";    //    private static final String TOKEN = "xinxingshangstar";    //第三方平台申请时填写的接收消息的加密symmetric_key    private static final String ENCODINGAESKEY = "xinxingshangstarkeykey11keyxinxingshangstar";    private static final String SECRET = "a4d75ccc5b9ca0cef697116bc8c2e156";    //获取"component_access_token"URL    private static final String COMPONENT_TOKEN_URL = "https://api.weixin.qq.com/cgi-bin/component/api_component_token";    // 获取"pre_auth_code"URL    private static final String PRE_AUTH_CODE = "https://api.weixin.qq.com/cgi-bin/component/api_create_preauthcode?component_access_token=componentAccessToken";    // 刷新令牌    private static final String AUTHORIZER_REFRESH_TOKEN = "https://api.weixin.qq.com/cgi-bin/component/api_authorizer_token?component_access_token=componentAccessToken";    @Autowired    TWarrantInfoService tWarrantInfoService;    @Autowired    TWarrantMerchantService TWarrantMerchantService;    /**     * 获取"component_verify_ticket"     *     * @Description:     * @Author: Mr.Jkx     * @Date: 2019/4/3 16:03     * 参考链接：https://blog.csdn.net/liaoyundababe/article/details/53537417     * https://blog.csdn.net/zhangdaiscott/article/details/48269837     */    @RequestMapping("/responseRequest")    @ResponseBody    public void responseRequest(HttpServletRequest request, HttpServletResponse response) throws AesException, IOException {        LOGGER.info("WeChat third-party platform --------- WeChat push Ticket message 10 minutes-----------");        output(response, "success"); // 输出响应的内容。        processAuthorizeEvent(request);    }    /**     * 处理授权事件的推送     *     * @param request     * @throws IOException     * @throws AesException     * @throws DocumentException     */    public void processAuthorizeEvent(HttpServletRequest request)            throws IOException, AesException {        String nonce = request.getParameter("nonce");        String timestamp = request.getParameter("timestamp");        String msgSignature = request.getParameter("msg_signature");        LOGGER.info("=====WeChat third-party platform======" + nonce + "  " + timestamp + "  " + msgSignature);        StringBuilder sb = new StringBuilder();        BufferedReader in = request.getReader();        String line;        while ((line = in.readLine()) != null) {            sb.append(line);        }        String xml = sb.toString();        LOGGER.info("Third-party platform is released on the whole network-----------------------original, Xml=" + xml);        WXBizMsgCrypt pc = new WXBizMsgCrypt(TOKEN, ENCODINGAESKEY, APPID);        LOGGER.info("Third-party platform is released on the whole network-----------------------decryption WXBizMsgCrypt new 成功");        String xml1 = pc.decryptMsg(msgSignature, timestamp, nonce, xml);        LOGGER.info("Third-party platform is released on the whole network-----------------------After decryption, Xml=" + xml1);        processAuthorizationEvent(xml1);    }    /**     * 保存componentVerifyTicket     *     * @param xml     */    void processAuthorizationEvent(String xml) {        Document doc;        try {            doc = DocumentHelper.parseText(xml);            Element rootElt = doc.getRootElement();            String componentVerifyTicket = rootElt.elementText("ComponentVerifyTicket");            LOGGER.info("Third-party platform is released on the whole network---------After decryption, ComponentVerifyTicket=" + componentVerifyTicket);            if (StringUtils.isNotBlank(componentVerifyTicket)) {                TWarrantInfo tWarrantInfo = new TWarrantInfo();                tWarrantInfo.setId("053882ef3bed46c795bbd7da470e79cf");                tWarrantInfo.setComponentVerifyTicket(componentVerifyTicket);                tWarrantInfo.setTicketCreateTime(DateUtil.formatDate(new Date(), "yyyy-MM-dd HH:mm:ss"));                int i = tWarrantInfoService.updateByPrimaryKeySelective(tWarrantInfo);                if (i > 0) {                    LOGGER.info("WeChat third-party platform------------component_verify_ticket data save success");                } else {                    LOGGER.info("WeChat third-party platform------------component_verify_ticket data save failure");                }            }        } catch (DocumentException e) {            e.printStackTrace();        }    }    /**    * @Description: 第三方平台全网发布,消息与事件接收URL    * @Author: Mr.Jkx    * @Date: 2019/5/8 18:10    */    @RequestMapping(value = "/$APPID$/xxsCallback")    public void acceptMessageAndEvent(HttpServletRequest request, @PathVariable("APPID") String appid,                                      HttpServletResponse response) throws IOException, DocumentException, AesException {        LOGGER.info("第三方平台全网发布---------{appid}/callback---------验证开始。。。。");        String msgSignature = request.getParameter("msg_signature");        LOGGER.info("第三方平台全网发布-------------{appid}/callback-----------验证开始。。。。msg_signature=" + msgSignature);        if (!StringUtils.isNotBlank(msgSignature)) {            return;// 微信推送给第三方开放平台的消息一定是加过密的，无消息加密无法解密消息        }        StringBuilder sb = new StringBuilder();        BufferedReader in = request.getReader();        String line;        while ((line = in.readLine()) != null) {            sb.append(line);        }        in.close();        String xml = sb.toString();        Document doc = DocumentHelper.parseText(xml);        Element rootElt = doc.getRootElement();        String toUserName = rootElt.elementText("ToUserName");        //微信全网测试账号//        if (StringUtils.equalsIgnoreCase(toUserName, APPID)) {        LOGGER.info("全网发布接入检测消息反馈开始---------------APPID=" + appid + "------------------------toUserName=" + toUserName);        checkWeixinAllNetworkCheck(request, response, xml);//        }    }    public void checkWeixinAllNetworkCheck(HttpServletRequest request, HttpServletResponse response,String xml) throws DocumentException, AesException, IOException {        String nonce = request.getParameter("nonce");        String timestamp = request.getParameter("timestamp");        String msgSignature = request.getParameter("msg_signa