+ * 检验登录态是否有效,用于虚拟支付等场景构建用户签名前的登录态验证。 + * 登录态有效时返回 {@code true};登录态已失效时,微信服务端将返回错误码(如 87009), + * 并以 {@link me.chanjar.weixin.common.error.WxErrorException} 的形式抛出。 + *
+ * 文档地址:检查登录态 + * + * @param openid 用户唯一标识符 + * @param sessionKey 用户的 session_key,通过 {@link #getSessionInfo(String)} 获取 + * @return 登录态有效时返回 {@code true} + * @throws WxErrorException 登录态已失效或调用微信接口失败时抛出(失效时 errcode 为 87009) + */ + boolean checkSessionKey(String openid, String sessionKey) throws WxErrorException; } diff --git a/weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/api/impl/WxMaUserServiceImpl.java b/weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/api/impl/WxMaUserServiceImpl.java index 5c850ee8a..c9c7a7b77 100644 --- a/weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/api/impl/WxMaUserServiceImpl.java +++ b/weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/api/impl/WxMaUserServiceImpl.java @@ -19,6 +19,7 @@ import java.util.Map; +import static cn.binarywang.wx.miniapp.constant.WxMaApiUrlConstants.User.CHECK_SESSION_KEY_URL; import static cn.binarywang.wx.miniapp.constant.WxMaApiUrlConstants.User.CODE_2_VERIFY_INFO_URL; import static cn.binarywang.wx.miniapp.constant.WxMaApiUrlConstants.User.GET_PHONE_NUMBER_URL; import static cn.binarywang.wx.miniapp.constant.WxMaApiUrlConstants.User.SET_USER_STORAGE; @@ -97,4 +98,12 @@ public WxMaCode2VerifyInfoResult getCode2VerifyInfo(String code, String checkcod return WxMaCode2VerifyInfoResult.fromJson(responseContent); } + @Override + public boolean checkSessionKey(String openid, String sessionKey) throws WxErrorException { + String signature = SignUtils.createHmacSha256Sign(openid, sessionKey); + String url = String.format(CHECK_SESSION_KEY_URL, openid, signature); + this.service.get(url, null); + return true; + } + } diff --git a/weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/constant/WxMaApiUrlConstants.java b/weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/constant/WxMaApiUrlConstants.java index 40633ea6d..86fa58ac6 100644 --- a/weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/constant/WxMaApiUrlConstants.java +++ b/weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/constant/WxMaApiUrlConstants.java @@ -366,6 +366,9 @@ public interface User { String GET_PHONE_NUMBER_URL = "https://api.weixin.qq.com/wxa/business/getuserphonenumber"; /** 多端登录验证接口 */ String CODE_2_VERIFY_INFO_URL = "https://api.weixin.qq.com/wxa/sec/checkcode2verifyinfo"; + /** 检查登录态接口 */ + String CHECK_SESSION_KEY_URL = + "https://api.weixin.qq.com/wxa/checksessionkey?openid=%s&signature=%s&sig_method=hmac_sha256"; } public interface Ocr { diff --git a/weixin-java-miniapp/src/test/java/cn/binarywang/wx/miniapp/api/impl/WxMaUserServiceImplTest.java b/weixin-java-miniapp/src/test/java/cn/binarywang/wx/miniapp/api/impl/WxMaUserServiceImplTest.java index 7c6d61082..5b56791e3 100644 --- a/weixin-java-miniapp/src/test/java/cn/binarywang/wx/miniapp/api/impl/WxMaUserServiceImplTest.java +++ b/weixin-java-miniapp/src/test/java/cn/binarywang/wx/miniapp/api/impl/WxMaUserServiceImplTest.java @@ -81,4 +81,10 @@ public void testSetUserStorage() throws WxErrorException { public void testGetAccessToken() throws Exception{ assertNotNull(wxService.getAccessToken(true)); } + + @Test(expectedExceptions = WxErrorException.class) + public void testCheckSessionKey() throws WxErrorException { + // 使用无效的 openid 和 sessionKey,预期微信服务端返回错误(如 errcode=87009)并抛出 WxErrorException + this.wxService.getUserService().checkSessionKey("invalid_openid", "invalid_session_key"); + } }