微信公众号分享功能开发

---

必需参数

appId: '', // 必填，公众号的唯一标识
timestamp: , // 必填，生成签名的时间戳
nonceStr: '', // 必填，生成签名的随机串
signature: '',// 必填，签名
jsApiList: [] // 必填，需要使用的JS接口列表

1.通过appid+secret获取access_token

https请求方式: GET
https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=APPID&secret=APPSECRET

参数说明

参数	是否必须	说明
grant_type	是	获取access_token填写client_credential
appid	是	第三方用户唯一凭证
secret	是	第三方用户唯一凭证**，即appsecret

返回说明

正常情况下，微信会返回下述JSON数据包给公众号：

{"access_token":"ACCESS_TOKEN","expires_in":7200}

2.通过access_token获取jsapi_ticket

https请求方式: GET
https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=ACCESS_TOKEN&type=jsapi

返回说明

{
    "errcode":0,
    "errmsg":"ok",
    "ticket":"bxLdikRXVbTPdHSM05e5u5sUoXNKd8-41ZO3MhKoyN5OfkWITDGgnr2fwJ0m9E8NYzWKVZvdVtaUgWvsdshFKA",
    "expires_in":7200
}

3.生成签名

附录一：获取access_token

# 一般access_token有效期为7200s,避免重复请求，使用redis作为缓存
class WxShare(Resource):
    def __init__(self):
        if redis.get("access_token"):
            self.access_token = eval(str(r.get("access_token"), "utf8"))
        else:
            self.access_token = {
                "access_token": "",
                "update_time": time.time(),
                "expires_in": 7200
            }


        def get_access_token(self):
        # 验证token是否过期，是：重新请求，否：直接返回
        if not self.access_token.get("access_token") or (time.time() - self.access_token.get('update_time')) > self.access_token.get('expire_in'):
            resp = requests.get(
                "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=%s&secret=%s" % (appID, appSecrete))
            rp = resp.json()

            if 'errcode' in rp:
                raise Exception(rp.get("errmsg"))
            else:
                access_token = {
                    "access_token": rp["access_token"],
                    "expire_in": rp["expires_in"],
                    "update_time": time.time()
                }
                self.access_token = access_token
                r.set("access_token", access_token)
                return rp["access_token"]
        else:
            return self.access_token.get('access_token')

附录二：生成随机数

# 获取noncestr（随机字符串）
def createNonceStr():
    import random
    chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
    str = ""
    for i in range(0, 16):
        s = random.randint(0, len(chars)-1)
        str += chars[s:s+1]
    return str
timestemp = int(time.time)

access_token = {"access_token":rp["access_token"],"expires_in":rp["expires_in"],"update_time": time.time()}

附录三: 生成签名

    def post(self):
        import hashlib
        url = request.json["url"]
        timestamp = int(time.time())
        js_ticket = self.get_jsapi_ticket()

        # 报错信息
        if type(js_ticket) == dict:
            return js_ticket

        nonce = createNonceStr()
        ret = {
            "noncestr": nonce,
            "jsapi_ticket": js_ticket,
            "timestamp": timestamp,
            "url": url
        }
        temp = "&".join(['%s=%s' % (key.lower(), ret[key]) for key in sorted(ret)])
        # 2. 将三个参数字符串拼接成一个字符串进行sha1加密
        # sig是计算出来的签名结果
        sig = hashlib.sha1(temp.encode("utf8")).hexdigest()
        package = {
            "timestamp": timestamp,
            "noncestr": nonce,
            "signature": sig
        }
        
        return trueReturn(package)

验证生成的sig是否有效

????我