OAuth2 - Hippoom/wechat-mp-starter GitHub Wiki
The starter provides a built-in HTTP endpoint which redirects the user agent to finish WeChat OAuth2 protocol.
The URI is /wechat/oauth/authorize
. The user agent is allowed to specify the URI to redirect to once the OAuth2 protocol succeeds, this can be done by using the query parameter named origin
, the redirect URI should be URL encoded:
window.location.href = "/wechat/oauth/authorize?origin=" + encodeURIComponent(window.location.href);
Currently, you need to provide the base URI of your MP application in the application{-profile}.properties
or application{-profile}.yml
, the URI should be registered in your MP admin console(see Web-based Authorization Callback Domain Name section for detail)
wechat:
mp:
appBaseUri: https://98867544.ap.ngrok.io
By default, a WeChatMpOAuth2AccessTokenAuthentication
is stored in the session once the OAuth2 protocol succeeds, in the meantime, a server side cookie (JSESSIONID) and a client side cookie (XSRF-TOKEN) is sent to the user agent. The user agent can user the XSRF-TOKEN to pass the CSRF protection later on:
import Cookies from 'universal-cookie';
let cookies = new Cookies();
let headers = new Headers();
headers.set("X-XSRF-TOKEN", cookies.get("XSRF-TOKEN"));
fetch('/rel/wechat/user/profile/me', {
method: 'get',
credentials: "same-origin",
headers: headers
}).then((response) => {
//omitted codes
});