access_token is the globally unique ticket of the official account. Access_token is required when calling each interface of the official account. Developers need to save it properly. The storage of access_token must retain at least 512 character space. The validity period of access_token is currently 2 hours and needs to be refreshed regularly. Repeated acquisition will cause the access_token you obtained last time to be invalid.
Description of the usage and generation method of access_token required for API calls of public platforms:
1. In order to keep appsecrect confidential, third parties need an access_token to obtain and refresh the central control server. The access_token used by other business logic servers all come from the central control server and should not be refreshed separately, otherwise it will cause access_token to cover and affect the business;
2. The current validity period of access_token is conveyed through the returned expire_in, and is currently a value within 7200 seconds. The central control server needs to refresh the new access_token in advance based on this valid time. During the refresh process, the central control server still outputs the old access_token to the outside. At this time, the public platform background will ensure that both new and old access_tokens are available in the short period of refreshing, which ensures a smooth transition of third-party services;
3. The valid time of access_token may be adjusted in the future. Therefore, the central control server not only needs to be refreshed internally regularly, but also needs to provide an interface for passive refresh of access_token, which facilitates the business server to trigger the refresh process of access_token when the API call knows that access_token has timed out.
If the third party does not use the central control server, but instead selects each business logic point to refresh the access_token, then conflicts may arise, resulting in unstable service.
The official account can use AppID and AppSecret to call this interface to obtain access_token. AppID and AppSecret can be obtained in the WeChat public platform official website - Developer Center page (need to have become a developer and the account has no abnormal status). Note that when calling all WeChat interfaces, you must use the https protocol.
Interface call request description
http request method: GET
https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=APPID&secret=APPSECRET
Parameter description
Return to the description
Under normal circumstances, WeChat will return the following JSON packet to the official account:
{"access_token":"ACCESS_TOKEN","expires_in":7200}
When error occurs, WeChat will return error codes and other information. The example of JSON packet is as follows (this example is an invalid AppID error):
{"errcode":40013,"errmsg":"invalid appid"}
2. Code implementation
APPID, APPSECRET can be checked in public accounts
package com.zhrd.bussinss.platform.scheduled;import java.io.InputStream;import java.net.HttpURLConnection;import java.net.URL;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.context.annotation.Lazy;import org.springframework.scheduling.annotation.Scheduled;import org.springframework.stereotype.Component;import com.zhrd.bussinss.platform.constants.WeiXinId;import com.zhrd.bussinss.platform.service.AccessTokenService;import net.sf.json.JSONObject;@Component@Lazy(false)public class GetWeiXinAccessTokenScheduled { /** * Get ACCESS_TOKEN * * @Title: getAccess_token * @Description: Get ACCESS_TOKEN * @param @return Setting File* @return String Return Type* @throws */ @Autowired private AccessTokenService accessTokenServiceImpl; @Scheduled(fixedRateString = "${weixin.token.fixedRate.in.milliseconds}" , initialDelayString = "${weixin.token.initialDelay.in.milliseconds}") public void getAccessToken() { System.out.println("====================获取token开始=============================="); String url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=" + WeiXinId.APPID+ "&secret=" + WeiXinId.APPSECRET; String accessToken = null; String expiresIn = null; try { URL urlGet = new URL(url); HttpURLConnection http = (HttpURLConnection) urlGet.openConnection(); http.setRequestMethod("GET"); // You must request http.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); http.setDoOutput(true); http.setDoInput(true); http.connect(); InputStream is = http.getInputStream(); int size = is.available(); byte[] jsonBytes = new byte[size]; is.read(jsonBytes); String message = new String(jsonBytes, "UTF-8"); JSONObject demoJson = JSONObject.fromObject(message); accessToken = demoJson.getString("access_token"); expiresIn = demoJson.getString("expires_in"); System.out.println("accessToken===="+accessToken); System.out.println("expiresIn==="+expiresIn); accessTokenServiceImpl.addToken(accessToken,expiresIn); System.out.println("========================================================================================================== System.out.printStackTrace(); }// return accessToken; } } The above is all the content of this article. I hope it will be helpful to everyone's learning and I hope everyone will support Wulin.com more.