WeChat Small Program User Information Open Data Verification and Decryption
May 18, 2021 WeChat Mini Program Development Document
Table of contents
The service side gets open data
Small programs can obtain the open data provided by WeChat through various front-end interfaces. Given that the developer server also needs access to this open data, WeChat offers two ways to get it:
- Mode 1: Developer background checks and decrypts open data
- Mode 2: Cloud call to get open data directly (cloud development)
Mode 1: Developer background checks and decrypts open data
WeChat will sign and encrypt these open data. When developers get open data in the background, they can verify the signature and decrypt the data to ensure that it is not tampered with.
Signature validation and data decryption involve the user's session key session_key. D evelopers should obtain the session key in advance through the wx.login login process session_key stored on the server. In order that data is not tampered with, developers should not session_key to environments outside the server, such as small program clients.
Data signature checks
In order to ensure the security of the open interface to return user data, WeChat will sign clear text data. Developers can sign packets according to business needs to ensure the integrity of the data.
- When data is obtained by calling an interface such as wx.getUserInfo, the interface returns rawData, signature, where signature s sha1 (rawData session_key)
- Developers send Signature, RawData to the developer server for verification.The server uses the same algorithm using the same algorithm using the same algorithm using the same algorithm, which can check the integrity of the data with Signature and Signature2.
Such as WX.GetUserInfo data check:
Rawdata returned by the interface:
{
"nickName": "Band",
"gender": 1,
"language": "zh_CN",
"city": "Guangzhou",
"province": "Guangdong",
"country": "CN",
"avatarUrl": "http://wx.qlogo.cn/mmopen/vi_32/1vZvI39NWFQ9XM4LtQpFrQJ1xlgZxx3w7bQxKARol6503Iuswjjn6nIGBiaycAjAtpujxyzYsrztuuICqIM5ibXQ/0"
}
User's session-key:
HyVFkGl5F5OQWJZZaNzBBg==
The string used for signatures is:
{"nickName":"Band","gender":1,"language":"zh_CN","city":"Guangzhou","province":"Guangdong","country":"CN","avatarUrl":"http://wx.qlogo.cn/mmopen/vi_32/1vZvI39NWFQ9XM4LtQpFrQJ1xlgZxx3w7bQxKARol6503Iuswjjn6nIGBiaycAjAtpujxyzYsrztuuICqIM5ibXQ/0"}HyVFkGl5F5OQWJZZaNzBBg==
The result obtained using SHA1 is
75e81ceda165f4ffa64f4068af58c64b8f54b88c
Encryption data decision algorithm
Interface If involve sensitive data (such as OpenID and UNIONID among wx.getuserinfo), the apparent content of the interface will not contain these sensitive data.If the developer needs to obtain sensitive data, the encrypted data (EncryptedData) returned by the interface needs to be symmetrical.The decryption algorithm is as follows:
- The algorithm for symmetrical decryption is AES-128-CBC, and the data is filled with PKCS # 7.
- Symmetrical decryption target ciphertext is Base64_Decode (EncryptedData).
- Symmetrically decryled the secret key Aeskey = base64_decode (session_key), Aeskey is 16 bytes.
- Symmetric decision algorithm initial vector is Base64_Decode (IV), where IV returns by the data interface.
WeChat official provides sample code for multiple programming languages ((( click to download ).The interface names for each language type are consistent.The call mode can be referred to the example.
In addition, in order to apply the validity of the verification data, data watermark is added in sensitive data (Watermark)
Watermark parameter description:
| Parameters | Type | Description |
|---|---|---|
| appid | String | Sensitive data belongs to the appId, and developers can verify that this parameter is consistent with their appId |
| timestamp | Int | Timestamps obtained by sensitive data, which developers can use for data time-sensitive checks |
Such as watermark in the interface wx.getUserInfo sensitive data:
{
"openId": "OPENID",
"nickName": "NICKNAME",
"gender": GENDER,
"city": "CITY",
"province": "PROVINCE",
"country": "COUNTRY",
"avatarUrl": "AVATARURL",
"unionId": "UNIONID",
"watermark":
{
"appid":"APPID",
"timestamp":TIMESTAMP
}
}
Note:
- The decrypted jason data may add new fields as needed, the old fields will not change and be deleted, and developers will need to reserve enough space
The session key session_key valid
If a developer experiences a session_key or decryption failure because the session_key is incorrect, follow these considerations.
- When wx.login is called, the user's session_key may be updated to invalidate the old session_key (the refresh mechanism has a minimum cycle, and if the same user calls wx.login multiple times in a short period of time, not every call causes the session_key to refresh). Developers should call wx.login only when they are explicitly required to log back in, and update the server store's server storage information in a timely manner through the auth.code2Session session_key.
- WeChat does not inform developers session_key the validity of this information. W e renew the program based on the user'session_key use of the program. The more frequently users use small programs, the session_key will last.
- When a session_key expires, developers can obtain valid information by re-executing the session_key. Using the interface wx.checkSession, you can verify that session_key is valid, thus preventing the small program from repeatedly performing the login process.
- When developers implement a custom login state, they can consider the session_key expiration date as their own login status, or they can implement a custom time-thral policy.
Mode 2: Cloud calls get open data directly
If the interface involves sensitive data, such as wx.getWeRunData, the clear text content of the interface will not contain the sensitive data, but will contain a cloudID field for the corresponding sensitive data in the returned interface, and the data can be obtained through the cloud function. The complete process is as follows:
1. Get the cloudID
With the base library of version 2.7.0 or above, if the applet is already on for cloud development, the cloudID is valid for five minutes in the return value of the open data interface, which can be obtained from the cloudID field (the same level as encryptedData).
2. Call the cloud function
When the cloud function is called, the values of the incoming data parameters, if the value of the top-level fields are CloudID constructed from wx.cloud.CloudID, the values of those fields are replaced with open data corresponding to the cloudID when the cloud function is called, and up to 5 CloudIDs can be replaced at a time.
Example:
Make a call after the applet gets the cloudID:
wx.cloud.callFunction({
name: 'myFunction',
data: {
weRunData: wx.cloud.CloudID('xxx'), // 这个 CloudID 值到云函数端会被替换
obj: {
shareInfo: wx.cloud.CloudID('yyy'), // 非顶层字段的 CloudID 不会被替换,会原样字符串展示
}
}
})
Example of event received in a cloud function:
// event
{
// weRunData 的值已被替换为开放数据
"weRunData": {
"cloudID": "xxx",
"data": {
"stepInfoList": [
{
"step": 5000,
"timestamp": 1554814312,
}
],
"watermark": {
"appid": "wx1111111111",
"timestamp": 1554815786
}
}
},
"obj": {
// 非顶层字段维持原样
"shareInfo": "yyy",
}
}
If the cloudID is illegal or out of date, what you get in event is an object that contains error codes, error messages, and the original cloudID. Example of an expired cloudID in exchange for results:
// event
{
"weRunData": {
"cloudID": "xxx",
"errCode": -601006,
"errMsg": "cloudID expired."
},
// ...
}