All Products
Search
Document Center

Access Account authorization and payment in Android mini program

Last Updated: Mar 11, 2021

This topic introduces the instructions for accessing Account authorization and payment in the Android Mini Program. This feature is supported only for the 10.1.60 baseline or later. Therefore, if you are using a baseline earlier than version 10.1.60, you must upgrade it to version 10.1.60 or later by referring to Upgrade the baseline.

Prerequisites

  • You have obtained the Account authorization SDK and the quick payment SDK. To obtain these SDKs, you need to provide the following information:
    • The APPID requested on the Alipay open platform. For details, see Create an app.
    • The name of the app. The app name cannot be changed once provided.
      Note: To finish this task, provide the preceding information to mPaaS support personnel in the relevant DingTalk group.
  • You have accessed the Mini Program component. For details about accessing the Mini Program, see Access Android.
  • The mPaaS encryption image has been obtained. For details about generating the encryption image, see Encryption image.

Procedure

  1. Add the Account authorization SDK and the quick payment SDK to the app. Add the following dependencies to the build.gradle file of the master project.

    1. compile 'com.mpaas.opensdk:mypass:3.8.1.159194321103@aar'
    2. compile 'com.mpaas.opensdk:alipaysdk:15.6.0.20190328193516@aar'
    Notes:
    • If you are using the Portal and Bundle access method, integrate the SDKs to the Portal project.
    • If the current app has integrated the Alipay quick payment SDK, remove the SDK.
    • If you have accessed the Account authorization SDK before June 2020, do not use the preceding dependencies, but contact us.
  2. Copy the encryption image file issued by mPaaS to the res/drawable folder of the master project. Do not rename this file.
  3. Copy the alipay_inside_channel.config configuration file issued by mPaaS to the assets folder of the master project. Do not rename this file.
  4. If you are using the 10.1.68 baseline, click mPaaS Inside access or Component-based access in the mPaaS plug-in based on the used access method. Next, click Start configuration under Configure/Update components in the access panel that appears. Then, install the Account authorization component in the component management window that appears.

SDK obfuscation configuration

If the app has enabled obfuscated compilation, add the following configuration to the obfuscation configuration file:

  1. # for inside
  2. -keep class com.alipay.android.phone.inside.** { *; }
  3. # for rpc
  4. -keep class com.alipay.inside.** { *; }
  5. -keep class org.json.alipay.inside.* { *; }
  6. # for login
  7. -keep class com.ali.user.** { *; }
  8. -keep class com.alipay.** { *; }
  9. # for minipaysdk
  10. -keep class com.alipay.** { *; }
  11. -keep class com.flybird.** { *; }
  12. -keep class org.iffa.** { *; }
  13. # for securitysdk
  14. -keep class com.alipay.** { *; }
  15. # for securityguard sdk
  16. -keep class com.alibaba.** {*;}
  17. -keep class com.taobao.** {*;}
  18. # for thirdparty lib: okio
  19. -keep class okio.** {*;}
  20. # for thirdparty lib: utdid
  21. -keep class com.ut.** {*;}
  22. -keep class com.ta.** {*;}
  23. # for thirdparty lib: pb
  24. -keep class com.squareup.** {*;}
  25. -keep interface mtopsdk.mtop.domain.IMTOPDataObject {*;}
  26. -keep class * implements mtopsdk.mtop.domain.IMTOPDataObject {*;}
  27. -keep class com.ali.user.**{*;}
  28. -keep class com.ali.user.**.*$*{*;}
  29. -keep class mtopsdk.**{*;}

The account authorization and payment process

The account authorization and payment process is as follows:

authentication+payment

The client authorization and login process

The client authorization and login process is as follows:

login

Log out of the client or switch the user

When the accessing party logs out or switches the user, the Alipay login state in the client needs to be cleared. Otherwise, the Mini Program will continue to use the Alipay login information of the previous user. The accessing party must call the AuthGlobal.getInstance().logout method when logging out or switching the user.

Payment configuration

If the accessing party has requirements on the payment configuration, submit a ticket to obtain the campaign ID, service scenario ID, and app ID. After you obtain the IDs, set them in the client code. The sample code is as follows:

  1. MPOpenBizHelper.getInstance().setBizSceneCode("Mini Program app ID", "Service scenario ID");
  2. MPOpenBizHelper.getInstance().setCampaignIds("Mini Program app ID", "Campaign ID);
  3. MPTinyHelper.getInstance().setAppName("App ID");

The client access API

AuthProvider.java

  1. package com.mpaas.nebula.adapter.alipay;
  2. /**
  3. * The accessing party needs to implement this API to obtain the authorization configuration and authorization information of the app.
  4. */
  5. public interface AuthProvider {
  6. /**
  7. * Obtain the authorization configuration.
  8. * @return The authorization configuration.
  9. */
  10. AuthConfig loadConfig();
  11. /**
  12. * Obtain the authorization information for zero login of the client. Generally, you need to access your own server to obtain the information in this method.
  13. * This method runs in a non-main thread, and therefore the accessing party does not need to create a new thread to send network requests.
  14. * @param authCode The authorization code returned by Alipay.
  15. * @return The authorization information is used for zero login.
  16. */
  17. AuthInfo fetchAuthInfoSync(String authCode);
  18. /**
  19. * To obtain the cached authorization information, the accessing party needs to cache Alipay userId and accessToken by itself.
  20. * @return The authorization information.
  21. */
  22. AuthInfo getCachedAuthInfo();
  23. }

AuthConfig.java

  1. package com.mpaas.nebula.adapter.alipay;
  2. /**
  3. * Authorization configuration
  4. */
  5. public class AuthConfig {
  6. /**
  7. * The authorization page request URL.
  8. */
  9. private String authUrl;
  10. }

AuthInfo.java

  1. package com.mpaas.nebula.adapter.alipay;
  2. public class AuthInfo {
  3. /**
  4. * The Alipay user ID.
  5. */
  6. private final String aliUid;
  7. /**
  8. * The unified user ID of the accessing party, userId.
  9. */
  10. private final String mcUid;
  11. /**
  12. * The access token.
  13. */
  14. private final String accessToken;
  15. public AuthInfo(String aliUid, String mcUid, String accessToken) {
  16. this.aliUid = aliUid;
  17. this.mcUid = mcUid;
  18. this.accessToken = accessToken;
  19. }
  20. }

AuthGlobal.java

  1. package com.mpaas.nebula.adapter.alipay;
  2. public class AuthGlobal {
  3. public static AuthGlobal getInstance();
  4. /**
  5. * The initialization API, which is added in version 10.1.68.12.
  6. * You must call this API before calling other methods.
  7. */
  8. public void init(Context context);
  9. public void setAuthProvider(AuthProvider authProvider);
  10. /**
  11. * Obtain the auth code of Alipay.
  12. * You must call it in a child thread.
  13. * @param context
  14. * @return
  15. */
  16. public AuthResult getAuthCode(Context context);
  17. /**
  18. * Clear the Alipay login state or unbind the Alipay account, which can be called in the main thread.
  19. * @param context
  20. */
  21. public void logout(Context context, boolean unbindAlipay);

Code sample

  1. AuthGlobal.getInstance().init(getApplicationContext());
  2. AuthGlobal.getInstance().setAuthProvider(new AuthProvider() {
  3. @Override
  4. public AuthConfig loadConfig() {
  5. return new AuthConfig.Builder()
  6. .setAuthUrl("https://openapi.alipay.com/gateway.do?alipay_sdk=alipay-sdk-java-3.7.4.ALL&app_id=2019040163782051&biz_content=%7B%22auth_type%22%3A%22MY_PASS_OAUTH%22%2C%22scopes%22%3A%5B%22auth_user%22%5D%2C%22state%22%3A%2210%22%2C%22is_mobile%22%3A%22true%22%7D&charset=UTF-8&format=json&method=alipay.user.info.auth&return_url=http%3A%2F%2Fzhanghutong.yuguozhou.online%2Ffirst&sign=RHLcR%2BbfgW50JgNr5e6MTT08Bnnb3%2Fyt%2B0YIObm%2Fdpq2yJtYzHKgmS2ciVrgFEk6DUKtEmipoLb8xJ8ErFQAtSS7p8AvXGGY63D95N4lm6yasUVCg2kGoofeB9OPk7GBkLkud1CY3oCbK4HgbHHnHIc43GtXuKt0QLMPivZjKgqb5u1zt%2FKscdCt8JrLG4L5vOOFGKRuh3cFq%2BVL%2Bdvaufwbut6B%2B85GjOsnvONICif8r9cxpdzlsRFoSVmYu%2F7AUM34diatlQPvKs5NOeeAg2W8QkBbQYza0f84KYrNAAeX9ITbzvc7ntiL9606qEB1OWj%2Flccm%2B1TSKQjUUjjC6A%3D%3D&sign_type=RSA2&timestamp=2019-04-28+17%3A28%3A04&version=1.0")
  7. .build();
  8. }
  9. @Override
  10. public AuthInfo fetchAuthInfoSync(String authCode) {
  11. try {
  12. URL url = new URL("http://zhanghutong.yuguozhou.online/first?isv_app_id=2019040163782051&app_id=2019040163782051&auth_code=" + authCode
  13. + "&state=10&scope=auth_user");
  14. HttpURLConnection connection = (HttpURLConnection) url.openConnection();
  15. connection.setRequestMethod("GET");
  16. connection.connect();
  17. int responseCode = connection.getResponseCode();
  18. if (responseCode == HttpURLConnection.HTTP_OK) {
  19. InputStream inputStream = connection.getInputStream();
  20. final String resp = readStream(inputStream);
  21. if (null != resp) {
  22. JSONObject jsonObject = JSON.parseObject(resp).getJSONObject("alipay_system_oauth_token_response");
  23. String aliUid = jsonObject.getString("user_id");
  24. String mcUid = jsonObject.getString("mc_user_id");
  25. String accessToken = jsonObject.getString("access_token");
  26. return new AuthInfo(aliUid, mcUid, accessToken);
  27. }
  28. }
  29. } catch (Exception e) {
  30. e.printStackTrace();
  31. }
  32. return null;
  33. }
  34. @Override
  35. public AuthInfo getCachedAuthInfo() {
  36. return new AuthInfo(aliUid, mcUid, accessToken);
  37. }
  38. });

Test and verify

After you finish the access, use the test code to verify whether the access is successful. The code sample is as follows:

  1. Executors.newSingleThreadExecutor().execute(new Runnable() {
  2. @Override
  3. public void run() {
  4. AuthResult result = AuthGlobal.getInstance().getAuthCode(MiniAppActivity.this);
  5. MPLogger.info(TAG, "result " + result.getAuthCode());
  6. AuthInfo authInfo = AuthGlobal.getInstance().loadAuthInfo(result.getAuthCode());
  7. OAuthLoginModel oAuthLoginModel = new OAuthLoginModel();
  8. oAuthLoginModel.setAccessToken(authInfo.getAccessToken());
  9. oAuthLoginModel.setAlipayUid(authInfo.getAliUid());
  10. oAuthLoginModel.setBizSource("InsideDemo");
  11. oAuthLoginModel.setMcUid(MPLogger.getUserId()); // The userid of the app.
  12. oAuthLoginModel.setOpenAuthLogin(true);
  13. try {
  14. OperationResult<OAuthLoginCode> oResult = InsideOperationService.getInstance().startAction(MiniAppActivity.this, oAuthLoginModel);
  15. MPLogger.info(TAG, "result " + oResult.toJsonString());
  16. } catch (InsideOperationService.RunInMainThreadException e) {
  17. e.printStackTrace();
  18. }
  19. }
  20. });

If the output of the preceding code sample is consistent with the following result, the access is successful.

  1. {"result":"","code":"account_3rdauthlogin_9000","memo":"Logged on successfully","op":"alipayOpenAuthLogin"}