微信开发之——JSSDK,通过config接口注入权限验证配置

步骤1：绑定域名

步骤2：引入js

步骤3：通过config接口注入权限验证配置

$(function(){	var url = window.location.href;	//Ajax注入权限验证	$.ajax({		url:"${basePath }JSSDK/ticket.do",		dataType: 'json',		data: {"url" : url},		complete: function(xmlHttPRequest, textStatus){					},		error: function(xmlhttpRequest, textStatus, errorThrown){			alert("发生错误："+errorThrown);		},		success: function(res){			var appId = res.appId;			var noncestr = res.noncestr;			var jsapi_ticket = res.jsapi_ticket;			var timestamp = res.timestamp;			var signature = res.signature;			wx.config({			    debug: true, //开启调试模式,调用的所有api的返回值会在客户端alert出来，若要查看传入的参数，可以在pc端打开，参数信息会通过log打出，仅在pc端时才会打印。			    appId: appId, //必填，公众号的唯一标识			    timestamp: timestamp, // 必填，生成签名的时间戳			    nonceStr: noncestr, //必填，生成签名的随机串			    signature: signature,// 必填，签名，见附录1			    jsApiList: ['onMenuShareTimeline','onMenuShareAppMessage','onMenuShareQQ',			                'onMenuShareWeibo','onMenuShareQZone','chooseImage',			                'uploadImage','downloadImage','startRecord','stopRecord',			                'onVoiceRecordEnd','playVoice','pauseVoice','stopVoice'] //必填，需要使用的JS接口列表，所有JS接口列表 见附录2			});		}	});}); 
${appId} 是公众号配置里获得。
${jsapi_ticket}进入后台页面访问接口获得。
url 当前web页的地址。
jsApiList 需要使用的JS接口列表。
后台代码入下(主要获取jsapi_ticket以便生成签名signature,传递给前台)：
	@RequestMapping(value = "/ticket.do")	public void getSignature(HttpServletRequest request, HttpServletResponse response, Model model){		String weburl = request.getParameter("url");		Long timestamp = System.currentTimeMillis()/1000;		int noncestr = new Random().nextInt();				accessTokenUtil accessTokenUtil = new AccessTokenUtil();		String accessToken = accessTokenUtil.getAccessToken();		//获取jsapi_ticket		String jsapi_ticket = null;		try {			String url = "https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=" + accessToken + "&type=jsapi";			String responseText = HttpUtil.get(url);			jsapi_ticket = null;			JSONObject object = JSONObject.fromObject(responseText);			if (object.containsKey("ticket")) {				jsapi_ticket = object.getString("ticket");			}		} catch (Exception e) {			// TODO Auto-generated catch block			e.printStackTrace();		}				//生成signature		List<String> nameList = new ArrayList<String>();		nameList.add("noncestr");		nameList.add("timestamp");		nameList.add("url");		nameList.add("jsapi_ticket");		Map<String, Object> valueMap = new HashMap<String, Object>();		valueMap.put("noncestr", noncestr);		valueMap.put("timestamp", timestamp);		valueMap.put("url", weburl);		valueMap.put("jsapi_ticket", jsapi_ticket);		Collections.sort(nameList);		String origin = "";		for (int i = 0; i < nameList.size(); i++) {			origin += nameList.get(i) + "=" + valueMap.get(nameList.get(i)).toString() + "&";		}		origin = origin.substring(0, origin.length() - 1);		String signature = sha1(origin);		Map<String, Object> map = new HashMap<String, Object>();		map.put("jsapi_ticket", jsapi_ticket);		map.put("appId", WXAccount.appid);		map.put("signature", signature.toLowerCase());		map.put("timestamp", timestamp.toString());		map.put("noncestr", String.valueOf(noncestr));		response.setContentType("application/json; charset=utf-8");		PrintWriter writer = null;		try {			writer = response.getWriter();			JSONObject responSEObject = JSONObject.fromObject(map);			writer.print(responseObject);		} catch (IOException e) {			// TODO Auto-generated catch block			e.printStackTrace();		}finally{			writer.flush();			writer.close();		}			}
注意：变量timestamp、noncestr 必须作为String型传递给后台，否则 IOS将一直报错 config:fail
部分摘自微信开发者文档......