GAM WeChat Authentication type

Official Content
This documentation is valid for:

The WeChat Authentication type is supported for Web1 and SD2 platforms.

The configuration is done in two parts:

  • WeChat backend configuration for Web and SD
  • GAM backend configuration for Web environments
  • GAM backend configuration for SD environments

WeChat backend: Application Registration

Login or create an account in https://open.weixin.qq.com/ and follow the registration process.

Create a Website Application

Go to the "Management Center", click "Create Mobile App" or "Create Website App", and fill in the relevant information. Then, submit this app for review. Development can start after the app is approved.

WechatAuthenticationType02

The review will complete the review within seven business days. After the app is approved, the Open Platform will allocate a globally unique AppID and AppSecret.

Set the Authorization callback domain

Fill in a valid domain name required for the development process. Users can only call back to pages under this domain name after logging in with a WeChat account.

WechatAuthenticationType03

WeChat Smart Devices configuration

Create a Mobile Application

Go to the "Management Center", click "Create Mobile App", and fill in the relevant information. Then, submit this app for review. Development can start after the app is approved.

WechatAuthenticationType04

iOS

The Bundle Id property must match the Apple Bundle Identifier property.
The Universal Links property must match the Deep Link Base URL property.

Android

The App Signature must be calculated with the following application (more information).
The Package Name property must match the Android Package Name property.

GAM backend - Web

Add a new WeChat Authentication Type and complete all parameters, the following must match the WeChat configuration:

  • Client ID: the AppId value assigned by WeChat.
  • Client Secret: the AppSecret generated (do not forget this value as it is only generated once)
  • Local site URL: complete URL to return to, for example:
http://sampleURL/appname

GAM backend - SD

Add a new WeChat Authentication Type and complete all parameters, the following must match the WeChat configuration:

  • Client ID: the AppId value assigned by WeChat.
  • Client Secret: the AppSecret generated (do not forget this value as it is only generated once)
  • Local site URL: complete URL to return to.

Notice, if you have two Wechat Authentication types (one for Web and one for SD), make sure the secondary authentication Type Impersonaes with the first one using the same property value.

Use Case

Once all configuration is done, the normal flow of execution is the following.

The use executes an object with security, so it is redirected to the GAM Login.

Select the "sign in with WeChat" option

The site is redirected to WeChat, use the WeChat application and scan the associated QRCode

WechatAuthenticationType01

Confirm on your cell phone, you will get redirected to the GeneXus object.

Considerations

The GAM UserName assigned as key in the GAM database is related to the WeChat UnionId element as no UserName is returned. If you want to use the openid parameter, it is stored on the GAM URLProfile property as follows:

openid=SomeCodeHere

Smart Devices

To be used with Smart Devices, you need to create a secondary Wechat Authentication type with the correct parameters set. From coding is mandatory to use the LoginExternalAdditionalParameters

Composite
        &LoginExternalAdditionalParameters.AuthenticationTypeName = &name
        &LoginOK = GeneXus.SD.Actions.LoginExternal(GAMAuthenticationTypes.WeChat, &User, &Password, &LoginExternalAdditionalParameters)
EndComposite

Troubleshooting

Access token error. Contact the application administrator

Running a Smart Devices application, cannot be authenticated with Wechat, the following error appears on the GAM log

Start Execute: method 'POST', name 'https://api.weixin.qq.com/sns/oauth2/access_token'
_responseString {"errcode":40029,"errmsg":"invalid code, hints: [ req_id: dbnAHFyFe-E60YAa ]"}
...
&Errors.:[{"Code":204,"Message":"appname 访问令牌错误。请与应用程序管理员联系。"}]
Access token error. Contact the application administrator

Review the configuration for the Authentication type for Smart Devices and Wechat, if the correct Authentication Type is not set, the first Wechat Authentication is used.

Availability

1 - Since GeneXus 16 upgrade 8 for Web generators.

2 - Since GeneXus 16 upgrade 9 for Smart Devices generators.