diff --git a/mcwl-admin/src/main/java/com/mcwl/web/controller/pay/AliPay/AliPayIntegration.java b/mcwl-admin/src/main/java/com/mcwl/web/controller/pay/AliPay/AliPayIntegration.java
index 4d02b0b..5e09966 100644
--- a/mcwl-admin/src/main/java/com/mcwl/web/controller/pay/AliPay/AliPayIntegration.java
+++ b/mcwl-admin/src/main/java/com/mcwl/web/controller/pay/AliPay/AliPayIntegration.java
@@ -14,6 +14,8 @@ import com.alipay.api.domain.AlipayFundTransUniTransferModel;
 import com.alipay.api.domain.Participant;
 import com.alipay.api.request.AlipayFundAccountQueryRequest;
 import com.alipay.api.request.AlipayFundTransUniTransferRequest;
+import com.alipay.api.request.AlipaySystemOauthTokenRequest;
+import com.alipay.api.request.AlipayUserInfoAuthRequest;
 import com.alipay.api.response.AlipayFundAccountQueryResponse;
 import com.alipay.api.response.AlipayFundTransUniTransferResponse;
 import com.alipay.easysdk.base.oauth.models.AlipaySystemOauthTokenResponse;
@@ -290,4 +292,25 @@ public class AliPayIntegration {
         alipayConfig.setSignType("RSA2");
         return alipayConfig;
     }
+
+    //TODO 绑定回调，获取openId，保存到数据库
+    public void bindingCallback(String authCode) {
+        try {
+            AlipayClient alipayClient = new DefaultAlipayClient(getAlipayConfig());
+            AlipaySystemOauthTokenRequest request = new AlipaySystemOauthTokenRequest();
+            request.setCode(authCode);
+            request.setGrantType("authorization_code");
+            com.alipay.api.response.AlipaySystemOauthTokenResponse response = alipayClient.execute(request);
+            if (response.isSuccess()) {
+                String openId = response.getOpenId(); // 支付宝用户唯一ID
+                // 将openId与当前商城用户绑定（保存到数据库）
+                System.out.println("绑定成功！openId：" + openId);
+            } else {
+                System.out.println("绑定失败：" + response.getSubMsg());
+            }
+
+        } catch (AlipayApiException e) {
+            throw new RuntimeException(e);
+        }
+    }
 }
diff --git a/mcwl-admin/src/main/java/com/mcwl/web/controller/pay/AliPay/OrderTradeController.java b/mcwl-admin/src/main/java/com/mcwl/web/controller/pay/AliPay/OrderTradeController.java
index e6f9d4b..292f439 100644
--- a/mcwl-admin/src/main/java/com/mcwl/web/controller/pay/AliPay/OrderTradeController.java
+++ b/mcwl-admin/src/main/java/com/mcwl/web/controller/pay/AliPay/OrderTradeController.java
@@ -1,8 +1,13 @@
 package com.mcwl.web.controller.pay.AliPay;
 
 import cn.hutool.core.lang.UUID;
+import cn.hutool.core.util.RandomUtil;
 import cn.hutool.extra.qrcode.QrCodeUtil;
+import cn.hutool.json.JSON;
 import cn.hutool.json.JSONUtil;
+import com.alipay.api.AlipayApiException;
+import com.alipay.api.request.AlipaySystemOauthTokenRequest;
+import com.alipay.easysdk.base.oauth.models.AlipaySystemOauthTokenResponse;
 import com.alipay.easysdk.factory.Factory;
 import com.alipay.easysdk.kernel.Config;
 import com.alipay.easysdk.payment.common.models.AlipayTradeQueryResponse;
@@ -23,9 +28,13 @@ import org.springframework.web.bind.annotation.*;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Random;
 
 /**
  * @Author：ChenYan
@@ -54,6 +63,29 @@ public class OrderTradeController extends BaseController {
     @Autowired
     private RedisCache redisCache;
 
+
+    @GetMapping("/generateQrCode")
+    public void generateQrCode(HttpServletResponse response) throws Exception {
+        String scope = "auth_user"; // 需要获取用户信息
+        String state = RandomUtil.randomString(3); // 防止CSRF攻击
+
+        String encodedRedirectUri = URLEncoder.encode("https://3195d9a3.r27.cpolar.top/web/pay/callback", "UTF-8");
+        String authUrl = String.format(
+                "https://openauth.alipay.com/oauth2/publicAppAuthorize.htm?app_id=%s&scope=%s&redirect_uri=%s&state=%s",
+                "2021005114616085", scope, encodedRedirectUri, state
+        );
+
+        QrCodeUtil.generate(authUrl, 300, 300, "png", response.getOutputStream());
+    }
+
+    @GetMapping("/callback")
+    public void callback(@RequestParam("auth_code") String authCode) {
+
+        System.out.println("authCode = " + authCode);
+        aliPayIntegration.bindingCallback(authCode);
+
+    }
+
     /**
      * 查询列表
      */
diff --git a/mcwl-admin/src/main/java/com/mcwl/web/controller/resource/ToActivityController.java b/mcwl-admin/src/main/java/com/mcwl/web/controller/resource/ToActivityController.java
index 31ff596..9d7e514 100644
--- a/mcwl-admin/src/main/java/com/mcwl/web/controller/resource/ToActivityController.java
+++ b/mcwl-admin/src/main/java/com/mcwl/web/controller/resource/ToActivityController.java
@@ -37,7 +37,7 @@ public class ToActivityController extends BaseController {
     @PostMapping("/list")
     public TableDataInfo list(@RequestBody ToActivity toActivity)
     {
-        startPage();
+//        startPage();
         List<ToActivity> list = toActivityService.selectToActivityList(toActivity);
         return getDataTable(list);
     }
diff --git a/mcwl-framework/src/main/java/com/mcwl/framework/config/SecurityConfig.java b/mcwl-framework/src/main/java/com/mcwl/framework/config/SecurityConfig.java
index 31218f8..2507c22 100644
--- a/mcwl-framework/src/main/java/com/mcwl/framework/config/SecurityConfig.java
+++ b/mcwl-framework/src/main/java/com/mcwl/framework/config/SecurityConfig.java
@@ -129,7 +129,7 @@ public class SecurityConfig
             .authorizeHttpRequests((requests) -> {
                 permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
                 // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                requests.antMatchers("/login", "/register", "/captchaImage","/web/pay/doPay","/web/pay/notify").permitAll()
+                requests.antMatchers("/login", "/register", "/captchaImage","/web/pay/doPay","/web/pay/notify","/web/pay/generateQrCode","/web/pay/callback").permitAll()
                     // 静态资源，可匿名访问
                     .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                     .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
diff --git a/mcwl-resource/src/main/java/com/mcwl/resource/service/impl/ToActivityServiceImpl.java b/mcwl-resource/src/main/java/com/mcwl/resource/service/impl/ToActivityServiceImpl.java
index fe21434..8e9b06a 100644
--- a/mcwl-resource/src/main/java/com/mcwl/resource/service/impl/ToActivityServiceImpl.java
+++ b/mcwl-resource/src/main/java/com/mcwl/resource/service/impl/ToActivityServiceImpl.java
@@ -2,6 +2,7 @@ package com.mcwl.resource.service.impl;
 
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.mcwl.common.utils.StringUtils;
 import com.mcwl.resource.domain.ModelProduct;
 import com.mcwl.resource.domain.ToActivity;
 import com.mcwl.resource.mapper.ToActivityMapper;
@@ -31,7 +32,7 @@ public class ToActivityServiceImpl extends ServiceImpl<ToActivityMapper, ToActiv
     @Override
     public List<ToActivity> selectToActivityList(ToActivity toActivity) {
         LambdaQueryWrapper<ToActivity> queryWrapper = new LambdaQueryWrapper<>();
-        queryWrapper.eq(ToActivity::getActivityName, toActivity.getActivityName());
+        queryWrapper.eq(StringUtils.isNotBlank(toActivity.getActivityName()),ToActivity::getActivityName, toActivity.getActivityName());
         return toActivityMapper.selectList(queryWrapper);
     }