Oauth.class.php
3.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
<?php
/* PHP SDK
* @version 2.0.0
* @author connect@qq.com
* @copyright © 2013, Tencent Corporation. All rights reserved.
*/
require_once(QC_CLASS_PATH.'Recorder.class.php');
require_once(QC_CLASS_PATH.'URL.class.php');
require_once(QC_CLASS_PATH.'ErrorCase.class.php');
class Oauth{
const VERSION = "2.0";
const GET_AUTH_CODE_URL = "https://graph.qq.com/oauth2.0/authorize";
const GET_ACCESS_TOKEN_URL = "https://graph.qq.com/oauth2.0/token";
const GET_OPENID_URL = "https://graph.qq.com/oauth2.0/me";
protected $recorder;
public $urlUtils;
protected $error;
function __construct(){
$this->recorder = new Recorder();
$this->urlUtils = new URL();
$this->error = new ErrorCase();
}
public function qq_login(){
$appid = $this->recorder->readInc("appid");
$callback = $this->recorder->readInc("callback");
$scope = $this->recorder->readInc("scope");
//-------生成唯一随机串防CSRF攻击
$state = md5(uniqid(rand(), TRUE));
// $this->recorder->write('state',$state);
$_SESSION['qqstate'] = $state;
//-------构造请求参数列表
$keysArr = array(
"response_type" => "code",
"client_id" => $appid,
"redirect_uri" => $callback,
"state" => $state,
"scope" => $scope
);
$login_url = $this->urlUtils->combineURL(self::GET_AUTH_CODE_URL, $keysArr);
header("Location:$login_url");
}
public function qq_callback(){
$state = $this->recorder->read("state");
//--------验证state防止CSRF攻击
// if($_GET['state'] != $state){
if ($_GET['state'] != $_SESSION['qqstate']) {
$this->error->showError("30001");
}
//-------请求参数列表
$keysArr = array(
"grant_type" => "authorization_code",
"client_id" => $this->recorder->readInc("appid"),
"redirect_uri" => urlencode($this->recorder->readInc("callback")),
"client_secret" => $this->recorder->readInc("appkey"),
"code" => $_GET['code']
);
//------构造请求access_token的url
$token_url = $this->urlUtils->combineURL(self::GET_ACCESS_TOKEN_URL, $keysArr);
$response = $this->urlUtils->get_contents($token_url);
if(strpos($response, "callback") !== false){
$lpos = strpos($response, "(");
$rpos = strrpos($response, ")");
$response = substr($response, $lpos + 1, $rpos - $lpos -1);
$msg = json_decode($response);
if(isset($msg->error)){
$this->error->showError($msg->error, $msg->error_description);
}
}
$params = array();
parse_str($response, $params);
$this->recorder->write("access_token", $params["access_token"]);
// return $params["access_token"];
// 根据业务需要改造了一下
return $params;
}
public function get_openid(){
//-------请求参数列表
$keysArr = array(
"access_token" => $this->recorder->read("access_token")
);
$graph_url = $this->urlUtils->combineURL(self::GET_OPENID_URL, $keysArr);
$response = $this->urlUtils->get_contents($graph_url);
//--------检测错误是否发生
if(strpos($response, "callback") !== false){
$lpos = strpos($response, "(");
$rpos = strrpos($response, ")");
$response = substr($response, $lpos + 1, $rpos - $lpos -1);
}
$user = json_decode($response);
if(isset($user->error)){
$this->error->showError($user->error, $user->error_description);
}
//------记录openid
$this->recorder->write("openid", $user->openid);
return $user->openid;
}
}