Home >Backend Development >PHP Tutorial >out QQ login PHP OAuth sample code

out QQ login PHP OAuth sample code

WBOY
WBOYOriginal
2016-07-29 08:46:171181browse

Written according to official documents

Copy the code The code is as follows:


/**
* Apply http://connect.opensns.qq.com/apply
* List http://connect.opensns.qq.com/my
*/
session_start();
$qq_oauth_config = array(
'oauth_consumer_key'=>'*******',//APP ID
'oauth_consumer_secret'=>'******************',//APP KEY
'oauth_callback'=>"http://www.955.cc/qq.php?action=reg",//这里修改为当前脚本,但是要保留?action=reg
'oauth_request_token_url'=>"http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token",
'oauth_authorize_url'=>'http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize',
'oauth_request_access_token_url'=>'http://openapi.qzone.qq.com/oauth/qzoneoauth_access_token',
'user_info_url' => 'http://openapi.qzone.qq.com/user/get_user_info',
);
$action = isset($_GET['action']) ? $_GET['action'] : '';
$qq = new qq_oauth($qq_oauth_config);
switch($action){
//用户登录 Step1:请求临时token
case 'login':
$token = $qq->oauth_request_token();
$_SESSION['oauth_token_secret'] = $token['oauth_token_secret'];
$qq->authorize($token['oauth_token']);
break;
//Step4:Qzone引导用户跳转到第三方应用
case 'reg':
$qq->register_user();
$access_token = $qq->request_access_token();
if($token = $qq->save_access_token($access_token)){
//保存,一般发给用户cookie,以及用户入库
//var_dump($token);
$_SESSION['oauth_token'] = $token['oauth_token'];
$_SESSION['oauth_token_secret'] = $token['oauth_token_secret'];
$_SESSION['openid'] = $token['openid'];
header('Content-Type: text/html; charset=utf-8');
$user_info = json_decode($qq->get_user_info());
if($user_info->ret!=0){
exit("获取头像昵称时发生错误".$user_info->msg);
} else {
echo 'QQ昵称:',$user_info->nickname,
'',
'',
'';
}
}
break;
default :
}
class qq_oauth{
private $config;
function __construct($config){
$this->config = $config;
}
/**
* Return configuration
* @param string $name
*
*/
function C($name){
return isset($this->config[$name]) ? $this->config[$name] : FALSE;
}
/**
* Build request URL
* @param string $url
* @param array $params
* @param string $oauth_token_secret
*
*/
function build_request_uri($url,$params=array(),$oauth_token_secret=''){
$oauth_consumer_key = $this->C('oauth_consumer_key');
$oauth_consumer_secret = $this->C('oauth_consumer_secret');
$params = array_merge(array(
'oauth_version'=>'1.0',
'oauth_signature_method'=>'HMAC-SHA1',
'oauth_timestamp'=>time(),
'oauth_nonce'=>rand(1000,99999999),
'oauth_consumer_key'=>$oauth_consumer_key,
),$params);
$encode_params = $params;
ksort($encode_params);
$oauth_signature = 'GET&'.urlencode($url).'&'.urlencode(http_build_query($encode_params));
$oauth_signature = base64_encode(hash_hmac('sha1',$oauth_signature,$oauth_consumer_secret.'&'.$oauth_token_secret,true));
$params['oauth_signature'] = $oauth_signature;
return $url.'?'.http_build_query($params);
}
/**
* Verify whether the callback returns the agreed parameters
*/
function check_callback(){
if(isset($_GET['oauth_token']))
if(isset($_GET['openid']))
if(isset($_GET['oauth_signature']))
if(isset($_GET['timestamp']))
if(isset($_GET['oauth_vericode']))
return true;
return false;
}
function get_contents($url){
$curl = curl_init();
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_URL,$url);
return curl_exec($curl);
}
/**
* Step1: Request temporary token, Step2: Generate unauthorized temporary token
*/
function oauth_request_token(){
$url = $this->build_request_uri($this->C('oauth_request_token_url'));
$tmp_oauth_token = $this->get_contents($url);
parse_str($tmp_oauth_token);
/*
oauth_token 未授权的临时token
oauth_token_secret token的密钥,该密钥仅限于临时token
error_code 错误码
*/
if(isset($error_code)) exit($error_code);
return array(
'oauth_token'=>$oauth_token,
'oauth_token_secret'=>$oauth_token_secret
);
}
/**
* Step3: Guide the user to the Qzone login page
* @param string $oauth_token Unauthorized temporary token
*/
function authorize($oauth_token){
$str = "HTTP/1.1 302 Found";
header($str);
$url = $this->C('oauth_authorize_url' );
$query_strings = http_build_query(array(
'oauth_consumer_key'=>$this->C('oauth_consumer_key'),
'oauth_token'=>$oauth_token,
'oauth_callback'=>$this-> ;C('oauth_callback'),
));
header('Location: '.$url.'?'.$query_strings);
}
/**
* Step4: Qzone guides users to jump to third-party applications
* @return bool Verify whether it is valid
*/
function register_user(){
/ *
* oauth_token Authorized temporary token
* openid Tencent user's unified external ID, the OpenID corresponds to the user's QQ number one-to-one
* oauth_signature signature value, which facilitates third parties to verify the reliability of the openid and source.
* Use HMAC-SHA1 algorithm:
* Source string: openid+timestamp (do not add the '+' symbol in the middle of the string)
* Key: oauth_consumer_secret
* timestamp timestamp of openid
* oauth_vericode authorization verification code.
*/
if($this->check_callback()){
//Verify signature
$signature = base64_encode(hash_hmac('sha1',$_GET['openid'].$_GET['timestamp'], $this->C('oauth_consumer_secret'),true));
if(!emptyempty($_GET['oauth_signature']) && $signature==$_GET['oauth_signature']){
$_SESSION['oauth_token '] = $_GET['oauth_token'];
$_SESSION['oauth_vericode'] = $_GET['oauth_vericode'];
return;
}
}
//Verification failed
exit('UNKNOW REQUEST') ;
}
/**
* Step5: Request access token
*/
function request_access_token(){
$url = $this->build_request_uri($this->C('oauth_request_access_token_url'),array(
'oauth_token'=> $_SESSION['oauth_token'],
'oauth_vericode'=>$_SESSION['oauth_vericode']
),$_SESSION['oauth_token_secret']);
return $this->get_contents($url);
}
/**
* Step6: Generate access token (save access token)
*
* About access_token
* At present, access_token (and its secret) are valid for a long time and correspond to a certain openid. Currently, the information of the openid can be obtained offline.
* Of course, the user has the authority to delete the authorization to the third party on Qzone. At this time, the access_token will become invalid and the entire process needs to be re-authorized by the user.
* In the future, the validity of access_token will be gradually enriched, including long-term validity, short-term validity, validity only when the user logs in, etc.
*/
function save_access_token($access_token_str){
parse_str($access_token_str,$access_token_arr);
if(isset($access_token_arr['error_code'])){
return FALSE;
} else {
return $access_token_arr;
}
}
/**
* Currently Tencent only opens this API
* Obtain logged in user information. Currently, user nickname and avatar information can be obtained.
* http://openapi.qzone.qq.com/user/get_user_info
*/
function get_user_info(){
$url = $this->build_request_uri($this->C('user_info_url'),array(
' oauth_token'=>$_SESSION['oauth_token'],
'openid'=>$_SESSION['openid'],
),$_SESSION['oauth_token_secret']);
return $this->get_contents($ url);
}
}


File package download qq_php.rar
Reprinted from: http://dev.meettea.com

The above introduces the out QQ login PHP OAuth sample code, including out content. I hope it will be helpful to friends who are interested in PHP tutorials.

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn