QQ login OAuth2.0 processing flow


The QQ login OAuth2.0 process mainly includes the following three steps:
1. Obtain the access_token;
2. Obtain the openid corresponding to the user identity based on the access_token;
3. Call based on the access_token and openid OpenAPI, to request access to or modify user-authorized resources (such as user information, logs, photo albums, talks, etc.).

In order to facilitate quick access to the website, QQ login provides JS SDK. Paste the code into the web page to realize the QQ login function.
In order to facilitate quick access to mobile applications, QQ login provides Android SDK and IOS SDK. The application only needs to modify a small amount of code to quickly implement the QQ login function.

Step1: Obtain access_token

QQ login OAuth2.0 is provided for websites, mobile applications, and desktop applications respectively. Different login verification and authorization processes currently provide the following two ways to obtain access tokens:

1. Server-side mode
is the Authorization Code mode mentioned in the OAuth official document, which is suitable for users who need to obtain access tokens from Applications accessed by the web server.

2. client-side mode
It is the Implicit mode mentioned in the OAuth official document, which is suitable for access through the client.

The above two modes only differ when obtaining access_token. The subsequent methods of obtaining openid and calling API are the same.
After successful login, the developer will get the access token representing the login information. This parameter will be used to access user authorization information.
The access token is generated every time a user logs in. The expiration time defaults to three months and is automatically refreshed when the user logs in again.

#Step2: Obtain the openid corresponding to the user identity based on the access_token

Request address:
PC Website: https://graph.qq.com/oauth2.0/me
WAP website: https://graph.z.qq.com/moc2/me

Request method:
GET

Request parameters:

Please include the following content for the request parameters:

QQ截图20170209150321.png

Return instructions:
When the PC website is accessed, the user OpenID is obtained, and the return package is as follows:

callback( {"client_id":"YOUR_APPID","openid":"YOUR_OPENID"} );


When the WAP website is accessed, the following string is returned:

client_id=100222222&openid=1704************************878C


openid is the only identifier corresponding to the user's identity on this website. The website can store this ID to identify the user's identity when they log in next time, or bind it to the user's original account on the website. .

Error code description:

When there is an error in the interface call, the code and msg fields will be returned in the form of a url parameter pair, and the value part will be url encoded ( UTF-8).

When accessing the PC website, for detailed information about the error code, please refer to: 100000-100031: Public return code when accessing the PC website.

When accessing the WAP website, please see the error code details: 9000-9999: An error occurred when obtaining the openid of the corresponding user identity based on the Access Token.

Step3: Call OpenAPI to request access or modify user-authorized resources

The following three values ​​need to be used when calling OpenAPI:
YOUR_APP_ID: assigned after successfully applying for QQ login appid (such as 222222)
YOUR_ACCESS_TOKEN: The access token obtained in Step 1 must not expire (such as E0632E6CE12AC709999)
YOUR_OPENID: The openid obtained in Step 2, the user's unique identifier (such as B9DD537D1C5C98A9999)