在平時專案開發過程中,除了註冊本網站帳號登入之外,還可以呼叫第三方介面進行登入網站。這裡以微博登入為例。微博登入包含身分認證、使用者關係以及內容傳播。允許使用者使用微博帳號登入造訪第三方網站,分享內容,同步資訊。
1、首先需要引導需要授權的使用者到以下位址:
https://api.weibo.com/oauth2/authorize?client_id=YOUR_CLIENT_ID&response_type=code&redirect_uri=YOUR_REGISTERED_REDIRECT_URI
如果使用者同意授權,頁面跳到YOUR_REGISTERED_REDIRECT_URI/?code=CODE :
2、接下來要根據上面得到的code來換取Access Token:
https://api.weibo.com/oauth2/access_token?client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&grant_type=authorization_code&redirect_uri=YOUR_REGISTERED_REDIRECT_URI&code=CODE
#回傳值:JSON
{ "access_token": "SlAV32hkKG", "remind_in": 3600, "expires_in": 3600 }
3 、最後,使用獲得的OAuth2.0 Access Token呼叫API,取得使用者身份,完成使用者的登入。
為了方便,我們先將get和post封裝到application下的common.php中:
套用公用檔案common.php:
function get( $url, $_header = NULL ){ $curl = curl_init(); //curl_setopt ( $curl, CURLOPT_SAFE_UPLOAD, false); if( stripos($url, 'https://') !==FALSE ) { curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE); } curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); if ( $_header != NULL ) { curl_setopt($curl, CURLOPT_HTTPHEADER, $_header); } $ret = curl_exec($curl); $info = curl_getinfo($curl); curl_close($curl); if( intval( $info["http_code"] ) == 200 ) { return $ret; } return false;}/* * post method */function post( $url, $param ){ $oCurl = curl_init (); curl_setopt ( $oCurl, CURLOPT_SAFE_UPLOAD, false); if (stripos ( $url, "https://" ) !== FALSE) { curl_setopt ( $oCurl, CURLOPT_SSL_VERIFYPEER, FALSE ); curl_setopt ( $oCurl, CURLOPT_SSL_VERIFYHOST, false ); } curl_setopt ( $oCurl, CURLOPT_URL, $url ); curl_setopt ( $oCurl, CURLOPT_RETURNTRANSFER, 1 ); curl_setopt ( $oCurl, CURLOPT_POST, true ); curl_setopt ( $oCurl, CURLOPT_POSTFIELDS, $param ); $sContent = curl_exec ( $oCurl ); $aStatus = curl_getinfo ( $oCurl ); curl_close ( $oCurl ); if (intval ( $aStatus ["http_code"] ) == 200) { return $sContent; } else { return false; }}
控制器處理程式碼Login.php:
class Login extends \think\Controller { public function index() { $key = "****"; $redirect_uri = "***微博应用安全域名***/?backurl=***项目本地域名***/home/login/webLogin?"; //授权后将页面重定向到本地项目 $redirect_uri = urlencode($redirect_uri); $wb_url = "https://api.weibo.com/oauth2/authorize?client_id={$key}&response_type=code&redirect_uri={$redirect_uri}"; $this -> assign('wb_url',$wb_url); return view('login'); } public function webLogin(){ $key = "*****"; //接收code值 $code = input('get.code'); //换取Access Token: post方式请求 替换参数: client_id, client_secret,redirect_uri, code $secret = "********"; $redirect_uri = "********"; $url = "https://api.weibo.com/oauth2/access_token?client_id={$key}&client_secret={$secret}&grant_type=authorization_code&redirect_uri={$redirect_uri}&code={$code}"; $token = post($url, array()); $token = json_decode($token, true); //获取用户信息 : get方法,替换参数: access_token, uid $url = "https://api.weibo.com/2/users/show.json?access_token={$token['access_token']}&uid={$token['uid']}"; $info = get($url); if($info){ echo "<p>登录成功</p>"; } } }
範本程式碼login.html:
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>微博登录</title> </head> <body> <a href="{$wb_url}">点击这里进行微博登录</a> </body> </html>