[PHP] Oauth授权和本地加密

一.Oauth(开放授权)是二个盛开标准,允许用户让第三方选取访问该用户在某一网址上存款和储蓄的私密财富(如照片,摄像,联系人列表),而无需将用户名和密码提必要第一方

 

关键字:appKey appSecret
token(令牌)

 

2.SSO授权

若是地点手提式有线电电话机装有新浪客户端,则直接跳转到搜狐客户端,只需点击授权按钮,就能够登6了

 

qq第二方登6使用Oauth2.0达成,测试代码

点击下边包车型客车连年

https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=101334262&redirect_uri=http://www.qingguow.cn/sso.php

 

切实代码sso.php文件:

<?php
// qq登陆类
class Sso{
    const APP_ID="101334262";
    const APP_KEY="xxxxxxxxxxxxxxx";
    //初始化
    public static function init(){
        header("content-type:text/html;charset=utf-8");
    }
        //主函数
    public static function main(){
        //请求控制
        $action=$_GET['action'];
        if(!empty($action)){
            Sso::$action();
            return;
        }

        $par = 'grant_type=authorization_code'
        . '&client_id='.Sso::APP_ID
        . '&client_secret='.Sso::APP_KEY
        . '&code='.$_REQUEST['code']
        . '&redirect_uri='.urlencode('http://www.qingguow.cn/sso.php');
        $rec=Sso::postUrlContents("https://graph.qq.com/oauth2.0/token",$par);
        if(strpos($rec, 'access_token') !== false) {
            parse_str($rec, $accessToken);
            $openidJson=Sso::getUrlContents("https://graph.qq.com/oauth2.0/me?callback=callback&access_token={$accessToken['access_token']}");
            $openidJson=str_replace("callback( ", "", $openidJson);
            $openidJson=str_replace(");", "", $openidJson);
            $openidJson=json_decode($openidJson,true);
            header("location:sso.php?action=getQQinfo&openid={$openidJson['openid']}&access_token={$accessToken['access_token']}");
        }
    }
    //获取用户信息
    public static function getQQinfo(){
        Sso::init();
        $openid=$_GET['openid'];
        $access_token=$_GET['access_token'];
        $userJson=Sso::getUrlContents("https://graph.qq.com/user/get_user_info?openid={$openid}&access_token={$access_token}&oauth_consumer_key=".Sso::APP_ID);
        $user=json_decode($userJson,true);
        print_r($user);
    }
    //get方式请求数据
    public static function getUrlContents($url){
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
        curl_setopt($ch, CURLOPT_HEADER, false);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_REFERER, $url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
        $result = curl_exec($ch);
        curl_close($ch);
        return $result;
    }
    //post请求数据
    public static function postUrlContents($url,$data = null){
        $curl = curl_init();
        curl_setopt($curl, CURLOPT_URL, $url);
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE);
        if (!empty($data)){
        curl_setopt($curl, CURLOPT_POST, 1);
        curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
        }
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
        $output = curl_exec($curl);
        curl_close($curl);
        return $output;
    }

}
Sso::main();

 

相关文章