欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  php教程

[PHP] Oauth授权和本地加密

程序员文章站 2022-03-30 20:04:53
...
1.Oauth(开放授权)是一个开放标准,允许用户让第三方应用访问该用户在某一网站上存储的私密资源(如照片,视频,联系人列表),而无需将用户名和密码提供给第三方

关键字:appKey appSecret token(令牌)

2.SSO授权

如果本地手机装有微博客户端,则直接跳转到微博客户端,只需点击授权按钮,就可以登陆了

qq第三方登陆使用Oauth2.0实现,测试代码

点击下面的连接

https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=101334262&redirect_uri=http://www.qingguow.cn/sso.php

具体代码sso.php文件:

php
// qq登陆类
class Sso{
    const APP_ID="101334262";
    const APP_KEY="xxxxxxxxxxxxxxx";
    //初始化
    public static function init(){
        header("content-type:text/html;charset=utf-8");
    }
        //主函数
    public static function main(){
        //请求控制
        $action=$_GET['action'];
        if(!empty($action)){
            Sso::$action();
            return;
        }
       
        $par = 'grant_type=authorization_code'
        . '&client_id='.Sso::APP_ID
        . '&client_secret='.Sso::APP_KEY
        . '&code='.$_REQUEST['code']
        . '&redirect_uri='.urlencode('http://www.qingguow.cn/sso.php');
        $rec=Sso::postUrlContents("https://graph.qq.com/oauth2.0/token",$par);
        if(strpos($rec, 'access_token') !== false) {
            parse_str($rec, $accessToken);
            $openidJson=Sso::getUrlContents("https://graph.qq.com/oauth2.0/me?callback=callback&access_token={$accessToken['access_token']}");
            $openidJson=str_replace("callback( ", "", $openidJson);
            $openidJson=str_replace(");", "", $openidJson);
            $openidJson=json_decode($openidJson,true);
            header("location:sso.php?action=getQQinfo&openid={$openidJson['openid']}&access_token={$accessToken['access_token']}");
        }
    }
    //获取用户信息
    public static function getQQinfo(){
        Sso::init();
        $openid=$_GET['openid'];
        $access_token=$_GET['access_token'];
        $userJson=Sso::getUrlContents("https://graph.qq.com/user/get_user_info?openid={$openid}&access_token={$access_token}&oauth_consumer_key=".Sso::APP_ID);
        $user=json_decode($userJson,true);
        print_r($user);
    }
    //get方式请求数据
    public static function getUrlContents($url){
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
        curl_setopt($ch, CURLOPT_HEADER, false);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_REFERER, $url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
        $result = curl_exec($ch);
        curl_close($ch);
        return $result;
    }
    //post请求数据
    public static function postUrlContents($url,$data = null){
        $curl = curl_init();
        curl_setopt($curl, CURLOPT_URL, $url);
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE);
        if (!empty($data)){
        curl_setopt($curl, CURLOPT_POST, 1);
        curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
        }
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
        $output = curl_exec($curl);
        curl_close($curl);
        return $output;
    }

}
Sso::main();