|
|
復(fù)制代碼 代碼如下:
<?php
/**
* 申請(qǐng)http://connect.opensns.qq.com/apply
* 列表http://connect.opensns.qq.com/my
*/
session_start();
$qq_oauth_config = array(
'oauth_consumer_key'=>'*******',//APP ID
'oauth_consumer_secret'=>'******************',//APP KEY
'oauth_callback'=>"http://www.955.cc/qq.php?action=reg",//這里修改為當(dāng)前腳本,但是要保留?action=reg
'oauth_request_token_url'=>"http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token",
'oauth_authorize_url'=>'http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize',
'oauth_request_access_token_url'=>'http://openapi.qzone.qq.com/oauth/qzoneoauth_access_token',
'user_info_url' => 'http://openapi.qzone.qq.com/user/get_user_info',
);
$action = isset($_GET['action']) ? $_GET['action'] : '';
$qq = new qq_oauth($qq_oauth_config);
switch($action){
//用戶登錄 Step1:請(qǐng)求臨時(shí)token
case 'login':
$token = $qq->oauth_request_token();
$_SESSION['oauth_token_secret'] = $token['oauth_token_secret'];
$qq->authorize($token['oauth_token']);
break;
//Step4:Qzone引導(dǎo)用戶跳轉(zhuǎn)到第三方應(yīng)用
case 'reg':
$qq->register_user();
$access_token = $qq->request_access_token();
if($token = $qq->save_access_token($access_token)){
//保存,一般發(fā)給用戶cookie,以及用戶入庫(kù)
//var_dump($token);
$_SESSION['oauth_token'] = $token['oauth_token'];
$_SESSION['oauth_token_secret'] = $token['oauth_token_secret'];
$_SESSION['openid'] = $token['openid'];
header('Content-Type: text/html; charset=utf-8');
$user_info = json_decode($qq->get_user_info());
if($user_info->ret!=0){
exit("獲取頭像昵稱時(shí)發(fā)生錯(cuò)誤".$user_info->msg);
} else {
echo 'QQ昵稱:',$user_info->nickname,
'<img src="',$user_info->figureurl,'" />',
'<img src="',$user_info->figureurl_1,'" />',
'<img src="',$user_info->figureurl_2,'" />';
}
}
break;
default :
}
class qq_oauth{
private $config;
function __construct($config){
$this->config = $config;
}
/**
* 返回配置
* @param string $name
*
*/
function C($name){
return isset($this->config[$name]) ? $this->config[$name] : FALSE;
}
/**
* 構(gòu)建請(qǐng)求URL
* @param string $url
* @param array $params
* @param string $oauth_token_secret
*
*/
function build_request_uri($url,$params=array(),$oauth_token_secret=''){
$oauth_consumer_key = $this->C('oauth_consumer_key');
$oauth_consumer_secret = $this->C('oauth_consumer_secret');
$params = array_merge(array(
'oauth_version'=>'1.0',
'oauth_signature_method'=>'HMAC-SHA1',
'oauth_timestamp'=>time(),
'oauth_nonce'=>rand(1000,99999999),
'oauth_consumer_key'=>$oauth_consumer_key,
),$params);
$encode_params = $params;
ksort($encode_params);
$oauth_signature = 'GET&'.urlencode($url).'&'.urlencode(http_build_query($encode_params));
$oauth_signature = base64_encode(hash_hmac('sha1',$oauth_signature,$oauth_consumer_secret.'&'.$oauth_token_secret,true));
$params['oauth_signature'] = $oauth_signature;
return $url.'?'.http_build_query($params);
}
/**
* 校驗(yàn)回調(diào)是否返回約定的參數(shù)
*/
function check_callback(){
if(isset($_GET['oauth_token']))
if(isset($_GET['openid']))
if(isset($_GET['oauth_signature']))
if(isset($_GET['timestamp']))
if(isset($_GET['oauth_vericode']))
return true;
return false;
}
function get_contents($url){
$curl = curl_init();
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_URL,$url);
return curl_exec($curl);
}
/**
* Step1:請(qǐng)求臨時(shí)token、Step2:生成未授權(quán)的臨時(shí)token
*/
function oauth_request_token(){
$url = $this->build_request_uri($this->C('oauth_request_token_url'));
$tmp_oauth_token = $this->get_contents($url);
parse_str($tmp_oauth_token);
/*
oauth_token 未授權(quán)的臨時(shí)token
oauth_token_secret token的密鑰,該密鑰僅限于臨時(shí)token
error_code 錯(cuò)誤碼
*/
if(isset($error_code)) exit($error_code);
return array(
'oauth_token'=>$oauth_token,
'oauth_token_secret'=>$oauth_token_secret
);
}
/**
* Step3:引導(dǎo)用戶到Qzone的登錄頁(yè)
* @param string $oauth_token 未授權(quán)的臨時(shí)token
*/
function authorize($oauth_token){
$str = "HTTP/1.1 302 Found";
header($str);
$url = $this->C('oauth_authorize_url');
$query_strings = http_build_query(array(
'oauth_consumer_key'=>$this->C('oauth_consumer_key'),
'oauth_token'=>$oauth_token,
'oauth_callback'=>$this->C('oauth_callback'),
));
header('Location: '.$url.'?'.$query_strings);
}
/**
* Step4:Qzone引導(dǎo)用戶跳轉(zhuǎn)到第三方應(yīng)用
* @return bool 驗(yàn)證是否有效
*/
function register_user(){
/*
* oauth_token 已授權(quán)的臨時(shí)token
* openid 騰訊用戶對(duì)外的統(tǒng)一ID,該OpenID與用戶QQ號(hào)碼一一對(duì)應(yīng)
* oauth_signature 簽名值,方便第三方來(lái)驗(yàn)證openid以及來(lái)源的可靠性。
* 使用HMAC-SHA1算法:
* 源串:openid+timestamp(串中間不要添加'+'符號(hào))
* 密鑰:oauth_consumer_secret
* timestamp openid的時(shí)間戳
* oauth_vericode 授權(quán)驗(yàn)證碼。
*/
if($this->check_callback()){
//校驗(yàn)簽名
$signature = base64_encode(hash_hmac('sha1',$_GET['openid'].$_GET['timestamp'],$this->C('oauth_consumer_secret'),true));
if(!emptyempty($_GET['oauth_signature']) && $signature==$_GET['oauth_signature']){
$_SESSION['oauth_token'] = $_GET['oauth_token'];
$_SESSION['oauth_vericode'] = $_GET['oauth_vericode'];
return;
}
}
//校驗(yàn)未通過(guò)
exit('UNKNOW REQUEST');
}
/**
* Step5:請(qǐng)求access token
*/
function request_access_token(){
$url = $this->build_request_uri($this->C('oauth_request_access_token_url'),array(
'oauth_token'=>$_SESSION['oauth_token'],
'oauth_vericode'=>$_SESSION['oauth_vericode']
),$_SESSION['oauth_token_secret']);
return $this->get_contents($url);
}
/**
* Step6:生成access token (保存access token)
*
* 關(guān)于access_token
* 目前access_token(及其secret)是長(zhǎng)期有效的,和某一個(gè)openid對(duì)應(yīng),目前可以支持線下獲取該openid的信息。
* 當(dāng)然,用戶有權(quán)限在Qzone這邊刪除對(duì)第三方的授權(quán),此時(shí)該access_token會(huì)失效,需要重新走整個(gè)流程讓用戶授權(quán)。
* 以后會(huì)逐步豐富access_token的有效性,長(zhǎng)期有效、短期有效、用戶登錄時(shí)才有效等。
*/
function save_access_token($access_token_str){
parse_str($access_token_str,$access_token_arr);
if(isset($access_token_arr['error_code'])){
return FALSE;
} else {
return $access_token_arr;
}
}
/**
* 目前騰訊僅開(kāi)放該API
* 獲取登錄用戶信息,目前可獲取用戶昵稱及頭像信息。
* http://openapi.qzone.qq.com/user/get_user_info
*/
function get_user_info(){
$url = $this->build_request_uri($this->C('user_info_url'),array(
'oauth_token'=>$_SESSION['oauth_token'],
'openid'=>$_SESSION['openid'],
),$_SESSION['oauth_token_secret']);
return $this->get_contents($url);
}
}
文件打包下載 qq_php.rar
轉(zhuǎn)自: http://dev.meettea.com
php技術(shù):QQ登錄 PHP OAuth示例代碼,轉(zhuǎn)載需保留來(lái)源!
鄭重聲明:本文版權(quán)歸原作者所有,轉(zhuǎn)載文章僅為傳播更多信息之目的,如作者信息標(biāo)記有誤,請(qǐng)第一時(shí)間聯(lián)系我們修改或刪除,多謝。
