微信和QQ網頁授權登錄


一:微信授權

//用戶授權

public function is_weixin(){ $url = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=xxxxxxxxxxxxxxx&redirect_uri=http://xxx.xxxxx.com/index.php/privilege/getWeixinUser&response_type=code&scope=snsapi_userinfo&state=1#wechat_redirect"; redirect($url); }

 

上面的$url 中有5個get參數,前面2個get參數的值由我們指定,即appidredirect_uri 

  appid="微信APP_ID"

  redirect_uri="回調地址"

以上例子中 is_weixin 方法執行后瀏覽器會訪問 redirect_uri所填寫的地址,也就是會執行privilege中的getWeixinUser方法

 

public function getWeixinUser(){ $appid = "xxxxxxxxxxxxxxxxxxxxxxx"; $secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; $code = $_GET["code"]; $get_token_url = 'https://api.weixin.qq.com/sns/oauth2/access_token?appid='.$appid.'&secret='.$secret.'&code='.$code.'&grant_type=authorization_code'; $ch = curl_init(); curl_setopt($ch,CURLOPT_URL,$get_token_url); curl_setopt($ch,CURLOPT_HEADER,0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 ); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); $res = curl_exec($ch); curl_close($ch); $json_obj = json_decode($res,true); //根據openid和access_token查詢用戶信息 
$access_token = $json_obj['access_token']; $openid = $json_obj['openid']; $get_user_info_url = 'https://api.weixin.qq.com/sns/userinfo?access_token='.$access_token.'&openid='.$openid.'&lang=zh_CN'; $ch = curl_init(); curl_setopt($ch,CURLOPT_URL,$get_user_info_url); curl_setopt($ch,CURLOPT_HEADER,0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 ); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); $res = curl_exec($ch); curl_close($ch); //解析json
$user_obj = json_decode($res,true); // array( // [openid] => o3ushwi5OiaBfCNA2F187BKPdnfU // [nickname] => xxx // [sex] => 1 // [language] => zh_CN // [city] => 深圳 // [province] => 廣東 // [country] => 中國 // [headimgurl] => http://wx.qlogo.cn/mmopen/qibdIUkiaxRnic3D9icdBOonZxI3HibH1sP1xKchqhlDOnQibVuxhfNxHVvRJCrfz9jOkR5uZxsWiaToMIQQ0spkRNfG325j8NaGO67/0 // );
 }

getWeixinUser方法中最終得到的$user_obj就是一個包含了用戶微信基本信息的數組。

 

二:QQ授權

 第一步,跳轉到QQ授權頁面,獲取(Authorization) Code值

/*QQ登陸*/
public function qqlogin(){ $appid = 'xxxxxxxxxxx'; $appkey = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$scope = "get_user_info";
//成功授權后的回調地址,需要進行urlencode $my_url = "http://www.nightlostk.com/index.php/privilege/callback"; set_sess('state',md5(uniqid(rand(), TRUE))); $login_url = "https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=".$appid."&redirect_uri=" .urlencode($my_url)."&state=".get_sess('state')."&scope=".$scope; redirect($login_url); }

 

代碼運行后會跳轉到類似如下頁面:

 用戶點擊QQ頭像即表示授權並登錄。頁面將會跳轉到 上面代碼中的回調地址

  //成功授權后的回調地址,需要進行urlencode
  $my_url = "http://www.nightlostk.com/index.php/privilege/callback";
實際上回調地址會附帶一些上get參數。 實際的地址為: http://www.nightlostk.com/index.php/privilege/callback?code=xxxxxxxxxxxx&state=xxxxxxxxxxxxxx

可以理解為第一步就是為了獲取到返回的get參數 code的值

第二步, 通過Authorization Code獲取Access Token->openid->用戶基本信息


在第一步中,頁面最后跳轉到
http://www.nightlostk.com/index.php/privilege/callback?code=xxxxxxxxxxxx&state=xxxxxxxxxxxxxx
在PHP中會執行 privilege中的 callback方法

/*QQ登陸回調地址*/
    public function callback(){ $appid = '101261269'; $appkey = 'adcaacfadd912ecc5991aa6936aafe0d'; $my_url = "http://m.etripbon.com/index.php/privilege/callback"; //Step2:通過Authorization Code獲取Access Token
        if($_REQUEST['state'] == get_sess('state')) { $code = $_REQUEST["code"]; //拼接URL 
            $token_url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&"."client_id=".$appid."&redirect_uri=".urlencode($my_url)."&client_secret=".$appkey."&code=".$code; $response = $this->https_request($token_url); //Step3:使用Access Token來獲取用戶的OpenID
            $params = array(); parse_str($response, $params); $graph_url = "https://graph.qq.com/oauth2.0/me?access_token=".$params['access_token']; $access_token = $params["access_token"];         
            $str = $this->https_request($graph_url); $user = json_decode($str);$openid = $user->openid; $url = "https://graph.qq.com/user/get_user_info?access_token=".$access_token."&oauth_consumer_key=".$appid."&openid=".$openid; $output = $this->https_request($url); $jsoninfo = json_decode($output, true);  }else{ echo("The state does not match. You may be a victim of CSRF."); } }

  

public function https_request($url,$data = null){
        if(function_exists('curl_init')){
            $curl = curl_init();
            curl_setopt($curl, CURLOPT_URL, $url);
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE);
            curl_setopt($curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
            if (!empty($data)){
                curl_setopt($curl, CURLOPT_POST, 1);
                curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
            }
            curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
            $output = curl_exec($curl);
            curl_close($curl);
            return $output;
        }else{
            return false;
        }
    }

 

  在callback方法中,通過第一步獲取的code值來組裝好url

https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&"."client_id=".$appid."&redirect_uri=".urlencode($my_url)."&client_secret=".$appkey."&code=".$code
請求這個url 獲取到 Access Token

Access Token 有了以后組裝出如下url
$graph_url = "https://graph.qq.com/oauth2.0/me?access_token=".$params['access_token']
請求這個url 獲取到用戶的 openid

openid 有了以后組裝出如下url
$url = "https://graph.qq.com/user/get_user_info?access_token=".$access_token."&oauth_consumer_key=".$appid."&openid=".$openid;
請求這個url 獲取到用戶的基本信息,到此為止,用戶的QQ基本信息就獲取到了。后續則是根據自己項目的業務需求來處理這些信息即可。
返回的QQ用戶基本信息如下圖所示




免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM