PHP Oauth授权和本地加密实现方法

时间:2022-05-07 09:59:18

1.Oauth(开放授权)是一个开放标准,允许用户让第三方应用访问该用户在某一网站上存储的私密资源(如照片,视频,联系人列表),而无需将用户名和密码提供给第三方

关键字:appKey appSecret token(令牌)

2.SSO授权

如果本地手机装有微博客户端,则直接跳转到微博客户端,只需点击授权按钮,就可以登陆了 

qq第三方登陆使用Oauth2.0实现,测试代码

点击下面的连接

https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=101334262&redirect_uri=http://www.qingguow.cn/sso.php

具体代码sso.php文件:

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<?php
// qq登陆类
class Sso{
  const APP_ID="101334262";
  const APP_KEY="xxxxxxxxxxxxxxx";
  //初始化
  public static function init(){
    header("content-type:text/html;charset=utf-8");
  }
    //主函数
  public static function main(){
    //请求控制
    $action=$_GET['action'];
    if(!empty($action)){
      Sso::$action();
      return;
    }
    
    $par = 'grant_type=authorization_code'
    . '&client_id='.Sso::APP_ID
    . '&client_secret='.Sso::APP_KEY
    . '&code='.$_REQUEST['code']
    . '&redirect_uri='.urlencode('http://www.qingguow.cn/sso.php');
    $rec=Sso::postUrlContents("https://graph.qq.com/oauth2.0/token",$par);
    if(strpos($rec, 'access_token') !== false) {
      parse_str($rec, $accessToken);
      $openidJson=Sso::getUrlContents("https://graph.qq.com/oauth2.0/me?callback=callback&access_token={$accessToken['access_token']}");
      $openidJson=str_replace("callback( ", "", $openidJson);
      $openidJson=str_replace(");", "", $openidJson);
      $openidJson=json_decode($openidJson,true);
      header("location:sso.php?action=getQQinfo&openid={$openidJson['openid']}&access_token={$accessToken['access_token']}");
    }
  }
  //获取用户信息
  public static function getQQinfo(){
    Sso::init();
    $openid=$_GET['openid'];
    $access_token=$_GET['access_token'];
    $userJson=Sso::getUrlContents("https://graph.qq.com/user/get_user_info?openid={$openid}&access_token={$access_token}&oauth_consumer_key=".Sso::APP_ID);
    $user=json_decode($userJson,true);
    print_r($user);
  }
  //get方式请求数据
  public static function getUrlContents($url){
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($ch, CURLOPT_HEADER, false);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_REFERER, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
    $result = curl_exec($ch);
    curl_close($ch);
    return $result;
  }
  //post请求数据
  public static function postUrlContents($url,$data = null){
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE);
    if (!empty($data)){
    curl_setopt($curl, CURLOPT_POST, 1);
    curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
    }
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    $output = curl_exec($curl);
    curl_close($curl);
    return $output;
  }
 
}
Sso::main();

以上这篇PHP Oauth授权和本地加密实现方法就是小编分享给大家的全部内容了,希望能给大家一个参考,也希望大家多多支持服务器之家。