oauth2.0
服务端
thinkphp部分代码
<?php header("Content-Type: text/html;charset=utf-8"); import("ORG.OAuth.ThinkOAuth2");//引入一下这个第三方类 class OauthAction extends Action{ private $oauth = NULL; private $_user_id; function _initialize(){ $this->oauth = new ThinkOAuth2(); } //获取应用网站数据 public function getRedirectUri(){ $client_id = $_GET['client_id']; $user_id = $_SESSION['my_info']['uid']; //$user_id = '3'; if($this->oauth->checkClientCredentials($client_id)){//判断应用是否为授权应用 $client = $this->oauth->getRedirectUri($client_id); $code = md5($client_id.$user_id);//构建验证码 这里可以采用自己的一些加密手段 $redirect_uri = $client.'&code='.$code;//定义回调函数 if(!$this->oauth->getAuthCode($code)){//判断验证码的存在 $this->oauth->setAuthCode($code,$user_id,$client_id,$redirect_uri,3600);//不存在就创建 } } echo "<script>window.location.href='".$redirect_uri."'</script>"; } //获取到应用网站token public function getAccessToken(){ $user_id = $this->oauth->checkUser($_POST['code']); $access_token = md5($user_id['user_id'].$_POST['code']); if(!$this->oauth->getAccessToken($access_token)){//不存在登陆过的用户要创建授权码 $this->oauth->setAccessToken($access_token,$user_id['user_id'],$_POST['client_id'],$_POST['code'],time()+3600);//为新用户创建授权码 } $data = $this->oauth->getAccessToken($access_token);//获取用户授权码 echo json_encode($data[0]); } public function getLoggedInUser(){ $access_token = $_GET['access_token']; $data = $this->oauth->getAccessToken($access_token); if($access_token == md5($data[0]['user_id'].$data[0]['refresh_token'])){ $user = M('member')->field('uid,username,head,sex')->find($data[0]['user_id']); $user['uname'] = $user['username']; } echo json_encode($user); } }
客户端
原生php
<?php include("db.php"); $result = mysql_query("SELECT * FROM config where id=1"); while($row = mysql_fetch_array($result)) { $key = $row['key']; $value = $row['value']; } //是否为授权应用 $redirect_uri = 'http://XXX/Oauth/getRedirectUri.shtml?client_id='.$key.''; echo "<script>window.location.href='".$redirect_uri."'</script>"; ?>
<?php include("db.php"); $result = mysql_query("SELECT * FROM config where id=1"); while($row = mysql_fetch_array($result)) { $key = $row['key']; $value = $row['value']; } $code = $_GET['code']; //用code获取token $_post_url = 'http://XXX/Oauth/getAccessToken.shtml'; $post = 'code='.$code.'&client_id='.$key.''; $host = 'hnt-server.wzd.54vc.com'; $return = curl($_post_url,$post,$host); //echo "<pre>"; $data = (json_decode($return,true)); $access_token =$data['access_token']; //用token获取用户信息 $url = 'http://XXX/Oauth/getLoggedInUser.shtml?access_token='.$access_token; $info = curl($url,$post,$host); $user = (json_decode($info,true)); ?> <center style="color:red;margin:10px">你好:<?=$user['username']?></center> <iframe runat="server" src="XXX" width="100%" height="1000" frameborder="no" border="0" marginwidth="0" marginheight="0" scrolling="no" allowtransparency="yes"></iframe>
流程
客户端用client_id请求服务端
服务端拿到client_id监测应用是否授权,如果应用授权则生成code值、token值,跳到客户端确认页
客户确认后,用code值换取token值,携带token值请求用户资源
参考:http://www.jianshu.com/p/0db71eb445c8
