/**
* 控制器执行主逻辑函数
*/
public function invoke($uri = null)
{
// 调用父类初始化函数,注册自定义的异常和错误处理逻辑
parent::init();
$path = explode('?', $uri);
$parts = array_slice(explode('/', $path[0]), 2);
if ($parts[0] === "authorize") {
$oauth = new PDOOAuth2();
if ($_POST) {
$oauth->finishClientAuthorization($_POST["accept"] == "Yep", $_POST);
}
$auth_params = $oauth->getAuthorizeParams();
$inputs = "";
foreach ($auth_params as $k => $v) {
$inputs = $inputs . '<input type="hidden" name="' . $k . '" value="' . $v . '" />';
}
$content = '<html>' . '<head>Authorize</head>' . '<body>' . '<form method="post" action="http://web.miniyun.cn/miniyun_oauth2/api.php/1/oauth2/authorize">' . $inputs . 'Do you authorize the app to do its thing?' . '<p>' . ' <input type="submit" name="accept" value="Yep" />' . '<input type="submit" name="accept" value="Nope" />' . ' </p>' . '</form>' . '</body>' . ' </html>';
echo $content;
} elseif ($parts[0] === "token") {
$oauth = new PDOOAuth2();
$token = $oauth->grantAccessToken();
#添加登陆日志
$deviceId = $oauth->getVariable("device_id");
MiniLog::getInstance()->createLogin($deviceId);
#返回site_id,便于与cloud.miniyun.cn通信
$token["site_id"] = MiniSiteUtils::getSiteID();
echo json_encode($token);
}
}
/**
*
* oauth2.0的验证
*/
public function oauth2Judge()
{
$oauth = new PDOOAuth2();
$token = $oauth->verifyAccessToken();
if ($token) {
$user = MUserManager::getInstance()->getUserOauth2($token["device_id"]);
//获取用户的信息
if ($user === NULL) {
$oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_DISABLED, NULL, OAUTH2_HTTP_DISABLED, 'This user has been disabled.', NULL, NULL);
return false;
}
$user["appId"] = $token["appId"];
//修改了User的appId值
MUserManager::getInstance()->setCurrentUser($user);
if (!$user["user_status"]) {
$oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_DISABLED, NULL, SYSTEM_ERROR_USER_DISABLED, 'This user has been disabled.', NULL, NULL);
}
}
}
/**
* oauth2.0的验证
*/
private function oauth2()
{
$oauth = new PDOOAuth2();
$token = $oauth->verifyAccessToken();
if ($token) {
$user = MUserManager::getInstance()->getUserOauth2($token["device_id"]);
// 获取用户的信息
if ($user === NULL) {
$oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_FORBIDDEN, NULL, SYSTEM_ERROR_USER_DISABLED, 'This user has been disabled.', NULL, NULL);
return false;
}
$user["appId"] = $token["appId"];
MUserManager::getInstance()->setCurrentUser($user);
if (!$user["user_status"]) {
$oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_FORBIDDEN, NULL, SYSTEM_ERROR_USER_DISABLED, 'This user has been disabled.', NULL, NULL);
}
} else {
throw new CException("Unauthorized", 401);
}
return true;
}
/**
* This is a callback for authorized token
* @method requesting authorize_token
* If the device has been approved, we can read the authorize_token necessarily
* Callback:
* [offiria]/index.php/component/oauth/?view=oauth&task=authenticate&response_type=code&client_id=[clientId]&client_secret=[clientSecret]
*
* @method requesting access_token with authorize token
* If the device have the authorize_token, exchange for access_token to use access
* Callback:
* [offiria]/index.php/component/oauth/?view=oauth&task=authenticate&grant_type=authorization_code&client_id=[clientId]&client_secret=[clientSecret]&code=[code]
*
* @method requesting access_token with password (skipping authorization)
* Callback:
* [offiria]/index.php/component/oauth/?view=oauth&task=authenticate&grant_type=password
&client_id=[clientId]&client_secret=[clientSecret]&username=[username]&pass=[pass]&redirect_uri=[redirect_uri]
*/
public function authenticate()
{
$oauth = new PDOOAuth2();
$responseType = JRequest::getVar('response_type');
$clientId = JRequest::getVar('client_id');
$clientSecret = JRequest::getVar('client_secret');
$table = JTable::getInstance('Token', 'OAuthTable');
if ($responseType == 'code') {
header("Content-Type: application/json");
header("Cache-Control: no-store");
$code = $table->getParam('code', array('client_id' => $clientId, 'client_secret' => $clientSecret));
echo json_encode(array('code' => $code));
exit;
break;
} else {
switch (JRequest::getVar('grant_type')) {
case 'password':
$app = JFactory::getApplication();
// Get the log in credentials.
$credentials = array();
$credentials['username'] = JRequest::getVar('username');
$credentials['password'] = JRequest::getVar('pass');
// Get the log in options.
$options = array();
$options['remember'] = false;
$options['return'] = '';
header("Content-Type: application/json");
header("Cache-Control: no-store");
// error handler
if (!JRequest::getVar('redirect_uri')) {
echo json_encode(array('error' => 'invalid_redirect_uri'));
exit;
}
// Perform the log in.
if (true === $app->login($credentials, $options)) {
// Success
$url = JRoute::_('/index.php/component/profile/?view=edit&task=applications&client_id=' . JRequest::getVar('client_id') . '&client_secret=' . JRequest::getVar('client_secret') . '&redirect_uri=' . JRequest::getVar('redirect_uri') . '&silent=true');
$mainframe = JFactory::getApplication();
$mainframe->redirect($url);
}
break;
default:
$oauth->grantAccessToken();
}
exit;
}
exit;
}
<?php /** * @file * Sample token endpoint. * * Obviously not production-ready code, just simple and to the point. * * In reality, you'd probably use a nifty framework to handle most of the crud for you. */ require "lib/PDOOAuth2.php"; $oauth = new PDOOAuth2(); $oauth->grantAccessToken();
<?php
/**
* @file
* Sample client add script.
*
* Obviously not production-ready code, just simple and to the point.
*/
include "lib/PDOOAuth2.inc";
if ($_POST && isset($_POST["client_id"]) && isset($_POST["client_secret"]) && isset($_POST["redirect_uri"])) {
$oauth = new PDOOAuth2();
$oauth->addClient($_POST["client_id"], $_POST["client_secret"], $_POST["redirect_uri"]);
}
?>
<!DOCTYPE html>
<!-- saved from url=(0032)http://connect.qq.com/manage/reg -->
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="edge">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<script async="" src="addclient/analytics.js"></script><script type="text/javascript">
var _speedMark = new Date();
</script>
<meta name="robots" content="all">
<meta name="Description" content="QQ互联是腾讯旗下的开放平台,通过QQ互联,网站主或开发者可以申请接入QQ登录,获取登录用户基本资料,用户使用QQ账号登录接入的站点或应用app,通过分享功能,将站点内容分享到QQ、手机QQ、QQ空间、微博等平台,也可获取QQ会员信息、相册、日志、财付通等API授权"><meta name="Keywords" content="QQ互联、管理中心、腾讯互联、QQ登录、QQ登陆、QQ分享、开放平台、appid、API管理、信息编辑、数据统计"><title>管理中心--QQ互联</title>
<link media="all" rel="stylesheet" href="addclient/common.css" type="text/css">
<!--[if lt IE 9]>
<script type="text/javascript">
document.createElement("header");
<?php
/**
* @file
* Sample protected resource.
*
* Obviously not production-ready code, just simple and to the point.
*
* In reality, you'd probably use a nifty framework to handle most of the crud for you.
*/
require "lib/PDOOAuth2.php";
$oauth = new PDOOAuth2();
$oauth->verifyAccessToken();
// With a particular scope, you'd do:
$oauth->verifyAccessToken("test_state");
?>
<html>
<head>
<title>Hello!</title>
</head>
<body>
<p>This is a secret.</p>
</body>
</html>
<?php
/**
* @file
* Sample authorize endpoint.
*
* Obviously not production-ready code, just simple and to the point.
*
* In reality, you'd probably use a nifty framework to handle most of the crud for you.
*/
require "lib/PDOOAuth2.php";
$oauth = new PDOOAuth2();
if ($_POST) {
$oauth->finishClientAuthorization($_POST["accept"] == "Yep", $_POST);
}
$auth_params = $oauth->getAuthorizeParams();
?>
<html>
<head>Authorize</head>
<body>
<form method="post" action="authorize.php">
<?php foreach ($auth_params as $k => $v) { ?>
<input type="hidden" name="<?php echo $k ?>" value="<?php echo $v ?>" />
<?php } ?>
Do you authorize the app to do its thing?
<p>
<?php
/**
* @file
* Sample protected resource.
*
* Obviously not production-ready code, just simple and to the point.
*
* In reality, you'd probably use a nifty framework to handle most of the crud for you.
*/
require "lib/PDOOAuth2.inc";
$oauth = new PDOOAuth2();
$oauth->verifyAccessToken();
// With a particular scope, you'd do:
// $oauth->verifyAccessToken("scope_name");
?>
<html>
<head>
<title>Hello!</title>
</head>
<body>
<p>This is a secret.</p>
</body>
</html>
/**
* 用户登录
* @return array|bool
* @throws
*/
public function oauth2()
{
$isExtend = apply_filters("license_expired");
if ($isExtend === 1) {
$userName = MiniHttp::getParam("username", "");
if ($userName !== "admin") {
throw new MiniException(440);
}
}
$oauth = new PDOOAuth2();
$token = $oauth->grantAccessToken();
#添加登陆日志
$deviceId = $oauth->getVariable("device_id");
MiniLog::getInstance()->createLogin($deviceId);
#返回site_id,便于与cloud.miniyun.cn通信
$token["site_id"] = MiniSiteUtils::getSiteID();
return $token;
}
<?php
/**
* @file
* Sample token endpoint.
*
* Obviously not production-ready code, just simple and to the point.
*
* In reality, you'd probably use a nifty framework to handle most of the crud for you.
*/
session_start();
require "lib/PDOOAuth2.inc";
$oauth = new PDOOAuth2();
$actoken = $oauth->grantAccessToken();
$host = 'localhost';
$username = '******';
$password = '******';
$database = 'mydb';
$dbc = mysqli_connect($host, $username, $password, $database);
if (!$dbc) {
die('Could not connect: ' . mysql_error());
}
$token = $actoken['access_token'];
$uid = $_POST['uid'];
$query = "INSERT INTO tokenuid VALUES ('{$token}','{$uid}')";
mysqli_query($dbc, $query) or die("Error!!");
mysqli_close($dbc);
public function applications()
{
JRequest::setVar('view', 'applications');
$mainframe = JFactory::getApplication();
$apps = new Applications();
// this is for auto installation method
$redirectUri = JRequest::getVar('redirect_uri');
$clientId = JRequest::getVar('client_id');
$clientSecret = JRequest::getVar('client_secret');
$deviceId = JRequest::getVar('deviceId');
// if this is a request for grant/revoke
if ($_POST && $deviceId) {
switch (JRequest::getVar('deviceAction')) {
case 'grant':
$apps->grantAccess($deviceId);
break;
case 'revoke':
$apps->revokeAccess($deviceId);
break;
}
} else {
if ($clientId && $clientSecret && $redirectUri) {
header("Content-Type: application/json");
header("Cache-Control: no-store");
JRequest::setVar('installing', true);
if ($_POST || JRequest::getVar('silent')) {
$model = OauthFactory::getModel('Application');
// use library for the OAuth to standardize
require_once JPATH_ROOT . DS . 'components' . DS . 'com_oauth' . DS . 'libraries' . DS . 'PDOOAuth2.inc';
$oauth = new PDOOAuth2();
if ($oauth->addClient($clientId, $clientSecret, $redirectUri)) {
$authData = array('client_id' => $clientId, 'response_type' => 'code', 'redirect_uri' => $redirectUri);
$oauth->finishClientAuthorization(true, $authData);
/* if this is a silent request, give a silent feedback */
if (JRequest::getVar('silent')) {
echo json_encode(array('success' => 'true'));
exit;
}
JRequest::setVar('authorize', true);
JRequest::setVar('appName', $clientId);
$mainframe->enqueueMessage(JText::_('COM_OAUTH_LABEL_APPLICATION_INSTALL'));
} else {
if (JRequest::getVar('silent')) {
echo json_encode(array('success' => false, 'error' => JText::_('COM_OAUTH_LABEL_FAILED_TO_REGISTER')));
exit;
}
$mainframe->enqueueMessage(JText::_('COM_OAUTH_LABEL_FAILED_TO_REGISTER'), 'Error');
}
}
}
}
parent::display();
}
