/**
* @brief 请求临时token.请求需经过URL编码,编码时请遵循 RFC 1738
*
* @param $appid
* @param $appkey
*
* @return 返回字符串格式为:oauth_token=xxx&oauth_token_secret=xxx
*/
function get_request_token($appid, $appkey)
{
global $global_url;
//请求临时token的接口地址, 不要更改!!
$url = "http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token?";
//生成oauth_signature签名值。签名值生成方法详见(http://wiki.opensns.qq.com/wiki/【QQ登录】签名参数oauth_signature的说明)
//(1) 构造生成签名值的源串(HTTP请求方式 & urlencode(uri) & urlencode(a=x&b=y&...))
$sigstr = "GET" . "&" . QQConnect_urlencode("http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token") . "&";
//必要参数
$params = array();
$params["oauth_version"] = "1.0";
$params["oauth_signature_method"] = "HMAC-SHA1";
$params["oauth_timestamp"] = time();
$params["oauth_nonce"] = mt_rand();
$params["oauth_consumer_key"] = $appid;
//对参数按照字母升序做序列化
$normalized_str = get_normalized_string($params);
$sigstr .= QQConnect_urlencode($normalized_str);
//(2)构造密钥
$key = $appkey . "&";
//(3)生成oauth_signature签名值。这里需要确保PHP版本支持hash_hmac函数
$signature = get_signature($sigstr, $key);
//构造请求url
$url .= $normalized_str . "&" . "oauth_signature=" . QQConnect_urlencode($signature);
$global_url = $url;
return file_get_contents($url);
}
/**
* @brief 跳转到QQ登录页面.请求需经过URL编码,编码时请遵循 RFC 1738
*
* @param $appid
* @param $appkey
* @param $callback
*
* @return 返回字符串格式为:oauth_token=xxx&openid=xxx&oauth_signature=xxx×tamp=xxx&oauth_vericode=xxx
*/
function redirect_to_login($appid, $appkey, $callback)
{
global $global_arg;
//跳转到QQ登录页的接口地址, 不要更改!!
$redirect = "http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key={$appid}&";
//调用get_request_token接口获取未授权的临时token
$request_token = get_request_token($appid, $appkey);
//由于编码,appid,secret都可能导致获取request token失败
if (strpos($request_token, "error_code") !== false) {
echo '<html lang="zh-cn">';
echo '<head>';
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
echo '</head>';
echo '<body>';
echo "<h3>请求url:</h3>{$global_arg}</br>";
echo "<h3>返回值:</h3>{$request_token}</br>";
echo '<h3>请参考</h3><a href="http://wiki.opensns.qq.com/wiki/%E3%80%90QQ%E7%99%BB%E5%BD%95%E3%80%91%E5%85%AC%E5%85%B1%E8%BF%94%E5%9B%9E%E7%A0%81%E8%AF%B4%E6%98%8E" target="_blank">错误码说明</a>与<a href="http://open.qzone.qq.com/oauth_tool/oauth_url_check.htm">调试工具</a>';
echo '</body>';
echo '</html>';
exit;
}
//解析返回值
$result = array();
parse_str($request_token, $result);
//request token, request token secret 需要保存起来
//在demo演示中,直接保存在全局变量中.
//为避免网站存在多个子域名或同一个主域名不同服务器造成的session无法共享问题
//请开发者按照本SDK中comm/session.php中的注释对session.php进行必要的修改,以解决上述2个问题,
$_SESSION["token"] = $result["oauth_token"];
$_SESSION["secret"] = $result["oauth_token_secret"];
////构造请求URL
$redirect .= "oauth_token=" . $result["oauth_token"] . "&oauth_callback=" . QQConnect_urlencode($callback);
header("Location:{$redirect}");
}
/**
* @brief 所有post 请求都可以使用这个方法
*
* @param $url
* @param $appid
* @param $appkey
* @param $access_token
* @param $access_token_secret
* @param $openid
*
*/
function do_post($url, $appid, $appkey, $access_token, $access_token_secret, $openid)
{
//构造签名串.源串:方法[GET|POST]&uri&参数按照字母升序排列
$sigstr = "POST" . "&" . QQConnect_urlencode($url) . "&";
//必要参数,不要随便更改!!
$params = $_POST;
$params["oauth_version"] = "1.0";
$params["oauth_signature_method"] = "HMAC-SHA1";
$params["oauth_timestamp"] = time();
$params["oauth_nonce"] = mt_rand();
$params["oauth_consumer_key"] = $appid;
$params["oauth_token"] = $access_token;
$params["openid"] = $openid;
unset($params["oauth_signature"]);
//对参数按照字母升序做序列化
$sigstr .= QQConnect_urlencode(get_normalized_string($params));
//签名,需要确保php版本支持hash_hmac函数
$key = $appkey . "&" . $access_token_secret;
$signature = get_signature($sigstr, $key);
$params["oauth_signature"] = $signature;
$postdata = get_urlencode_string($params);
//echo "$sigstr******\n";
//echo "$postdata\n";
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt($ch, CURLOPT_URL, $url);
$ret = curl_exec($ch);
curl_close($ch);
return $ret;
}
