require_once './loginsdk/BaiduUtils.php'; require_once './inc/lightapp_login_api.inc.php'; //回调页地址 $redirectUri = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; $code = $_GET['code']; //echo $code; //echo $redirectUri; $oauth = new BaiduOAuth2($lightapp_api_key, $ligthapp_secret_key); $oauth->setRedirectUri($redirectUri); $tokenArr = $oauth->getAccessTokenByAuthorizationCode($code); if (is_array($tokenArr)) { // 换取token成功 $accessToken = $tokenArr['access_token']; $expires_in = $tokenArr['expires_in']; // 获取用户信息 $client = new BaiduApiClient($lightapp_api_key, $accessToken); $infoArr = $client->api('/rest/2.0/passport/users/getInfo', array('fields' => 'userid,username,portrait')); if (is_array($infoArr)) { // 获取用户信息成功 // 在这里将百度账号与应用自身的账号系统做联合登录处理,建议采取将百度账号暗绑到自身账号体系上 // 然后将联合登录后生成的用户session的相关信息通过cookie返回到前端页面上 // 为方便处理,这里将access_token和百度用户uid直接当session信息塞入cookie setcookie('bd_access_token', $accessToken, strtotime('2030-1-1 12:00:00'), '/'); setcookie('bd_username', $infoArr['username'], strtotime('2030-1-1 12:00:00'), '/'); setcookie('bd_uid', $infoArr['userid'], strtotime('2030-1-1 12:00:00'), '/'); setcookie('bd_portrait', $infoArr['portrait'], strtotime('2030-1-1 12:00:00'), '/'); } } header("Location:" . 'http://' . $_SERVER['HTTP_HOST'] . '/index.php'); ?>
/** * Get session info from Baidu server or from the store in app server side. * * @return array|false */ protected function doGetSession() { // get authorization code from query parameters $code = $this->getCode(); // check whether it is a CSRF attack request if ($code && $code != $this->store->get('code')) { $oauth2 = $this->getBaiduOAuth2Service(); $session = $oauth2->getAccessTokenByAuthorizationCode($code); if ($session) { $this->store->set('code', $code); $this->setSession($session); $apiClient = new BaiduApiClient($this->clientId, $session['access_token']); $user = $apiClient->api('passport/users/getLoggedInUser'); if ($user) { $session = array_merge($session, $user); $this->setSession($session); } return $session; } // code was bogus, so everything based on it should be invalidated. $this->store->removeAll(); return false; } // as a fallback, just return whatever is in the storage $session = $this->store->get('session'); $this->setSession($session); if ($session && !isset($session['uid'])) { $apiClient = new BaiduApiClient($this->clientId, $session['access_token']); $user = $apiClient->api('passport/users/getLoggedInUser'); if ($user) { $session = array_merge($session, $user); $this->setSession($session); } } return $session; }
/** * [getUserInfo 获取用户信息] * @return [type] [description] */ public function getUserInfo() { // get authorization code from query parameters $code = $this->getCode(); // check whether it is a CSRF attack request if ($code && $code != $this->store->get('code')) { p(1); die; $oauth2 = $this->getBaiduOAuth2Service(); $session = $oauth2->getAccessTokenByAuthorizationCode($code); if ($session) { $this->store->set('code', $code); $this->setSession($session); $apiClient = new BaiduApiClient($this->clientId, $session['access_token']); $user = $apiClient->api('passport/users/getInfo'); if ($user) { $session = array_merge($session, $user); $this->setSession($session); } return $session; } $this->store->removeAll(); return false; } // as a fallback, just return whatever is in the storage $session = $this->store->get('session'); $this->setSession($session); if ($session) { $apiClient = new BaiduApiClient($this->clientId, $session['access_token']); $user = $apiClient->api('passport/users/getInfo'); $user['sex'] = $user['sex'] == 1 ? '男' : '女'; $user['nikename'] = $user['username']; $user['head'] = 'http://tb.himg.baidu.com/sys/portraitn/item/' . $user['portrait']; // if ($user) { // $session = array_merge($session,$user); // $this->setSession($session); // } } return $user; }