/** * * oauth2.0的验证 */ public function oauth2Judge() { $oauth = new PDOOAuth2(); $token = $oauth->verifyAccessToken(); if ($token) { $user = MUserManager::getInstance()->getUserOauth2($token["device_id"]); //获取用户的信息 if ($user === NULL) { $oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_DISABLED, NULL, OAUTH2_HTTP_DISABLED, 'This user has been disabled.', NULL, NULL); return false; } $user["appId"] = $token["appId"]; //修改了User的appId值 MUserManager::getInstance()->setCurrentUser($user); if (!$user["user_status"]) { $oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_DISABLED, NULL, SYSTEM_ERROR_USER_DISABLED, 'This user has been disabled.', NULL, NULL); } } }
/** * oauth2.0的验证 */ private function oauth2() { $oauth = new PDOOAuth2(); $token = $oauth->verifyAccessToken(); if ($token) { $user = MUserManager::getInstance()->getUserOauth2($token["device_id"]); // 获取用户的信息 if ($user === NULL) { $oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_FORBIDDEN, NULL, SYSTEM_ERROR_USER_DISABLED, 'This user has been disabled.', NULL, NULL); return false; } $user["appId"] = $token["appId"]; MUserManager::getInstance()->setCurrentUser($user); if (!$user["user_status"]) { $oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_FORBIDDEN, NULL, SYSTEM_ERROR_USER_DISABLED, 'This user has been disabled.', NULL, NULL); } } else { throw new CException("Unauthorized", 401); } return true; }
<?php /** * @file * Sample protected resource. * * Obviously not production-ready code, just simple and to the point. * * In reality, you'd probably use a nifty framework to handle most of the crud for you. */ require "lib/PDOOAuth2.php"; $oauth = new PDOOAuth2(); $oauth->verifyAccessToken(); // With a particular scope, you'd do: $oauth->verifyAccessToken("test_state"); ?> <html> <head> <title>Hello!</title> </head> <body> <p>This is a secret.</p> </body> </html>
<?php /** * @file * Sample protected resource. * * Obviously not production-ready code, just simple and to the point. * * In reality, you'd probably use a nifty framework to handle most of the crud for you. */ require "lib/PDOOAuth2.inc"; $oauth = new PDOOAuth2(); $oauth->verifyAccessToken(); // With a particular scope, you'd do: // $oauth->verifyAccessToken("scope_name"); ?> <html> <head> <title>Hello!</title> </head> <body> <p>This is a secret.</p> </body> </html>