function GetLoginToken($pTmp)
{
$sig = getAndCheck($pTmp, 'sig');
$params = array('state' => getAndCheck($pTmp, 'state'), 'appid' => getAndCheck($pTmp, 'appid'), 'time' => getAndCheck($pTmp, 'time'), 'sigmethod' => getAndCheck($pTmp, 'sigmethod'), 'version' => getAndCheck($pTmp, 'version'), 'verifier' => getAndCheck($pTmp, 'verifier'));
if (GetAppInfo($params['appid'], 'ip_check') == 'enable') {
$params['ip'] = getAndCheck($pTmp, 'ip');
}
$appSecret = GetAppInfo($params['appid'], 'app_secret');
VerifySignature($params, $appSecret, $sig);
/* 确保对参数的签名是有效的 */
$uid = CheckReplayAttack($params, 'login');
/* 检查重放攻击并记录 */
$accessToken = GetAccessToken($params['appid'], $uid);
echo 'uid=' . $uid . '&access_token=' . $accessToken;
exit;
}
function check_token($FQDN, $api_key, $secret_key, $scope, $fullToken, $oauth_file)
{
$currentTime = time();
if ($fullToken["updateTime"] == null || $fullToken["updateTime"] <= $currentTime) {
$fullToken = GetAccessToken($FQDN, $api_key, $secret_key, $scope);
if ($fullToken["accessToken"] == null) {
// echo $fullToken["errorMessage"];
} else {
// echo $fullToken["accessToken"];
SaveToken($fullToken, $oauth_file);
}
} elseif ($fullToken["refreshTime"] <= $currentTime) {
$fullToken = RefreshToken($FQDN, $api_key, $secret_key, $scope, $fullToken);
if ($fullToken["accessToken"] == null) {
// echo $fullToken["errorMessage"];
} else {
// echo $fullToken["accessToken"];
SaveToken($fullToken, $oauth_file);
}
}
return $fullToken;
}
