Esempio n. 1
0
    AlertMsg('404 Not Found', '404 Not Found', 404);
} else {
    require __DIR__ . '/includes/Oauth.' . $AppInfo['AppName'] . '.class.php';
    $OauthObject = new Oauth($AppInfo['AppKey']);
}
$Code = Request('Get', 'code');
$State = Request('Get', 'state');
session_start();
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
    //如果不是认证服务器跳转回的回调页,则跳转回授权服务页
    if (!$Code || !$State || empty($_SESSION[$Prefix . 'OauthState']) || $State != $_SESSION[$Prefix . 'OauthState']) {
        //生成State值防止CSRF
        $SendState = md5(uniqid(rand(), TRUE));
        $_SESSION[$Prefix . 'OauthState'] = $SendState;
        // 授权地址
        $AuthorizeURL = Oauth::AuthorizeURL($CurProtocol . $_SERVER['HTTP_HOST'] . $Config['WebsitePath'], $AppID, $AppInfo['AppKey'], $SendState);
        header("HTTP/1.1 301 Moved Permanently");
        header("Status: 301 Moved Permanently");
        header("Location: " . $AuthorizeURL);
        exit;
    }
    $Message = '';
    //下面是回调页面的处理
    if (!$OauthObject->GetAccessToken($CurProtocol . $_SERVER['HTTP_HOST'] . $Config['WebsitePath'], $AppID, $AppInfo['AppSecret'], $Code)) {
        AlertMsg('400 Bad Request', '400 Bad Request', 400);
    }
    if (!$OauthObject->GetOpenID()) {
        AlertMsg('400 Bad Request', '400 Bad Request', 400);
    }
    // 非Post页,储存AccessToken
    $_SESSION[$Prefix . 'OauthAccessToken'] = $OauthObject->AccessToken;
Esempio n. 2
0
    AlertMsg('404 Not Found', '404 Not Found', 404);
} else {
    require dirname(__FILE__) . '/includes/Oauth.' . $AppInfo['AppName'] . '.class.php';
    $OauthObject = new Oauth($AppInfo['AppKey']);
}
$Code = Request('Get', 'code');
$State = Request('Get', 'state');
session_start();
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
    //如果不是认证服务器跳转回的回调页,则跳转回授权服务页
    if (!$Code || !$State || empty($_SESSION[$Prefix . 'OauthState']) || $State != $_SESSION[$Prefix . 'OauthState']) {
        //生成State值防止CSRF
        $SendState = md5(uniqid(rand(), TRUE));
        $_SESSION[$Prefix . 'OauthState'] = $SendState;
        // 授权地址
        $AuthorizeURL = Oauth::AuthorizeURL('http://' . $_SERVER['HTTP_HOST'] . $Config['WebsitePath'], $AppID, $AppInfo['AppKey'], $SendState);
        header("HTTP/1.1 301 Moved Permanently");
        header("Status: 301 Moved Permanently");
        header("Location: " . $AuthorizeURL);
        exit;
    }
    $Message = '';
    //下面是回调页面的处理
    if (!$OauthObject->GetAccessToken('http://' . $_SERVER['HTTP_HOST'] . $Config['WebsitePath'], $AppID, $AppInfo['AppSecret'], $Code)) {
        AlertMsg('400 Bad Request', '400 Bad Request', 400);
    }
    if (!$OauthObject->GetOpenID()) {
        AlertMsg('400 Bad Request', '400 Bad Request', 400);
    }
    $OpenID = $OauthObject->OpenID;
    //var_dump($OauthObject->GetAvatarURL());