function GetLoginToken($pTmp) { $sig = getAndCheck($pTmp, 'sig'); $params = array('state' => getAndCheck($pTmp, 'state'), 'appid' => getAndCheck($pTmp, 'appid'), 'time' => getAndCheck($pTmp, 'time'), 'sigmethod' => getAndCheck($pTmp, 'sigmethod'), 'version' => getAndCheck($pTmp, 'version'), 'verifier' => getAndCheck($pTmp, 'verifier')); if (GetAppInfo($params['appid'], 'ip_check') == 'enable') { $params['ip'] = getAndCheck($pTmp, 'ip'); } $appSecret = GetAppInfo($params['appid'], 'app_secret'); VerifySignature($params, $appSecret, $sig); /* 确保对参数的签名是有效的 */ $uid = CheckReplayAttack($params, 'login'); /* 检查重放攻击并记录 */ $accessToken = GetAccessToken($params['appid'], $uid); echo 'uid=' . $uid . '&access_token=' . $accessToken; exit; }
function check_token($FQDN, $api_key, $secret_key, $scope, $fullToken, $oauth_file) { $currentTime = time(); if ($fullToken["updateTime"] == null || $fullToken["updateTime"] <= $currentTime) { $fullToken = GetAccessToken($FQDN, $api_key, $secret_key, $scope); if ($fullToken["accessToken"] == null) { // echo $fullToken["errorMessage"]; } else { // echo $fullToken["accessToken"]; SaveToken($fullToken, $oauth_file); } } elseif ($fullToken["refreshTime"] <= $currentTime) { $fullToken = RefreshToken($FQDN, $api_key, $secret_key, $scope, $fullToken); if ($fullToken["accessToken"] == null) { // echo $fullToken["errorMessage"]; } else { // echo $fullToken["accessToken"]; SaveToken($fullToken, $oauth_file); } } return $fullToken; }