/**
* @brief 跳转到QQ登录页面.请求需经过URL编码,编码时请遵循 RFC 1738
*
* @param $appid
* @param $appkey
* @param $callback
*
* @return 返回字符串格式为:oauth_token=xxx&openid=xxx&oauth_signature=xxx×tamp=xxx&oauth_vericode=xxx
*/
function redirect_to_login($appid, $appkey, $callback)
{
global $global_arg;
//跳转到QQ登录页的接口地址, 不要更改!!
$redirect = "http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key={$appid}&";
//调用get_request_token接口获取未授权的临时token
$request_token = get_request_token($appid, $appkey);
//由于编码,appid,secret都可能导致获取request token失败
if (strpos($request_token, "error_code") !== false) {
echo '<html lang="zh-cn">';
echo '<head>';
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
echo '</head>';
echo '<body>';
echo "<h3>请求url:</h3>{$global_arg}</br>";
echo "<h3>返回值:</h3>{$request_token}</br>";
echo '<h3>请参考</h3><a href="http://wiki.opensns.qq.com/wiki/%E3%80%90QQ%E7%99%BB%E5%BD%95%E3%80%91%E5%85%AC%E5%85%B1%E8%BF%94%E5%9B%9E%E7%A0%81%E8%AF%B4%E6%98%8E" target="_blank">错误码说明</a>与<a href="http://open.qzone.qq.com/oauth_tool/oauth_url_check.htm">调试工具</a>';
echo '</body>';
echo '</html>';
exit;
}
//解析返回值
$result = array();
parse_str($request_token, $result);
//request token, request token secret 需要保存起来
//在demo演示中,直接保存在全局变量中.
//为避免网站存在多个子域名或同一个主域名不同服务器造成的session无法共享问题
//请开发者按照本SDK中comm/session.php中的注释对session.php进行必要的修改,以解决上述2个问题,
$_SESSION["token"] = $result["oauth_token"];
$_SESSION["secret"] = $result["oauth_token_secret"];
////构造请求URL
$redirect .= "oauth_token=" . $result["oauth_token"] . "&oauth_callback=" . QQConnect_urlencode($callback);
header("Location:{$redirect}");
}
function get_auth_url()
{
$retarr = get_request_token(OAUTH_CONSUMER_KEY, OAUTH_CONSUMER_SECRET, $callback, false, true, true);
if (!empty($retarr)) {
list($info, $headers, $body, $body_parsed) = $retarr;
if ($info['http_code'] == 200 && !empty($body)) {
echo "http://api.twitter.com/oauth/authorize?" . rfc3986_decode($body) . "\n";
}
}
}
function getUrl($callback = null)
{
//授权登录页
$redirect = "http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=" . $this->akey;
//获取request token
$result = array();
$request_token = get_request_token($this->akey, $this->skey);
parse_str($request_token, $result);
if ($result["oauth_token"] == "") {
throw new Exception('Unknown oauth_token');
return false;
}
$callback = $callback . "?oauth_token_secret=" . $result["oauth_token_secret"];
//302跳转到授权页面
$redirect .= "&oauth_token=" . $result["oauth_token"] . "&oauth_callback=" . rawurlencode($callback);
return $redirect;
}
function getUrl($callback)
{
if (is_null($callback)) {
$callback = U('home/public/qzonecallback');
}
//授权登录页
$redirect = "http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=" . QZONE_KEY;
//获取request token
$result = array();
$request_token = get_request_token(QZONE_KEY, QZONE_SECRET);
parse_str($request_token, $result);
//request token, request token secret 需要保存起来
//在demo演示中,直接保存在全局变量中.真实情况需要网站自己处理
$_SESSION['qzone']["keys"] = $result;
if ($result["oauth_token"] == "") {
return false;
}
//302跳转到授权页面
$redirect .= "&oauth_token=" . $result["oauth_token"] . "&oauth_callback=" . rawurlencode($callback);
return $redirect;
}
/**
* @brief 跳转到QQ登录页面.请求需经过URL编码,编码时请遵循 RFC 1738
*
* @param $appid
* @param $appkey
* @param $callback
*
* @return 返回字符串格式为:oauth_token=xxx&openid=xxx&oauth_signature=xxx×tamp=xxx&oauth_vericode=xxx
*/
function redirect_to_login($appid, $appkey, $callback)
{
//跳转到QQ登录页的接口地址, 不要更改!!
$redirect = "http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key={$appid}&";
//调用get_request_token接口获取未授权的临时token
$result = array();
$request_token = get_request_token($appid, $appkey);
parse_str($request_token, $result);
//request token, request token secret 需要保存起来
//在demo演示中,直接保存在全局变量中.
//为避免网站存在多个子域名或同一个主域名不同服务器造成的session无法共享问题
//请开发者按照本SDK中comm/session.php中的注释对session.php进行必要的修改,以解决上述2个问题,
$_SESSION["token"] = $result["oauth_token"];
$_SESSION["secret"] = $result["oauth_token_secret"];
if ($result["oauth_token"] == "") {
//示例代码中没有对错误情况进行处理。真实情况下网站需要自己处理错误情况
exit;
}
////构造请求URL
$redirect .= "oauth_token=" . $result["oauth_token"] . "&oauth_callback=" . rawurlencode($callback);
header("Location:{$redirect}");
}
/**
* @brief 跳转到QQ登录页面.请求需经过URL编码,编码时请遵循 RFC 1738
*
* @param $appid
* @param $appkey
* @param $callback
*
* @return 返回字符串格式为:oauth_token=xxx&openid=xxx&oauth_signature=xxx×tamp=xxx&oauth_vericode=xxx
*/
function redirect_to_login($appid, $appkey, $callback)
{
//跳转到QQ登录页的接口地址, 不要更改!!
$redirect = "http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key={$appid}&";
//调用get_request_token接口获取未授权的临时token
$result = array();
$request_token = get_request_token($appid, $appkey);
parse_str($request_token, $result);
//request token, request token secret 需要保存起来
//在demo演示中,直接保存在全局变量中.
//正式网站运营环境中,我们强烈建议你将这两个值保存在MySQL或者其他永久的存储中以便于后续使用
//尤其是在网站不止一台服务器的情况下,两次请求的sessoin信息可能不会保存再同一台服务器导致访问出错
es_session::set("token", $result["oauth_token"]);
es_session::set("secret", $result["oauth_token_secret"]);
if ($result["oauth_token"] == "") {
//示例代码中没有对错误情况进行处理。真实情况下网站需要自己处理错误情况
exit;
}
////构造请求URL
$redirect .= "oauth_token=" . $result["oauth_token"] . "&oauth_callback=" . rawurlencode($callback);
header("Location:{$redirect}");
}
/**
* @brief redirect to QQ login page
* rfc1738 urlencode
* @param $appid
* @param $appkey
* @param $callback
*/
function redirect_to_login($appid, $appkey, $callback)
{
//授权登录页
$redirect = "http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key={$appid}&";
//获取request token
$result = array();
$request_token = get_request_token($appid, $appkey);
parse_str($request_token, $result);
//request token, request token secret 需要保存起来
//在demo演示中,直接保存在全局变量中.真实情况需要网站自己处理
//$_SESSION["token"] = $result["oauth_token"];
//$_SESSION["secret"] = $result["oauth_token_secret"];
set_cookie('token_secret', mymd5($result["oauth_token"] . "\t" . $result["oauth_token_secret"]), 3600);
if ($result["oauth_token"] == "") {
showerr('API信息不对!');
//demo中不对错误情况做处理
//网站需要自己处理错误情况
// exit;
}
//302跳转到授权页面
$redirect .= "oauth_token=" . $result["oauth_token"] . "&oauth_callback=" . rawurlencode($callback);
header("Location:{$redirect}");
}
<?php
require 'globals.php';
require 'oauth_helper.php';
// Callback can either be 'oob' or a url whose domain must match
// the domain that you entered when registering your application
$callback = 'oob';
// Get the request token using HTTP GET and HMAC-SHA1 signature
$retarr = get_request_token(OAUTH_CONSUMER_KEY, OAUTH_CONSUMER_SECRET, $callback, false, true, true);
if (!empty($retarr)) {
list($info, $headers, $body, $body_parsed) = $retarr;
if ($info['http_code'] == 200 && !empty($body)) {
print "Have the user go to xoauth_request_auth_url to authorize your app\n" . rfc3986_decode($body_parsed['xoauth_request_auth_url']) . "\n";
}
}
exit(0);
/**
* Get a request token.
* @param string $consumer_key obtained when you registered your app
* @param string $consumer_secret obtained when you registered your app
* @param string $callback callback url can be the string 'oob'
* @param bool $usePost use HTTP POST instead of GET
* @param bool $useHmacSha1Sig use HMAC-SHA1 signature
* @param bool $passOAuthInHeader pass OAuth credentials in HTTP header
* @return array of response parameters or empty array on error
*/
function get_request_token($consumer_key, $consumer_secret, $callback, $usePost = false, $useHmacSha1Sig = true, $passOAuthInHeader = false)
{
$retarr = array();
// return value
$response = array();
<?php
session_start();
require_once 'config.php';
require_once 'functions.php';
require_once 'oAuth.php';
$sig_new = array('oauth_callback' => CALLBACK_URL);
$signature = signature_generator('POST', $sig_new, 'https://api.twitter.com/oauth/request_token');
$sig_new['oauth_signature'] = $signature;
$token = get_request_token($sig_new);
if ($token['status'] == 200) {
$_SESSION['request_token'] = $token;
$_SESSION['oauth_token'] = $token['oauth_token'];
$redirect_url = 'https://api.twitter.com/oauth/authorize?oauth_token=' . $token['oauth_token'];
redirect($redirect_url);
} else {
print_r($token);
session_destroy();
}
function getRequestToken($appid, $appkey)
{
//调用get_request_token接口获取未授权的临时token
$result = array();
$request_token = get_request_token($appid, $appkey);
parse_str($request_token, $result);
//request token, request token secret 需要保存起来
//在demo演示中,直接保存在全局变量中.
//为避免网站存在多个子域名或同一个主域名不同服务器造成的session无法共享问题
//请开发者按照本SDK中comm/session.php中的注释对session.php进行必要的修改,以解决上述2个问题,
//$_SESSION["token"] = $result["oauth_token"];
//$_SESSION["secret"] = $result["oauth_token_secret"];
return $result;
}
jQuery(document).ready(function()
{
jQuery("body").addClass("zp-Modal");
});
</script>';
echo "<p>Redirecting to Zotero to authenticate.</p>";
echo $redirect;
break;
case 1:
// State 1 - Handle callback from Zotero and get and store an access token
// Make sure the token we got sent back matches the one we have
// In practice we would look up the stored token and whatever local user information we have tied to it
$oauth->disableSSLChecks();
$request_token_info = get_request_token($state);
//if we found the temp token, try to exchange it for a permanent one
try {
//set the token we got back from the provider and the secret we saved previously for the exchange.
$oauth->setToken($_GET['oauth_token'], $request_token_info['oauth_token_secret']);
//make the exchange request to the provider's given endpoint
$access_token_info = $oauth->getAccessToken($access_token_endpoint);
save_access_token($access_token_info, $state);
} catch (Exception $e) {
//Handle error getting access token
die("Caught exception on access token request");
}
// Continue on to authorized state outside switch
break;
case 2:
//get previously stored access token if we didn't just get it from a handshack