예제 #1
0
파일: webauth.php 프로젝트: qujian/ydwx
<?php

/**
 * 网站进行微信OAuth登陆
 * 该页面可通过Redirect方式进行访问,或者直接在需要的地方include_once
 */
chdir(dirname(__FILE__));
//把工作目录切换到文件所在目录
include_once dirname(__FILE__) . '/__config__.php';
// state为交互时双方都会带着的get参数,用于做一些逻辑判断,如果没指定,则默认一个
if (!$state) {
    $state = "fromydwx";
}
$redirect = YDWX_SITE_URL . 'ydwx/webauth.php';
if (!@$_GET['code'] && !@$_GET['state']) {
    ob_clean();
    header("Location: https://open.weixin.qq.com/connect/qrconnect?appid=" . YDWX_WEIXIN_WEB_APP_ID . "&redirect_uri={$redirect}&response_type=code&scope=snsapi_login&state={$state}#wechat_redirect");
    die;
}
if (!@$_GET['code'] && @$_GET['state']) {
    YDWXHook::do_hook(YDWXHook::AUTH_CANCEL);
    die;
}
$http = new YDHttp();
$info = json_decode($http->get("https://api.weixin.qq.com/sns/oauth2/access_token?appid=" . YDWX_WEIXIN_WEB_APP_ID . "&secret=" . YDWX_WEIXIN_WEB_APP_SECRET . "&code=" . $_GET['code'] . "&grant_type=authorization_code"), true);
if (!@$info['openid']) {
    YDWXHook::do_hook(YDWXHook::AUTH_FAIL, YDWXAuthFailResponse::errMsg($info['errmsg'], $info['errcode']));
    die;
}
YDWXHook::do_hook(YDWXHook::AUTH_WEB_SUCCESS, ydwx_sns_userinfo($info['access_token'], $info['openid'], $_GET['state']));
예제 #2
0
파일: auth.php 프로젝트: qujian/ydwx
}
//用户取消授权后返回本页面
if (!@$_GET['code'] && @$_GET['state']) {
    YDWXHook::do_hook(YDWXHook::AUTH_CANCEL);
    die;
}
//第二步,用户授权后返回,获取授权用户信息
if ($isAgent || YDWX_WEIXIN_ACCOUNT_TYPE != YDWX_WEIXIN_ACCOUNT_TYPE_CROP) {
    $http = new YDHttp();
    $info = json_decode($http->get(sprintf($access_token_url, $_GET['code'])), true);
    if (!@$info['openid']) {
        YDWXHook::do_hook(YDWXHook::AUTH_FAIL, YDWXAuthFailResponse::errMsg($info['errmsg'], $info['errcode']));
        die;
    }
    try {
        $user = ydwx_sns_userinfo($info['access_token'], $info['openid']);
        $user->state = $_GET['state'];
        $user->appid = $appid;
        YDWXHook::do_hook(YDWXHook::AUTH_INAPP_SUCCESS, $user);
    } catch (\Exception $e) {
        YDWXHook::do_hook(YDWXHook::AUTH_FAIL, YDWXAuthFailResponse::errMsg($e->getMessage(), $e->getCode()));
    }
    die;
}
//企业号返回的是code,可直接获取用户的信息.TODO 是否企业号也会托管,那这里是不是该拿托管的企业号token
$access_token = YDWXHook::do_hook(YDWXHook::GET_ACCESS_TOKEN);
if ($access_token) {
    YDWXHook::do_hook(YDWXHook::AUTH_CROP_SUCCESS, ydwx_crop_user_info($access_token, $_GET['code'], $_GET['state']));
} else {
    YDWXHook::do_hook(YDWXHook::AUTH_FAIL, YDWXAuthFailResponse::errMsg("未取得access token"));
}