/**
* 处理授权回调函数
*
* @return $res_array array 授权码,令牌与openid组成的数组,开发者可以将其写入数据库。
*
*/
public static function handleAuthCallback($access_token_uri = QQAUTH_ACCESS_TOKEN_DOMAIN, $openid_uri = QQAUTH_OPENID_DOMAIN)
{
if ($_SESSION['state'] !== $_REQUEST['state']) {
throw new QQAuth_Exception('CSRF attacks!', '9999999');
}
if (self::isAuth()) {
// 不是从验证服务器转来的请求
return;
}
$res_array = array();
$code = isset($_GET['code']) ? $_GET['code'] : '';
if ($code == '') {
throw new QQAuth_Exception('Auth failure!', '9999998');
}
$res_array['auth_code'] = $_SESSION['QQAUTH_AUTHCODE'] = $code;
$state = 'test';
$token_params = array('grant_type' => 'authorization_code', 'client_id' => QQAUTH_APP_ID, 'client_secret' => QQAUTH_APP_KEY, 'code' => $code, 'state' => $state, 'redirect_uri' => $_SESSION['QQAUTH_REDIRECT_URI']);
$request_access_token_url = $access_token_uri . QQAuth_Util::composeParams($token_params);
$response = QQAuth_Util::doGet($request_access_token_url);
$msg = QQAuth_Util::parseJSONP($response);
if (isset($msg->error)) {
echo "<h3>error:</h3>" . $msg->error;
echo "<h3>msg :</h3>" . $msg->error_description;
exit;
}
$params = array();
parse_str($response, $params);
//debug
//print_r($params);
//set access token to session
$res_array['access_token'] = $_SESSION["QQAUTH_ACCESS_TOKEN"] = $params["access_token"];
$graph_url = $openid_uri . 'access_token=' . $_SESSION['QQAUTH_ACCESS_TOKEN'];
$str = QQAuth_Util::doGet($graph_url);
$user = QQAuth_Util::parseJSONP($str);
if (isset($user->error)) {
echo "<h3>error:</h3>" . $user->error;
echo "<h3>msg :</h3>" . $user->error_description;
exit;
}
$res_array['openid'] = $_SESSION["QQAUTH_OPENID"] = $user->openid;
//debug
//echo("Hello " . $user->openid);
return $res_array;
}
/**
* 发起请求的方法,统一发送接口,并处理不成功的响应(抛出异常)
*
* @return $ret array 服务器端响应
*/
public static function doRequest($url, $data, $method = 'post')
{
if ($method == 'post') {
// 适用于提交数据到远程服务器
// 发起请求
$ret = QQAuth_Util::doPost($url, $data);
} else {
// 适用于从远程服务器拉取数据
// 构造url参数
$url = $url . '?' . QQAuth_Util::composeParams($data);
// 发起请求
$info = QQAuth_Util::doGet($url);
// 解析json
$ret = json_decode($info, true);
}
if (is_null($ret) || $ret['ret'] > 0) {
$msg = "Error occured when requesting: {$url}\n";
$msg .= "with params:" . print_r($data, true);
$msg .= "Response: " . print_r($info, true);
// 抛出异常
throw new QQAuth_Exception($msg, $ret['ret']);
}
return $ret;
}
