/** * 控制器执行主逻辑函数 */ public function invoke($uri = null) { // 调用父类初始化函数,注册自定义的异常和错误处理逻辑 parent::init(); $path = explode('?', $uri); $parts = array_slice(explode('/', $path[0]), 2); if ($parts[0] === "authorize") { $oauth = new PDOOAuth2(); if ($_POST) { $oauth->finishClientAuthorization($_POST["accept"] == "Yep", $_POST); } $auth_params = $oauth->getAuthorizeParams(); $inputs = ""; foreach ($auth_params as $k => $v) { $inputs = $inputs . '<input type="hidden" name="' . $k . '" value="' . $v . '" />'; } $content = '<html>' . '<head>Authorize</head>' . '<body>' . '<form method="post" action="http://web.miniyun.cn/miniyun_oauth2/api.php/1/oauth2/authorize">' . $inputs . 'Do you authorize the app to do its thing?' . '<p>' . ' <input type="submit" name="accept" value="Yep" />' . '<input type="submit" name="accept" value="Nope" />' . ' </p>' . '</form>' . '</body>' . ' </html>'; echo $content; } elseif ($parts[0] === "token") { $oauth = new PDOOAuth2(); $token = $oauth->grantAccessToken(); #添加登陆日志 $deviceId = $oauth->getVariable("device_id"); MiniLog::getInstance()->createLogin($deviceId); #返回site_id,便于与cloud.miniyun.cn通信 $token["site_id"] = MiniSiteUtils::getSiteID(); echo json_encode($token); } }
/** * * oauth2.0的验证 */ public function oauth2Judge() { $oauth = new PDOOAuth2(); $token = $oauth->verifyAccessToken(); if ($token) { $user = MUserManager::getInstance()->getUserOauth2($token["device_id"]); //获取用户的信息 if ($user === NULL) { $oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_DISABLED, NULL, OAUTH2_HTTP_DISABLED, 'This user has been disabled.', NULL, NULL); return false; } $user["appId"] = $token["appId"]; //修改了User的appId值 MUserManager::getInstance()->setCurrentUser($user); if (!$user["user_status"]) { $oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_DISABLED, NULL, SYSTEM_ERROR_USER_DISABLED, 'This user has been disabled.', NULL, NULL); } } }
/** * oauth2.0的验证 */ private function oauth2() { $oauth = new PDOOAuth2(); $token = $oauth->verifyAccessToken(); if ($token) { $user = MUserManager::getInstance()->getUserOauth2($token["device_id"]); // 获取用户的信息 if ($user === NULL) { $oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_FORBIDDEN, NULL, SYSTEM_ERROR_USER_DISABLED, 'This user has been disabled.', NULL, NULL); return false; } $user["appId"] = $token["appId"]; MUserManager::getInstance()->setCurrentUser($user); if (!$user["user_status"]) { $oauth->errorWWWAuthenticateResponseHeader(OAUTH2_HTTP_FORBIDDEN, NULL, SYSTEM_ERROR_USER_DISABLED, 'This user has been disabled.', NULL, NULL); } } else { throw new CException("Unauthorized", 401); } return true; }
/** * This is a callback for authorized token * @method requesting authorize_token * If the device has been approved, we can read the authorize_token necessarily * Callback: * [offiria]/index.php/component/oauth/?view=oauth&task=authenticate&response_type=code&client_id=[clientId]&client_secret=[clientSecret] * * @method requesting access_token with authorize token * If the device have the authorize_token, exchange for access_token to use access * Callback: * [offiria]/index.php/component/oauth/?view=oauth&task=authenticate&grant_type=authorization_code&client_id=[clientId]&client_secret=[clientSecret]&code=[code] * * @method requesting access_token with password (skipping authorization) * Callback: * [offiria]/index.php/component/oauth/?view=oauth&task=authenticate&grant_type=password &client_id=[clientId]&client_secret=[clientSecret]&username=[username]&pass=[pass]&redirect_uri=[redirect_uri] */ public function authenticate() { $oauth = new PDOOAuth2(); $responseType = JRequest::getVar('response_type'); $clientId = JRequest::getVar('client_id'); $clientSecret = JRequest::getVar('client_secret'); $table = JTable::getInstance('Token', 'OAuthTable'); if ($responseType == 'code') { header("Content-Type: application/json"); header("Cache-Control: no-store"); $code = $table->getParam('code', array('client_id' => $clientId, 'client_secret' => $clientSecret)); echo json_encode(array('code' => $code)); exit; break; } else { switch (JRequest::getVar('grant_type')) { case 'password': $app = JFactory::getApplication(); // Get the log in credentials. $credentials = array(); $credentials['username'] = JRequest::getVar('username'); $credentials['password'] = JRequest::getVar('pass'); // Get the log in options. $options = array(); $options['remember'] = false; $options['return'] = ''; header("Content-Type: application/json"); header("Cache-Control: no-store"); // error handler if (!JRequest::getVar('redirect_uri')) { echo json_encode(array('error' => 'invalid_redirect_uri')); exit; } // Perform the log in. if (true === $app->login($credentials, $options)) { // Success $url = JRoute::_('/index.php/component/profile/?view=edit&task=applications&client_id=' . JRequest::getVar('client_id') . '&client_secret=' . JRequest::getVar('client_secret') . '&redirect_uri=' . JRequest::getVar('redirect_uri') . '&silent=true'); $mainframe = JFactory::getApplication(); $mainframe->redirect($url); } break; default: $oauth->grantAccessToken(); } exit; } exit; }
<?php /** * @file * Sample token endpoint. * * Obviously not production-ready code, just simple and to the point. * * In reality, you'd probably use a nifty framework to handle most of the crud for you. */ require "lib/PDOOAuth2.php"; $oauth = new PDOOAuth2(); $oauth->grantAccessToken();
<?php /** * @file * Sample client add script. * * Obviously not production-ready code, just simple and to the point. */ include "lib/PDOOAuth2.inc"; if ($_POST && isset($_POST["client_id"]) && isset($_POST["client_secret"]) && isset($_POST["redirect_uri"])) { $oauth = new PDOOAuth2(); $oauth->addClient($_POST["client_id"], $_POST["client_secret"], $_POST["redirect_uri"]); } ?> <!DOCTYPE html> <!-- saved from url=(0032)http://connect.qq.com/manage/reg --> <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta http-equiv="X-UA-Compatible" content="edge"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <script async="" src="addclient/analytics.js"></script><script type="text/javascript"> var _speedMark = new Date(); </script> <meta name="robots" content="all"> <meta name="Description" content="QQ互联是腾讯旗下的开放平台,通过QQ互联,网站主或开发者可以申请接入QQ登录,获取登录用户基本资料,用户使用QQ账号登录接入的站点或应用app,通过分享功能,将站点内容分享到QQ、手机QQ、QQ空间、微博等平台,也可获取QQ会员信息、相册、日志、财付通等API授权"><meta name="Keywords" content="QQ互联、管理中心、腾讯互联、QQ登录、QQ登陆、QQ分享、开放平台、appid、API管理、信息编辑、数据统计"><title>管理中心--QQ互联</title> <link media="all" rel="stylesheet" href="addclient/common.css" type="text/css"> <!--[if lt IE 9]> <script type="text/javascript"> document.createElement("header");
<?php /** * @file * Sample protected resource. * * Obviously not production-ready code, just simple and to the point. * * In reality, you'd probably use a nifty framework to handle most of the crud for you. */ require "lib/PDOOAuth2.php"; $oauth = new PDOOAuth2(); $oauth->verifyAccessToken(); // With a particular scope, you'd do: $oauth->verifyAccessToken("test_state"); ?> <html> <head> <title>Hello!</title> </head> <body> <p>This is a secret.</p> </body> </html>
<?php /** * @file * Sample authorize endpoint. * * Obviously not production-ready code, just simple and to the point. * * In reality, you'd probably use a nifty framework to handle most of the crud for you. */ require "lib/PDOOAuth2.php"; $oauth = new PDOOAuth2(); if ($_POST) { $oauth->finishClientAuthorization($_POST["accept"] == "Yep", $_POST); } $auth_params = $oauth->getAuthorizeParams(); ?> <html> <head>Authorize</head> <body> <form method="post" action="authorize.php"> <?php foreach ($auth_params as $k => $v) { ?> <input type="hidden" name="<?php echo $k ?>" value="<?php echo $v ?>" /> <?php } ?> Do you authorize the app to do its thing? <p>
<?php /** * @file * Sample protected resource. * * Obviously not production-ready code, just simple and to the point. * * In reality, you'd probably use a nifty framework to handle most of the crud for you. */ require "lib/PDOOAuth2.inc"; $oauth = new PDOOAuth2(); $oauth->verifyAccessToken(); // With a particular scope, you'd do: // $oauth->verifyAccessToken("scope_name"); ?> <html> <head> <title>Hello!</title> </head> <body> <p>This is a secret.</p> </body> </html>
/** * 用户登录 * @return array|bool * @throws */ public function oauth2() { $isExtend = apply_filters("license_expired"); if ($isExtend === 1) { $userName = MiniHttp::getParam("username", ""); if ($userName !== "admin") { throw new MiniException(440); } } $oauth = new PDOOAuth2(); $token = $oauth->grantAccessToken(); #添加登陆日志 $deviceId = $oauth->getVariable("device_id"); MiniLog::getInstance()->createLogin($deviceId); #返回site_id,便于与cloud.miniyun.cn通信 $token["site_id"] = MiniSiteUtils::getSiteID(); return $token; }
<?php /** * @file * Sample token endpoint. * * Obviously not production-ready code, just simple and to the point. * * In reality, you'd probably use a nifty framework to handle most of the crud for you. */ session_start(); require "lib/PDOOAuth2.inc"; $oauth = new PDOOAuth2(); $actoken = $oauth->grantAccessToken(); $host = 'localhost'; $username = '******'; $password = '******'; $database = 'mydb'; $dbc = mysqli_connect($host, $username, $password, $database); if (!$dbc) { die('Could not connect: ' . mysql_error()); } $token = $actoken['access_token']; $uid = $_POST['uid']; $query = "INSERT INTO tokenuid VALUES ('{$token}','{$uid}')"; mysqli_query($dbc, $query) or die("Error!!"); mysqli_close($dbc);
public function applications() { JRequest::setVar('view', 'applications'); $mainframe = JFactory::getApplication(); $apps = new Applications(); // this is for auto installation method $redirectUri = JRequest::getVar('redirect_uri'); $clientId = JRequest::getVar('client_id'); $clientSecret = JRequest::getVar('client_secret'); $deviceId = JRequest::getVar('deviceId'); // if this is a request for grant/revoke if ($_POST && $deviceId) { switch (JRequest::getVar('deviceAction')) { case 'grant': $apps->grantAccess($deviceId); break; case 'revoke': $apps->revokeAccess($deviceId); break; } } else { if ($clientId && $clientSecret && $redirectUri) { header("Content-Type: application/json"); header("Cache-Control: no-store"); JRequest::setVar('installing', true); if ($_POST || JRequest::getVar('silent')) { $model = OauthFactory::getModel('Application'); // use library for the OAuth to standardize require_once JPATH_ROOT . DS . 'components' . DS . 'com_oauth' . DS . 'libraries' . DS . 'PDOOAuth2.inc'; $oauth = new PDOOAuth2(); if ($oauth->addClient($clientId, $clientSecret, $redirectUri)) { $authData = array('client_id' => $clientId, 'response_type' => 'code', 'redirect_uri' => $redirectUri); $oauth->finishClientAuthorization(true, $authData); /* if this is a silent request, give a silent feedback */ if (JRequest::getVar('silent')) { echo json_encode(array('success' => 'true')); exit; } JRequest::setVar('authorize', true); JRequest::setVar('appName', $clientId); $mainframe->enqueueMessage(JText::_('COM_OAUTH_LABEL_APPLICATION_INSTALL')); } else { if (JRequest::getVar('silent')) { echo json_encode(array('success' => false, 'error' => JText::_('COM_OAUTH_LABEL_FAILED_TO_REGISTER'))); exit; } $mainframe->enqueueMessage(JText::_('COM_OAUTH_LABEL_FAILED_TO_REGISTER'), 'Error'); } } } } parent::display(); }