/** * QQ 登陆 */ public function get($f3) { $callback = RouteHelper::makeUrl('/Thirdpart/QQAuth/Callback', null, false, true); $qqLoginState = md5(uniqid(rand(), true)); // 防止 csrf 攻击 $f3->set('SESSION[qq_login_state]', $qqLoginState); $loginUrl = "https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=" . QQAuthPlugin::getOptionValue('qqauth_appid') . "&redirect_uri=" . urlencode($callback) . "&state=" . $qqLoginState . "&scope=get_user_info"; header("Location:{$loginUrl}"); }
public function post($f3) { // 权限检查 $this->requirePrivilege('manage_plugin_plugin_configure'); global $smarty; // 参数验证 $validator = new Validator($f3->get('POST')); $qqauth_appid = $validator->required()->validate('qqauth_appid'); $qqauth_appkey = $validator->required()->validate('qqauth_appkey'); if (!$this->validate($validator)) { goto out_display; } // 保存设置 QQAuthPlugin::saveOptionValue('qqauth_appid', $qqauth_appid); QQAuthPlugin::saveOptionValue('qqauth_appkey', $qqauth_appkey); $this->addFlashMessage('保存设置成功'); out_display: $smarty->display('qqauth_configure.tpl', 'post'); }
/** * QQ 登陆 */ public function get($f3) { global $logger; global $smarty; // 验证 state 参数,防止 csrf 攻击 if ($_REQUEST['state'] != $f3->get('SESSION[qq_login_state]')) { $errorMessage = 'qq login state doest not match, GET[' . $f3->get('GET[state]') . '] SESSION[' . $f3->get('SESSION[qq_login_state]') . ']'; $logger->addLogInfo(\Core\Log\Base::NOTICE, 'QQLOGIN', $errorMessage); goto out; } // 获取 access_token $callback = RouteHelper::makeUrl('/Thirdpart/QQAuth/Callback', null, false, true); $tokenUrl = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&" . "client_id=" . QQAuthPlugin::getOptionValue('qqauth_appid') . "&redirect_uri=" . urlencode($callback) . "&client_secret=" . QQAuthPlugin::getOptionValue('qqauth_appkey') . "&code=" . $_REQUEST["code"]; $response = $this->get_url_contents($tokenUrl); if (strpos($response, "callback") !== false) { $lpos = strpos($response, "("); $rpos = strrpos($response, ")"); $response = substr($response, $lpos + 1, $rpos - $lpos - 1); $msg = json_decode($response); if (isset($msg->error)) { $errorMessage = 'error [' . $msg->error . '] msg [' . $msg->error_description . ']'; $logger->addLogInfo(\Core\Log\Base::NOTICE, 'QQLOGIN', $errorMessage); goto out; } } $params = array(); parse_str($response, $params); $logger->addLogInfo(\Core\Log\Base::DEBUG, 'QQLOGIN', print_r($params, true)); $accessToken = $params["access_token"]; // 取得 OpenID $graphUrl = "https://graph.qq.com/oauth2.0/me?access_token=" . $accessToken; $response = $this->get_url_contents($graphUrl); if (strpos($response, "callback") !== false) { $lpos = strpos($response, "("); $rpos = strrpos($response, ")"); $response = substr($response, $lpos + 1, $rpos - $lpos - 1); } $user = json_decode($response); if (isset($user->error)) { $errorMessage = 'error [' . $msg->error . '] msg [' . $msg->error_description . ']'; goto out; } $openId = $user->openid; // 取得 userInfo $get_user_info = "https://graph.qq.com/user/get_user_info?" . "access_token=" . $accessToken . "&oauth_consumer_key=" . QQAuthPlugin::getOptionValue('qqauth_appid') . "&openid=" . $openId . "&format=json"; $response = $this->get_url_contents($get_user_info); $qqUserInfo = json_decode($response, true); $sns_login = "******"; // 用户登陆操作 $userBasicService = new UserBasicService(); $authUser = $userBasicService->doAuthSnsUser($sns_login, null, null, false); if ($authUser) { goto out_login_user; } // 之前没有登陆过,自动注册用户 $authUser = $userBasicService->doAuthSnsUser($sns_login, $openId . '@qq.com', $openId . '@qq.com', true); $logger->addLogInfo(\Core\Log\Base::INFO, 'QQLOGIN', '注册QQ用户:' . print_r($qqUserInfo, true)); out_login_user: AuthHelper::saveAuthUser($authUser->toArray(), 'qqlogin'); // 设置用户名在网页显示 ClientData::saveClientData(\Controller\User\Login::$clientDataIsUserLoginKey, true); ClientData::saveClientData(\Controller\User\Login::$clientDataUserNameDisplayKey, 'QQ用户:' . $qqUserInfo['nickname']); out: // 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页 RouteHelper::jumpBack($this, '/', true); }
public function doUpdate($currentVersion) { // 简单的把版本设置为 1.0.0 就算完成升级了 QQAuthPlugin::saveOptionValue('version', $this->targetVersion); return true; }