/**
* QQ 登陆
*/
public function get($f3)
{
$callback = RouteHelper::makeUrl('/Thirdpart/QQAuth/Callback', null, false, true);
$qqLoginState = md5(uniqid(rand(), true));
// 防止 csrf 攻击
$f3->set('SESSION[qq_login_state]', $qqLoginState);
$loginUrl = "https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=" . QQAuthPlugin::getOptionValue('qqauth_appid') . "&redirect_uri=" . urlencode($callback) . "&state=" . $qqLoginState . "&scope=get_user_info";
header("Location:{$loginUrl}");
}
public function post($f3)
{
// 权限检查
$this->requirePrivilege('manage_plugin_plugin_configure');
global $smarty;
// 参数验证
$validator = new Validator($f3->get('POST'));
$qqauth_appid = $validator->required()->validate('qqauth_appid');
$qqauth_appkey = $validator->required()->validate('qqauth_appkey');
if (!$this->validate($validator)) {
goto out_display;
}
// 保存设置
QQAuthPlugin::saveOptionValue('qqauth_appid', $qqauth_appid);
QQAuthPlugin::saveOptionValue('qqauth_appkey', $qqauth_appkey);
$this->addFlashMessage('保存设置成功');
out_display:
$smarty->display('qqauth_configure.tpl', 'post');
}
/**
* QQ 登陆
*/
public function get($f3)
{
global $logger;
global $smarty;
// 验证 state 参数,防止 csrf 攻击
if ($_REQUEST['state'] != $f3->get('SESSION[qq_login_state]')) {
$errorMessage = 'qq login state doest not match, GET[' . $f3->get('GET[state]') . '] SESSION[' . $f3->get('SESSION[qq_login_state]') . ']';
$logger->addLogInfo(\Core\Log\Base::NOTICE, 'QQLOGIN', $errorMessage);
goto out;
}
// 获取 access_token
$callback = RouteHelper::makeUrl('/Thirdpart/QQAuth/Callback', null, false, true);
$tokenUrl = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&" . "client_id=" . QQAuthPlugin::getOptionValue('qqauth_appid') . "&redirect_uri=" . urlencode($callback) . "&client_secret=" . QQAuthPlugin::getOptionValue('qqauth_appkey') . "&code=" . $_REQUEST["code"];
$response = $this->get_url_contents($tokenUrl);
if (strpos($response, "callback") !== false) {
$lpos = strpos($response, "(");
$rpos = strrpos($response, ")");
$response = substr($response, $lpos + 1, $rpos - $lpos - 1);
$msg = json_decode($response);
if (isset($msg->error)) {
$errorMessage = 'error [' . $msg->error . '] msg [' . $msg->error_description . ']';
$logger->addLogInfo(\Core\Log\Base::NOTICE, 'QQLOGIN', $errorMessage);
goto out;
}
}
$params = array();
parse_str($response, $params);
$logger->addLogInfo(\Core\Log\Base::DEBUG, 'QQLOGIN', print_r($params, true));
$accessToken = $params["access_token"];
// 取得 OpenID
$graphUrl = "https://graph.qq.com/oauth2.0/me?access_token=" . $accessToken;
$response = $this->get_url_contents($graphUrl);
if (strpos($response, "callback") !== false) {
$lpos = strpos($response, "(");
$rpos = strrpos($response, ")");
$response = substr($response, $lpos + 1, $rpos - $lpos - 1);
}
$user = json_decode($response);
if (isset($user->error)) {
$errorMessage = 'error [' . $msg->error . '] msg [' . $msg->error_description . ']';
goto out;
}
$openId = $user->openid;
// 取得 userInfo
$get_user_info = "https://graph.qq.com/user/get_user_info?" . "access_token=" . $accessToken . "&oauth_consumer_key=" . QQAuthPlugin::getOptionValue('qqauth_appid') . "&openid=" . $openId . "&format=json";
$response = $this->get_url_contents($get_user_info);
$qqUserInfo = json_decode($response, true);
$sns_login = "******";
// 用户登陆操作
$userBasicService = new UserBasicService();
$authUser = $userBasicService->doAuthSnsUser($sns_login, null, null, false);
if ($authUser) {
goto out_login_user;
}
// 之前没有登陆过,自动注册用户
$authUser = $userBasicService->doAuthSnsUser($sns_login, $openId . '@qq.com', $openId . '@qq.com', true);
$logger->addLogInfo(\Core\Log\Base::INFO, 'QQLOGIN', '注册QQ用户:' . print_r($qqUserInfo, true));
out_login_user:
AuthHelper::saveAuthUser($authUser->toArray(), 'qqlogin');
// 设置用户名在网页显示
ClientData::saveClientData(\Controller\User\Login::$clientDataIsUserLoginKey, true);
ClientData::saveClientData(\Controller\User\Login::$clientDataUserNameDisplayKey, 'QQ用户:' . $qqUserInfo['nickname']);
out:
// 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页
RouteHelper::jumpBack($this, '/', true);
}
public function doUpdate($currentVersion)
{
// 简单的把版本设置为 1.0.0 就算完成升级了
QQAuthPlugin::saveOptionValue('version', $this->targetVersion);
return true;
}
