Analysis on web page authorization of WeChat official account OAuth2.0 and oauth2.0

Analysis on public account OAuth2.0 webpage authorization and oauth2.0

According to the requirements, What I completed today is the webpage authorization and some basic information of the user.

1. Modify basic webpage authorization information. Open the public platform.

Enter the URL of the page to be authorized.

Bytes

And then operate on it in his controller.

1) The first thing to share is that the authorized webpage link should be correctly written.

Then url:

Https://open.weixin.qq.com/connect/oauth2/authorize? Appid = wx444444444444 & redirect_uri = http://www.erdangjiade.com/Admin/Wx/ceshi.html&response_type=code&scope=snsapi_userinfo&state=1#wechat_redirect

2) use code to get access_token

I directly operate on the webpage (that is, the authorized controller) That I tested.

Code:

$code=$_GET['code'];dump($code);$url="https://api.weixin.qq.com/sns/oauth2/access_token?appid=wxd1caae7&secret=0a72c866233ab4cf6f1ad6d&code=".$code."&grant_type=authorization_code";//var_dump($url);$resInfo = https_request($url,true);$userLists=json_decode($resInfo,true);dump($userLists);

Here we can promise to write $ userLists

Then, if it is correct, you can get the access_token. Because of the timeliness of the access_token, you can replace the access_token with the refresh_token. Because I don't think it is necessary, I didn't write that step.

If there is something wrong with the exchange, it will show{"errcode":40029,"errmsg":"invalid code"}

3) Use openid and access_token to obtain the user's profile nickname and other basic information.

Code:

$access_token=$userLists['access_token'];$openid=$userLists['openid'];$userClick=M('maiclub_userclick');if($userClick->where("openid = '{$openid}'")->find()){//echo 1111;}else{$urlInfo="https://api.weixin.qq.com/sns/userinfo?access_token=".$access_token."&openid=".$openid;$resltInfo=https_request($urlInfo,true);$userInfo=json_decode($resltInfo,true);$userClick->add($userInfo);}dump($userInfo);// dump($access_token);$this->display();

dump($userInfo);You can print the basic information of the user, and then you only need to input the database.

There is another problem here, that is, a function https_request used here.

Source code in function:

function https_request($url, $data = null){$curl = curl_init();curl_setopt($curl, CURLOPT_URL, $url);curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE);if (!empty($data)){curl_setopt($curl, CURLOPT_POST, 1);curl_setopt($curl, CURLOPT_POSTFIELDS, $data);}curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);$output = curl_exec($curl);curl_close($curl);return $output;}

In this case, there should be no problem, that is, all the content authorized.

The above is an analysis of the public account OAuth2.0 web page authorization introduced by the small editor. I hope it will help you. If you have any questions, please leave a message for me. The small editor will reply to you in time. Thank you very much for your support for the help House website!