Qq login apiphp class

Source: Internet
Author: User
Tags hmac oauth
& Lt ;? Php/*** QQ operation class ** $ Author: shunzi $ * $ Id: cls_qq.php171712011-05-3006: 14: 00 Zshunzi $ */classqq_api {var $ appid; var $ appkey; var $ callback; var $ login_t /**
* QQ operations
* $ Author: shunzi $
* $ Id: cls_qq.php 17171 06: 14: 00Z shunzi $
*/
Class qq_api
{
Var $ appid = ";
Var $ appkey = ";
Var $ callback = ";
Var $ login_type = 1;
/**
* Constructor
*
* @ Access public
* @ Param string $ ver version number
*
* @ Return void
*/
Function qq_api ($ appid, $ appkey, $ callback, $ login_type)
{
$ This-> appid = $ appid;
$ This-> appkey = $ appkey;
$ This-> callback = $ callback;
$ This-> login_type = $ login_type;
}
/**
* @ Brief jump to the QQ login page. the request must be URL encoded. the encoding must follow RFC 1738.
*
* @ Param $ appid
* @ Param $ appkey
* @ Param $ callback
*
* @ Return: the returned string format is oauth_token = xxx & openid = xxx & oauth_signature = xxx & timestamp = xxx & oauth_signature code = xxx.
*/
Function redirect_to_login ()
{
// The address of the interface to jump to the QQ logon page. do not change it !!
$ Redirect = "http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize? Oauth_consumer_key = ". $ this-> appid ."&";
// Call the get_request_token API to obtain an unauthorized temporary token.
$ Result = array ();
$ Request_token = $ this-> get_request_token ();
Parse_str ($ request_token, $ result );
// Request token and request token secret need to be saved
// Saved in global variables in demo.
// To prevent session sharing problems caused by multiple subdomains of the website or different servers of the same primary domain
// Ask the developer to modify session. php according to the comments in comm/session. php in this SDK to solve the above two problems,
$ _ SESSION ["token"] = $ result ["oauth_token"];
$ _ SESSION ["secret"] = $ result ["oauth_token_secret"];
// Print_r ($ _ SESSION );
If ($ result ["oauth_token"] = "")
{
// The error is not handled in the sample code. In actual situations, the website must handle the error by itself
Exit;
}
//// Construct the request URL
$ Redirect. = "oauth_token =". $ result ["oauth_token"]. "& oauth_callback =". rawurlencode ($ this-> callback );
Header ("Location: $ redirect ");
}
/**
* @ Brief temporary token of the request. the request must undergo URL encoding. the encoding must follow RFC 1738.
*
* @ Param $ appid
* @ Param $ appkey
*
* @ Return: the returned string format is oauth_token = xxx & oauth_token_secret = xxx.
*/
Function get_request_token ()
{
// Request the interface address of the temporary token. do not change it !!
$ Url = "http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token ?";
// Generate the oauth_signature signature value. For details about how to generate the signature value, see (http://wiki.opensns.qq.com/wiki/?qq=##oooauth_signature)
// (1) construct the source string that generates the signature value (HTTP request method & urlencode (uri) & urlencode (a = x & B = y &...))
$ Sigstr = "GET". "&". rawurlencode ("http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token ")."&";
// Required parameters
$ Params = array ();
$ Params ["oauth_version"] = "1.0 ″;
$ Params ["oauth_signature_method"] = "HMAC-SHA1 ″;
$ Params ["oauth_timestamp"] = time ();
$ Params ["oauth_nonce"] = mt_rand ();
$ Params ["oauth_consumer_key"] = $ this-> appid;
// Serialize parameters in alphabetical ascending order
$ Normalized_str = $ this-> get_normalized_string ($ params );
$ Sigstr. = rawurlencode ($ normalized_str );
// (2) construct the key
$ Key = $ this-> appkey ."&";
// (3) generate the oauth_signature signature value. Make sure that the PHP version supports the hash_hmac function.
$ Signature = $ this-> get_signature ($ sigstr, $ key );
// Construct the request url
$ Url. = $ normalized_str. "&". "oauth_signature =". rawurlencode ($ signature );
// Echo "$ sigstr \ n ";
// Echo "$ url \ n ";
Return file_get_contents ($ url );
}
/*
* @ Brief get user information. the request must be URL encoded. the encoding must follow RFC 1738.
*
* @ Param $ appid
* @ Param $ appkey
* @ Param $ access_token
* @ Param $ access_token_secret
* @ Param $ openid
*
*/
Function get_user_info ($ access_token, $ access_token_secret, $ openid)
{
// Obtain the interface address for user information. do not change it !!
$ Url = "http://openapi.qzone.qq.com/user/get_user_info.pdf ";
$ Info = $ this-> do_get ($ url, $ access_token, $ access_token_secret, $ openid );
$ Arr = array ();
$ Arr = json_decode ($ info, true );
Return $ arr;
}
/**
* @ Brief get access_token. The request must undergo URL encoding, which follows RFC 1738.
*
* @ Param $ appid
* @ Param $ appkey
* @ Param $ request_token
* @ Param $ request_token_secret
* @ Param $ response code
*
* @ Return the returned string format: oauth_token = xxx & oauth_token_secret = xxx & openid = xxx & oauth_signature = xxx & oauth_authorization code = xxx & timestamp = xxx
*/
Function get_access_token ($ request_token, $ request_token_secret, $ response code)
{
// Request the interface address of access_token with the access permission of Qzone. do not change it !!
$ Url = "http://openapi.qzone.qq.com/oauth/qzoneoauth_access_token= ?";
// Generate the oauth_signature signature value. For details about how to generate the signature value, see (http://wiki.opensns.qq.com/wiki/?qq=##oooauth_signature)
// (1) construct the source string that generates the signature value (HTTP request method & urlencode (uri) & urlencode (a = x & B = y &...))
$ Sigstr = "GET". "&". rawurlencode ("http://openapi.qzone.qq.com/oauth/qzoneoauth_access_token ")."&";
// Required parameters. do not change them !!
$ Params = array ();
$ Params ["oauth_version"] = "1.0 ″;
$ Params ["oauth_signature_method"] = "HMAC-SHA1 ″;
$ Params ["oauth_timestamp"] = time ();
$ Params ["oauth_nonce"] = mt_rand ();
$ Params ["oauth_consumer_key"] = $ this-> appid;
$ Params ["oauth_token"] = $ request_token;
$ Params ["oauth_vericode"] = $ your code;
// Serialize parameters in alphabetical ascending order
$ Normalized_str = $ this-> get_normalized_string ($ params );
$ Sigstr. = rawurlencode ($ normalized_str );
// Echo "sigstr = $ sigstr ";
// (2) construct the key
$ Key = $ this-> appkey. "&". $ request_token_secret;
// (3) generate the oauth_signature signature value. Make sure that the PHP version supports the hash_hmac function.
$ Signature = $ this-> get_signature ($ sigstr, $ key );
// Construct the request url
$ Url. = $ normalized_str. "&". "oauth_signature =". rawurlencode ($ signature );
Return file_get_contents ($ url );
}
/**
* @ Brief sort the parameters alphabetically in ascending order.
*
* @ Param $ params parameter list
*
* @ Return sort and use the key-value pair of & link (key1 = value1 & key2 = value2 ...)
*/
Function get_normalized_string ($ params)
{
Ksort ($ params );
$ Normalized = array ();
Foreach ($ params as $ key => $ val)
{
$ Normalized [] = $ key. "=". $ val;
}
Return implode ("&", $ normalized );
}
/**
* @ Brief use the HMAC-SHA1 algorithm to generate the oauth_signature signature value
*
* @ Param $ key
* @ Param $ str Source string
*
* @ Return signature value
*/
Function get_signature ($ str, $ key)
{
$ Signature = "";
If (function_exists ('hash _ hmac '))
{
$ Signature = base64_encode (hash_hmac ("sha1", $ str, $ key, true ));
}
Else
{
$ Blocksize = 64;
$ Hashfunc = 'sha1 ′;
If (strlen ($ key)> $ blocksize)
{
$ Key = pack ('H * ', $ hashfunc ($ key ));
}
$ Key = str_pad ($ key, $ blocksize, chr (0 × 00 ));
$ Ipad = str_repeat (chr (0 × 36), $ blocksize );
$ Opad = str_repeat (chr (0x5c), $ blocksize );
$ Hmac = pack (
'H * ', $ hashfunc (
($ Key ^ $ opad). pack (
'H * ', $ hashfunc (
($ Key ^ $ ipad). $ str
)
)
)
);
$ Signature = base64_encode ($ hmac );
}
Return $ signature;
}
/**
* @ Brief perform URL encoding on the string, following rfc1738 urlencode
*
* @ Param $ params
*
* @ Return URL-encoded string
*/
Function get_urlencode_string ($ params)
{
Ksort ($ params );
$ Normalized = array ();
Foreach ($ params as $ key => $ val)
{
$ Normalized [] = $ key. "=". rawurlencode ($ val );
}
Return implode ("&", $ normalized );
}
/**
* @ Brief check whether the openid is valid
*
* @ Param $ the openid corresponds to the user's QQ number one by one
* @ Param $ timestamp
* @ Param $ sig signature value
*
* @ Return true or false
*/
Function is_valid_openid ($ openid, $ timestamp, $ sig)
{
$ Key = $ this-> appkey;
$ Str = $ openid. $ timestamp;
$ Signature = $ this-> get_signature ($ str, $ key );
// Echo "sig: $ sig \ n ";
// Echo "str: $ str \ n ";
Return $ sig ==$ signature;
}
/**
* @ Brief all Get requests can use this method
*
* @ Param $ url
* @ Param $ appid
* @ Param $ appkey
* @ Param $ access_token
* @ Param $ access_token_secret
* @ Param $ openid
*
* @ Return true or false
*/
Function do_get ($ url, $ access_token, $ access_token_secret, $ openid)
{
$ Sigstr = "GET". "&". rawurlencode ("$ url ")."&";
// Required parameters. do not change them !!
$ Params = $ _ GET;
$ Params ["oauth_version"] = "1.0 ″;
$ Params ["oauth_signature_method"] = "HMAC-SHA1 ″;
$ Params ["oauth_timestamp"] = time ();
$ Params ["oauth_nonce"] = mt_rand ();
$ Params ["oauth_consumer_key"] = $ this-> appid;
$ Params ["oauth_token"] = $ access_token;
$ Params ["openid"] = $ openid;
Unset ($ params ["oauth_signature"]);
// Parameters are serialized in ascending alphabetical order.
$ Normalized_str = $ this-> get_normalized_string ($ params );
$ Sigstr. = rawurlencode ($ normalized_str );
// Signature to ensure that the php version supports the hash_hmac function
$ Key = $ this-> appkey. "&". $ access_token_secret;
$ Signature = $ this-> get_signature ($ sigstr, $ key );
$ Url. = "?". $ Normalized_str. "&". "oauth_signature =". rawurlencode ($ signature );
// Echo "$ url \ n ";
Return file_get_contents ($ url );
}
/**
* @ Brief all multi-part post requests can use this method
*
* @ Param $ url
* @ Param $ appid
* @ Param $ appkey
* @ Param $ access_token
* @ Param $ access_token_secret
* @ Param $ openid
*
*/
Function do_multi_post ($ url, $ appid, $ appkey, $ access_token, $ access_token_secret, $ openid)
{
// Construct the signature string. source string: method [GET | POST] & uri & parameters are sorted alphabetically in ascending order
$ Sigstr = "POST". "&". "$ url "."&";
// Required parameters. do not change them !!
$ Params =$ _ POST;
$ Params ["oauth_version"] = "1.0 ″;
$ Params ["oauth_signature_method"] = "HMAC-SHA1 ″;
$ Params ["oauth_timestamp"] = time ();
$ Params ["oauth_nonce"] = mt_rand ();
$ Params ["oauth_consumer_key"] = $ appid;
$ Params ["oauth_token"] = $ access_token;
$ Params ["openid"] = $ openid;
Unset ($ params ["oauth_signature"]);
// Obtain the uploaded image information
Foreach ($ _ FILES as $ filename => $ filevalue)
{
If ($ filevalue ["error"]! = UPLOAD_ERR_ OK)
{
// Echo "upload file error $ filevalue ['error'] \ n ";
// Exit;
}
$ Params [$ filename] = file_get_contents ($ filevalue ["tmp_name"]);
}
// Serialize parameters in alphabetical ascending order
$ Sigstr. = $ this-> get_normalized_string ($ params );
// Signature. make sure that the php version supports the hash_hmac function.
$ Key = $ appkey. "&". $ access_token_secret;
$ Signature = $ this-> get_signature ($ sigstr, $ key );
$ Params ["oauth_signature"] = $ signature;
// Process uploaded images
Foreach ($ _ FILES as $ filename => $ filevalue)
{
$ Tmpfile = dirname ($ filevalue ["tmp_name"]). "/". $ filevalue ["name"];
Move_uploaded_file ($ filevalue ["tmp_name"], $ tmpfile );
$ Params [$ filename] = "@ $ tmpfile ";
}
/*
Echo "len:". strlen ($ sigstr). "\ n ";
Echo "sig: $ sigstr \ n ";
Echo "key: $ appkey & \ n ";
*/
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, TRUE );
Curl_setopt ($ ch, CURLOPT_POST, TRUE );
Curl_setopt ($ ch, CURLOPT_POSTFIELDS, $ params );
Curl_setopt ($ ch, CURLOPT_URL, $ url );
$ Ret = curl_exec ($ ch );
// $ Httpinfo = curl_getinfo ($ ch );
// Print_r ($ httpinfo );
Curl_close ($ ch );
// Delete the uploaded temporary file
Unlink ($ tmpfile );
Return $ ret;
}
/**
* @ Brief all post requests can use this method
*
* @ Param $ url
* @ Param $ appid
* @ Param $ appkey
* @ Param $ access_token
* @ Param $ access_token_secret
* @ Param $ openid
*
*/
Function do_post ($ url, $ appid, $ appkey, $ access_token, $ access_token_secret, $ openid)
{
// Construct the signature string. source string: method [GET | POST] & uri & parameters are sorted alphabetically in ascending order
$ Sigstr = "POST". "&". rawurlencode ($ url )."&";
// Required parameters. do not change them !!
$ Params =$ _ POST;
$ Params ["oauth_version"] = "1.0 ″;
$ Params ["oauth_signature_method"] = "HMAC-SHA1 ″;
$ Params ["oauth_timestamp"] = time ();
$ Params ["oauth_nonce"] = mt_rand ();
$ Params ["oauth_consumer_key"] = $ appid;
$ Params ["oauth_token"] = $ access_token;
$ Params ["openid"] = $ openid;
Unset ($ params ["oauth_signature"]);
// Serialize parameters in alphabetical ascending order
$ Sigstr. = rawurlencode ($ this-> get_normalized_string ($ params ));
// Signature. make sure that the php version supports the hash_hmac function.
$ Key = $ appkey. "&". $ access_token_secret;
$ Signature = $ this-> get_signature ($ sigstr, $ key );
$ Params ["oauth_signature"] = $ signature;
$ Postdata = $ this-> get_urlencode_string ($ params );
// Echo "$ sigstr ****** \ n ";
// Echo "$ postdata \ n ";
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, TRUE );
Curl_setopt ($ ch, CURLOPT_POST, TRUE );
Curl_setopt ($ ch, CURLOPT_POSTFIELDS, $ postdata );
Curl_setopt ($ ch, CURLOPT_URL, $ url );
$ Ret = curl_exec ($ ch );
Curl_close ($ ch );
Return $ ret;
}
}
?>
Currently, only the logon function is available. you can continue to update the method in later projects.

From the PHP website construction of Shunzi network

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.