WeChat OAuth2.0 webpage authorization interface and oauth2.0 authorization Interface

OAuth2.0 webpage authorization interface and oauth2.0 authorization Interface
OAuth2.0 webpage authorization Interface

The thinkphp implementation version of OAuth2.0 web page authorization interface mainly implements oauth web page authorization and some other interfaces.
Usage

Why is OAuth2.0 used for authorization?

The authorized webpage of OAuth2.0 can obtain the information of the opens, and even useful data such as nicknames and portraits. developers can design more and more page applications based on this, for example, the recent popular red packet activity. In addition, there is an additional benefit, that is, the page can be controlled and cannot be opened in a non-browser, which can reduce the risk of code being snooped.

How do I use the OAuth2.0 authorization interface for red packet activities?

1. first, the user opens the page connection (php page). After receiving the request, php redirects the page to the OAuth2.0 authorization page and redirects the page back to the php server after obtaining the authorization; this jump contains various user information. The php server records the information and returns the page that the user sees.
2. the user then forwards the page and carries his/her own identification parameters in the forwarded connection. When a friend clicks the shared connection, the following steps are repeated, when the php server finds that the user data returned from the data authorized by OAuth2.0 is inconsistent with the user data of the sharer corresponding to the identity parameter, it can be determined that a friend has opened the sharing page, add a red envelope to the user.

Usage

AuthAction. class. php ---- authentication base class
IndexAction. class. php --- test class
Index/Conf/config. php --- set

Appid of the wx_appID public account
Wx_appsecret of the Public Account
The Token of the weixin_token public account interface configuration information.
Wx_webauth_callback_url default page to jump to after OAuth2.0 authorization
Wx_webauth_expire OAuth2.0 authorization Token expiration time default 6500

After configuring config. php, set it in the public account backgroundindex.php/Index/wechatInitAuthFor API authentication, the system prompts "configuration successful" before use.
The application for public account testing and specific test steps are shown below.

Test

IndexAction. class. php --- test class

Apply for test public account

Provides a public account for testing. This account can only add 100 followers and only users who have been concerned can perform OAuth2.0 authorization.
Click here to activate the test account

1. After activatingappID,appsecret,TokenEnterindex/Conf/config.php. Then, change the URL in the interface configuration information to the php server and locate the addressindex.php/Index/wechatInitAuthPerform API authentication until "configuration successful" is displayed ".

2. click Modify in 'experience interface permission table -- OAuth2.0 webpage authorization (only authorized by the attacker) 'and change the authorization callback page domain name to the php server address. Until 'security monitoring passed 'appears '.

After configuring the test number, open it inHttp: // project directory/index. php(Example:http://121.40.135.90/weixin_auth/index.phpThe authorization data in the session is printed on the page, indicating that the test authorization is successful.

Code structure

Initialization function in AuthAction_initializeOAuth2.0 authorization is carried out, and all AuthAction-based controllers will carry out the authorization process (except the API authentication process wechatInitAuth ).
If a user opens this controller page multiple times within the authorization expiration time, no authorization is performed for multiple times because the authorization information is recorded in the session to avoid repeated authorization and slow access. Authorization expiration time inindex/Conf/config.phpMediumwx_webauth_expireIt is recommended that the expiration time not be greater than 7200 seconds.
Note:

• Authorization of OAuth2.0 is divided into snsapi_base (without the pop-up authorization page, Jump directly, only get the user's openid), snsapi_userinfo (the pop-up authorization page, you can get the nickname, gender, location through openid. In addition, the user can obtain the information even if the user is not concerned.), AuthAction. class. the default value of php is snsapi_base, and only the basic data in snsapi_base is recorded in the session. Modify snsapi_userinfo as needed.
• For specific implementation methods, see code comments.
  

Github address

For more tutorials, visit: ued. sexy
Weibo @ UED Tianji.