First, what is OAuth
Oauth:oauth (Open Licensing) is an open standard that allows users to authorize third-party websites to access information they store on other service providers without having to provide their usernames and passwords to third-party websites or to share all the content of their data.
QQ Login OAuth2.0: For user-related OPENAPI (such as access to user information, dynamic synchronization, photos, logs, sharing, etc.), in order to protect the security and privacy of user data, third-party web site access to user data before you need to explicitly request authorization from users.
Second, access mode
The website can be accessed in two ways:
(1) Using the SDK package provided by QQ Interconnection, the user experience is unified, only need to modify a small amount of code, do not need to understand the authentication authorization process, need to quickly access QQ login website and mobile app can choose this method.
QQ Interconnect provides Javascript,php,java and other versions of the SDK, see: SDK download
QQ Login JS SDK see: JS SDK Use instructions
(2) according to QQ login OAuth2.0 protocol, self-developed, this method is highly customizable, it needs to integrate with the existing system of the website and mobile applications can choose this method. (We use the second type here)
Third, the access process
QQ Login OAuth2.0 Overall processing process is as follows:
Step1: Apply for access, get AppID and Apikey;
STEP2: Develop the application, and set up the collaborator account to test the joint;
Step3: Place QQ login button;
Step4: Access Token is obtained through user login authentication and authorization ;
Step5: Get the user's OpenID via access token;
Step6: Call Openapi to request access or modify a user-authorized resource.
Iv. Core Code
Qqinfo.json in the app_id, App_secret and jump address, the following code needs to Jackson and HttpClient package, attention to the introduction.
//Page return informationString nickname = "Unkown"; //JSON processing ToolsObjectmapper Objectmapper =NewObjectmapper (); //Request Execution ToolCloseablehttpclient httpclient =Httpclients.createdefault (); //Request Send MessageHttpPost HttpPost; Httpentity reqentity; Closeablehttpresponse responseentity; //request return value processing required temporary variablesBufferedReader Reader; StringBuilder TEMPSB; String Templine; //Processing ResultsMap<string, string>map; Try{Map<string, string> param = Objectmapper.readvalue (NewFile (Request.getservletcontext (). Getrealpath ("/") + "Webfile/qqinfo.json"), Map.class); String Codestr= Request.getparameter ("code"); //if code or JSON information is empty, exit directly if(Codestr! =NULL&& param! =NULL) { //First time RequestHttpPost =NewHttpPost ("Https://graph.qq.com/oauth2.0/token"); Reqentity= Multipartentitybuilder.create (). Addpart ("code",NewStringbody (Codestr, Contenttype.text_plain)). Addpart ("client_id",NewStringbody (Param.get ("qq_id"), Contenttype.text_plain)). Addpart ("Client_secret",NewStringbody (Param.get ("Qq_secret"), Contenttype.text_plain)). Addpart ("Redirect_uri",NewStringbody (Param.get ("Qq_url"), Contenttype.text_plain)). Addpart ("Grant_type",NewStringbody ("Authorization_code", Contenttype.text_plain)). Build (); Httppost.setentity (reqentity); Responseentity=Httpclient.execute (HttpPost); //get token from the return value of the first requestString Accesstoken =NULL; TEMPSB=NewStringBuilder (); Reader=NewBufferedReader (NewInputStreamReader (Responseentity.getentity (). GetContent ())); while((Templine = Reader.readline ())! =NULL) {tempsb.append (templine); } string[] Results= Tempsb.tostring (). Split ("&"); for(String result:results) {string[] tmp= Result.split ("="); if(Tmp.length = = 2 && "Access_token". Equals (tmp[0]) {Accesstoken= Tmp[1]; } } //If token doesn't get a direct exit , if(Accesstoken! =NULL) { //Second RequestHttpPost =NewHttpPost ("Https://graph.qq.com/oauth2.0/me"); Reqentity= Multipartentitybuilder.create (). Addpart ("Access_token",Newstringbody (Accesstoken, Contenttype.text_plain)). Build (); Httppost.setentity (reqentity); Responseentity=Httpclient.execute (HttpPost); //get OpenID from the return value of the second requestTEMPSB =NewStringBuilder (); Reader=NewBufferedReader (NewInputStreamReader (Responseentity.getentity (). GetContent ())); while((Templine = Reader.readline ())! =NULL) {tempsb.append (templine); } Map= Objectmapper.readvalue (tempsb.tostring (). substring (tempsb.tostring (). IndexOf ("{"), tempsb.tostring (). IndexOf (" } ") + 1), Map.class); //If OpenID doesn't get it, exit directly . if(Map.get ("client_id")! =NULL&& map.get ("OpenID")! =NULL) { //request for the third timeHttpPost =NewHttpPost ("Https://graph.qq.com/user/get_user_info"); Reqentity= Multipartentitybuilder.create (). Addpart ("Access_token",NewStringbody (Accesstoken, Contenttype.text_plain)). Addpart ("OpenID",NewStringbody (Map.get ("OpenID"), Contenttype.text_plain)). Addpart ("Oauth_consumer_key",NewStringbody (Map.get ("client_id") , Contenttype.text_plain). Build (); Httppost.setentity (reqentity); Responseentity=Httpclient.execute (HttpPost); //get user information from the return value of the third request (nickname)TEMPSB =NewStringBuilder (); Reader=NewBufferedReader (NewInputStreamReader (Responseentity.getentity (). GetContent ())); while((Templine = Reader.readline ())! =NULL) {tempsb.append (templine); } Map= Objectmapper.readvalue (Tempsb.tostring (), Map.class); Nickname= Map.get ("nickname"); } } } } Catch(Exception e) {e.printstacktrace (); }
<Java> QQ Login OAuth Development Introduction