Oau22certification and Sina Weibo Open Platform Application

I. oauth2.0 Overview

Most API accesses, such as posting Weibo posts and obtaining private messages, require user identities, currently, the Sina Weibo open platform provides oauth2.0 and basic auth for user identity authentication (only used for debugging interfaces of application developers). The new interfaces only support these two methods. Compared with 1.0, oauth2.0 is simpler and safer than the entire authorization verification process. It is also the most important way to authenticate and authorize users in the future. For oauth2.0 protocol authorization process, view oauth2.0 authorization process. The client refers to a third-party application, the resource owner refers to the user, the authorization server is our authorization server, and the resource server is the API server.

Http://blog.unvs.cn/archives/oauth-qq2.0-developer.html and Sina Weibo Open Platform and Sina Weibo codeproject open source project

Developers can first browse the oauth2.0 interface documentation, familiarize themselves with the meanings of oau2's interfaces and parameters, and then explain how to use oauth2.0.

Oau2's interface document

Interface	Description
Oau22/authorize	Request the user to authorize the token
Oau22./access_token	Obtain authorized access token
Oau22/get_token_info	Authorization information query interface
Oau22/revokeoau2	Authorization revocation Interface
Oauth1/get_oauth2_token	Change the access token of oauth1.0 to the access token of oauth2.0.

 

Ii. oauth2.0 Sina authorization page

1. First, you need to obtain the appkey and appsecret. This method can be obtained from the Sina Weibo beginner's guide step by step. The default callback address is https://api.weibo.com/oauth2/default.html. the Website access method is used. Below is the C # sample source code (console application ):

01. using system; 02. using system. collections. generic; 03. using system. LINQ; 04. using system. text; 05. using netdimension. weibo; 06. using system. net; 07. 08. namespace sinaweibotestapp 09. {10. class Program 11. {12. 13. static void main (string [] ARGs) 14. {15. 16. string appkey = "124543453288"; 17. string appsecret = "3a456c5332fd2cb1178338fccb9fa51c"; 18. // string callback = "http: // 127.0.0.1: 317 0/website2/default. aspx "; 19. string callback = "https://api.weibo.com/oauth2/default.html"; 20. vaR oauth = new netdimension. weibo. oauth (appkey, appsecret, callback); 21. 22. //// simulate logon 23. // string username = "[email protected]"; 24. // string Password = "xxxxxxx"; 25. // oauth. clientlogin (username, password); // under simulated logon, you can change it to standard Logon. 26. 27. // standard Logon 28. vaR authurl = oauth. getauthorizeurl (); 29. // string redirecturl; 30. // httpwebrequest request = (httpwebrequest) httpwebrequest. create (authurl); 31. // request. referer = authurl; 32. // request. allowautoredirect = false; 33. // using (webresponse response = request. getresponse () 34. // {35. // redirecturl = response. headers ["location"]; 36. // redirecturl = response. responseuri. ABS Olutepath; 37. //} 38. system. diagnostics. process. start (authurl); 39. console. writeline ("Enter the code parameter in the browser address:"); 40. vaR code = console. readline (); 41. vaR accesstoken = oauth. getaccesstokenbyauthorizationcode (CODE); 42. if (! String. isnullorempty (accesstoken. token) 43. {44. vaR Sina = new netdimension. weibo. client (oauth); 45. vaR uid = sina. API. dynamic. account. getuid (); // call API to obtain uid 46. console. writeline (UID); 47 .} 48. 49. vaR Sina = new client (oauth); 50. console. writeline ("starts sending asynchronous requests... "); 51. 52. // Example 1: Obtain the user id 53 asynchronously. // The demo running environment is. net 4.0. The method shown below is effective in environments of Version 2.0 and later. Lambda expressions can be used to simplify the way delegate is written. See the following example. 54. sina. asyncinvoke <string> (55. // write the relevant logic for calling the API in the first proxy 56. delegate () 57. {58. console. writeline ("send a request to get the user ID... "); 59. system. threading. thread. sleep (8000); // wait 8 seconds 60. return Sina. API. entity. account. getuid (); 61 .}, 62. // The second proxy is the callback function. After Asynchronization, this function is automatically called to process the result. 63. delegate (asynccallback <string> callback) 64. {65. if (callback. issuccess) 66. {67. console. writeline ("User ID retrieved successfully, ID: {0}", callback. data); 68 .} 69. else 70. {71. console. writeline ("failed to get user ID, exception: {0}", callback. error); 72 .} 73 .} 74 .); 75. 76. // Column 2: Get public Weibo list 77. // more than 2.0 are written using lambda, which is not a little convenient 78. sina. asyncinvoke <netdimension. weibo. entities. status. collection> () => 79. {80. // get Weibo, interface call, and return value is netdime Nsion. weibo. entities. status. collection, so generic T is netdimension. weibo. entities. status. collection 81. console. writeline ("send a request to get the public Weibo list... "); 82. return Sina. API. entity. statuses. publictimeline (); 83. // return Sina. API. entity. statuses. reposttimeline; 84 .}, (callback) => 85. {86. if (callback. issuccess) 87. {88. // asynchronous post-processing result. The result is the returned result, and the type is the netdimension specified by the generic type. weibo. entities. status. collection 89. console. Writeline ("the public microblog list is successfully obtained. Now all Weibo users on the public channel are:"); 90. foreach (VAR status in callback. data. statuses) 91. {92. if (status. user! = NULL) 93. console. writeline (status. user. screenname + ""); // print the name of the public microblog initiator 94 .} 95. console. writeline (); 96 .} 97. else 98. {99. console. writeline ("failed to get user ID, exception: {0}", callback. error); 100 .} 101. 102 .}); 103. 104. 105. console. writeline ("All asynchronous requests have been sent. Wait until asynchronous execution is completed... "); 106. 107. console. readkey (); // blocking, waiting for asynchronous call execution to complete 108. 109 .} 110. 111 .} 112 .}

Code in MVC:

Using system; using system. collections. generic; using system. LINQ; using system. web; using system. web. MVC; using myself. models; using myself. code; using BLL; using LIB; using speextowavtomp3; using system. web. HTTP. filters; using models; using webdiyer. webcontrols. MVC; using system. io; namespace myself. controllers {public class myselfcontroller: controller {public actionresult loginsina () {var oauth = new net Dimension. weibo. oauth (appkey, appsecret, URL. action ("loginsinaresult", "Myself", null, "HTTP"); // obtain the address var oauthurl = oauth on the Sina authorization page. getauthorizeurl (); Return redirect (oauthurl);} public actionresult loginsinaresult (string code) {var oauth = new netdimension. weibo. oauth (appkey, appsecret, URL. action ("loginsinaresult", "Myself", null, "HTTP"); var oauthtoken = oauth. getaccesstokenbyauthorization Code (Code); VAR model = userhelper. getauthorizeinfo (oauthtoken. uid, 1); If (model! = NULL) {If (loginhelper. userlogin (model. userid, 1, oauthtoken. UID, request. useragent, request. userhostaddress, "1", "Web") {return redirecttoaction ("Index", "home");} else {return content ("Logon Failed ");}} return content ("You have not registered ");}}}

　　

If you want to run the above program, replace the appkey and appsecret.

 

2. Authorization page

The following is a prompt for Weibo login interface. After login, a third-party website is provided to authorize access to resources on your Sina Weibo account.

3. Authorized access page

 

4. The Sina official website provides an API testing tool to test whether the parameters constructed by the client are correct.

5. oauth2.0 operation Flowchart

Step 1: Jump directly to the user authorization address, that is, the request user URL shown in the figure below, prompting the user to log on and grant related resource authorization to get the unique auth code, note that the code is only valid for 10 minutes. For security considerations, compared with oauth1.0, it saves a step to get a temporary token and controls the validity period, which is much simpler than 1.0 authentication, step 2: After obtaining the authorization code, this step is to request the access token and generate the data token through the request access URL diagram. Step 3: Request the openid through the access token, openid is the unique identifier of the user on this platform. The request info URL request is shown in the figure below and then the openid is obtained. Step 4: Use the data token obtained in step 2, The openid obtained in step 3, and related APIs, request to obtain user authorized Resource Information

 

Oau22certification and Sina Weibo Open Platform Application