The Python Flask framework application implements the login method using the QQ account, pythonflask
Flask-OAuthlib is the Flask extension Implementation of OAuthlib,
Project address:
Https://github.com/lepture/flask-oauthlib
Main features:
- Supports OAuth 1.0a, 1.0, 1.1, and oau2client
- Friendly API (same as Flask-OAuth)
- Integrate directly with Flask
- Wait ......
Flask-OAuthlib provides sample code for multiple open platforms, such as Google, Facebook, Twiter, Github, Dropbox, Douban, and weibo. It is only a sample code without QQ logon.
QQ OAuth logon example
The following is the QQ logon code:
import osimport jsonfrom flask import Flask, redirect, url_for, session, request, jsonify, Markupfrom flask_oauthlib.client import OAuthQQ_APP_ID = os.getenv('QQ_APP_ID', '101187283')QQ_APP_KEY = os.getenv('QQ_APP_KEY', '993983549da49e384d03adfead8b2489')app = Flask(__name__)app.debug = Trueapp.secret_key = 'development'oauth = OAuth(app)qq = oauth.remote_app( 'qq', consumer_key=QQ_APP_ID, consumer_secret=QQ_APP_KEY, base_url='https://graph.qq.com', request_token_url=None, request_token_params={'scope': 'get_user_info'}, access_token_url='/oauth2.0/token', authorize_url='/oauth2.0/authorize',)def json_to_dict(x): '''OAuthResponse class can't not parse the JSON data with content-type text/html, so we need reload the JSON data manually''' if x.find('callback') > -1: pos_lb = x.find('{') pos_rb = x.find('}') x = x[pos_lb:pos_rb + 1] try: return json.loads(x, encoding='utf-8') except: return xdef update_qq_api_request_data(data={}): '''Update some required parameters for OAuth2.0 API calls''' defaults = { 'openid': session.get('qq_openid'), 'access_token': session.get('qq_token')[0], 'oauth_consumer_key': QQ_APP_ID, } defaults.update(data) return defaults@app.route('/')def index(): '''just for verify website owner here.''' return Markup('''<meta property="qc:admins" ''' '''content="226526754150631611006375" />''')@app.route('/user_info')def get_user_info(): if 'qq_token' in session: data = update_qq_api_request_data() resp = qq.get('/user/get_user_info', data=data) return jsonify(status=resp.status, data=resp.data) return redirect(url_for('login'))@app.route('/login')def login(): return qq.authorize(callback=url_for('authorized', _external=True))@app.route('/logout')def logout(): session.pop('qq_token', None) return redirect(url_for('get_user_info'))@app.route('/login/authorized')def authorized(): resp = qq.authorized_response() if resp is None: return 'Access denied: reason=%s error=%s' % ( request.args['error_reason'], request.args['error_description'] ) session['qq_token'] = (resp['access_token'], '') # Get openid via access_token, openid and access_token are needed for API calls resp = qq.get('/oauth2.0/me', {'access_token': session['qq_token'][0]}) resp = json_to_dict(resp.data) if isinstance(resp, dict): session['qq_openid'] = resp.get('openid') return redirect(url_for('get_user_info'))@qq.tokengetterdef get_qq_oauth_token(): return session.get('qq_token')if __name__ == '__main__': app.run()
Main process:
- Access QQ Internet site http://connect.qq.com/registered as a developer, and apply for applications, the application needs to verify the ownership of the site;
- After the application is applied, replace QQ_APP_ID and QQ_APP_KEY with your application;
- Access/login and go to the QQ authorization verification webpage;
- After the QQ verification is passed, it will jump back to/login/authorized and get the access_token;
- After obtaining access_token, obtain the openid through access_token. access_token and openid are necessary parameters for later calling other APIs;
- Jump to/user_info to get and display the basic information of the logon user.
For more information, see Flask-OAuthlib and QQ interconnection documents:
Https://flask-oauthlib.readthedocs.org/
Http://wiki.connect.qq.com/
Special description on the SAE Platform
On the SAE platform, there is no problem with the authorization process. When the access_token is obtained and the API is called, a request header similar to the following will be appended to the request (such as get and put:
headers = {u'Authorization': u'Bearer 83F40E96FB6882686F4DF1E17105D04E'}
This request header will cause HTTPError: HTTP Error 400: Bad request, resulting in a request failure. The solution is to convert the key name to the str type. The Hack code is as follows:
def convert_keys_to_string(dictionary): """Recursively converts dictionary keys to strings.""" if not isinstance(dictionary, dict): return dictionary return dict((str(k), convert_keys_to_string(v)) for k, v in dictionary.items())def change_qq_header(uri, headers, body): headers = convert_keys_to_string(headers) return uri, headers, bodyqq.pre_request = change_qq_header
When the project is deployed on the SAE platform, place the code before the if _ name _ = '_ main _' statement.
Summary
Oau2's logon verification is relatively easy, and most platforms support standard protocols. Using a common library can simplify the development process. In addition, the QQ login code has been submitted to the Flask-OAuthlib code base.