个人中心
退出
第三方QQ、微博登陆
一定要把token uid 这些参数搞明白是干什么的
第一种方法是转的 (通过javascript来调用)
最近接触了一些第三方登陆的东西,弄的真是一个头,两个大>.<
今天,终于把腾讯第三方登陆调试通了,做一个记录,顺便发发牢骚。
QQ互联官网:http://connect.qq.com/
申请之类的就不多说了,没什么难点,主要记录一下代码方面的东西。
看官方文档的时候写的太详细,太复杂了。看了一堆没用的,和误导的。
由于项目中用的是自定义的图标,所以没有用Js SDK(后来才知道好像官方的js SDK也可以自定义图标)
之前看的是
OAuth2.0开发指引
开发攻略_Server-side
开发攻略_Client-side
中的“开发攻略_Server-side”
光获取access_token就非了九牛二虎之力。
后来发现“开发攻略_Client-side”中的方法要简单的多。现在也没弄清楚为什么要分两个。
废话不多说,进入主题:
1. 打开浏览器,访问如下地址(请将client_id,redirect_uri,scope等参数值替换为你自己的):
https://graph.qq.com/oauth2.0/authorize?response_type=token&client_id=[YOUR_APPID]&redirect_uri=[YOUR_REDIRECT_URI]&scope=[THE_SCOPE]
QQ登陆示例代码:
[html] view plain copy 在CODE上查看代码片 派生到我的代码片
<a href="https://graph.qq.com/oauth2.0/authorize?response_type=token&client_id=101009536&redirect_uri=jishanjia.lanbaoo.com/login/bind&scope=get_user_info">腾讯QQ登录</a>
特别提示 :
1. 请求时传入的recirect_uri必须与注册时填写的回调地址一致,用来进行第三方应用的身份验证。
2. 可通过js方法:window.location.hash来获取URL中#后的参数值,
授权成功后就跳转到recirect_uri这时就可以将?之前的路径换成本地环境,进行本地调试,
将
[plain] view plain copy 在CODE上查看代码片 派生到我的代码片
http://jishanjia.lanbaoo.com/login/bind?#access_token=F2B24AABBF5D69995C52D9007D1DBCE6&expires_in=7776000
换成
[plain] view plain copy 在CODE上查看代码片 派生到我的代码片
http://localhost:8088/mercy/login/bind?#access_token=F2B24AABBF5D69995C52D9007D1DBCE6&expires_in=7776000
expires_in=7776000应该是access_token的有效时间
然后用获取到的access_token获取OpenID
发送请求到如下地址(请将access_token等参数值替换为你自己的):
https://graph.qq.com/oauth2.0/me?access_token=YOUR_ACCESS_TOKEN
2. 获取到用户OpenID,返回包如下:
1
callback
(
{
"client_id"
:
"YOUR_APPID"
,
"openid"
:
"YOUR_OPENID"
}
)
;
示例代码:
[javascript] view plain copy 在CODE上查看代码片 派生到我的代码片
var accessToken = window.location.hash.substring(1);//获取路径中的access_token
$.ajax({
type: 'GET',
url: 'https://graph.qq.com/oauth2.0/me?'+accessToken,
async: false,
dataType: "jsonp",
jsonp: "callback",//传递给请求处理程序或页面的,用以获得jsonp回调函数名的参数名(一般默认为:callback)
jsonpCallback:"callback",
success: function(o){
console.log(o);//o就是上面提到的返回包
$.ajax({
type: 'POST',
url:$CONFIG.base_url+"/third/qq/get_user_info",
data:{url: 'https://graph.qq.com/user/get_user_info?'+accessToken+'&oauth_consumer_key=101009536&openid='+o.openid},
async: false,
dataType: "json",
success: function(e){
alert(e.nickname);
console.log(e);
$("#userImg").attr("src",e.figureurl_qq_2);
}
});
}
});
获取到OpenID后就可以获取用户信息了(get_user_info)详情参照 api文档
获取user_info的时候jsonp就有点不对头了,虽然可以获取到,但是要报错,可能时jsonp用的不够熟练吧。然后我有采用后台获取用户信息的方式进行了一次中转。
代码如下:
[java] view plain copy 在CODE上查看代码片 派生到我的代码片
@RequestMapping(value = "/qq/get_user_info", method = RequestMethod.POST)
public ResponseEntity<HttpEntity> qqGetUserInfo(HttpServletRequest request) {
String url = request.getParameter("url");
System.out.println(url);
HttpClient httpClient = new HttpClient();
// 创建GET方法的实例
GetMethod getMethod = new GetMethod(url);
// 使用系统提供的默认的恢复策略
getMethod.getParams().setParameter(HttpMethodParams.RETRY_HANDLER,
new DefaultHttpMethodRetryHandler());
try {
// 执行getMethod
int statusCode = httpClient.executeMethod(getMethod);
if (statusCode != 200) {
System.err.println("Method failed: "
+ getMethod.getStatusLine());
}
// 读取内容
byte[] responseBody = getMethod.getResponseBody();
// 处理内容
return new ResponseEntity(responseBody,HttpStatus.OK);
} catch (HttpException e) {
// 发生致命的异常,可能是协议不对或者返回的内容有问题
System.out.println();
e.printStackTrace();
return new ResponseEntity("Please check your provided http address!",HttpStatus.BAD_REQUEST);
} catch (IOException e) {
// 发生网络异常
e.printStackTrace();
return new ResponseEntity("Time out!",HttpStatus.BAD_GATEWAY);
} finally {
// 释放连接
getMethod.releaseConnection();
}
}
第二种 是通过后台去交互数据 数据时通过json或者xml格式就行交互 可以是QQ登陆或者微博登陆 登陆类似,可以通过封装来实现
这个类是action 用springMvc来写的
package com.shishuo.studio.action;
import java.io.IOException;
import javax.servlet.http.HttpServletResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.ibatis.annotations.Param;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import com.shishuo.studio.entity.User;
import com.shishuo.studio.exception.AuthException;
import com.shishuo.studio.exception.LoginFailureException;
import com.shishuo.studio.exception.OAuthException;
import com.shishuo.studio.exception.OpenIdNotFoundException;
import com.shishuo.studio.exception.UserNotFoundException;
import com.shishuo.studio.exception.notfound.StorageNotFoundException;
/**
* @author Herbert
*
*/
@Controller
@RequestMapping("/login")
public class LoginAction extends BaseAction {
private static final CharSequence jsonp = null;
/**
* 第3方登陆
*
* @param name
* @return
*/
@RequestMapping(value = "/third.htm", method = RequestMethod.GET)
public String third(@Param("name") String name) {
if (name.equalsIgnoreCase("qq")) {
return "redirect:" + oAuthQQService.getCodeUrl();
} else {
return "redirect:" + oAuthWeiBoService.getCodeUrl();
}
}
/**
*
* qq登陆
*
* @param code
*
* @return
*/
@RequestMapping(value = "/qq.htm", method = RequestMethod.GET)
public String qq(@Param("code") String code, HttpServletResponse response) {
try {
User user = oAuthQQService.checkCode(code);
userService.addAuth(user, response);
return "redirect:/index.htm";
} catch (UserNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (StorageNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (OpenIdNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (AuthException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (ClientProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (IllegalStateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (LoginFailureException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
}
}
/**
* weibo登陆
*
* @param modelMap
* @return
* @throws IOException
* @throws IllegalStateException
* @throws StorageNotFoundException
*/
@RequestMapping(value = "/wei bo.htm", method = RequestMethod.GET)
public String weibo(@Param("code") String code, HttpServletResponse response)
throws StorageNotFoundException {
User user;
try {
user = oAuthWeiBoService.checkCode(code);
if (user != null) {
userService.addAuth(user, response);
return "redirect:/index.htm";
} else {
userService.delAuth(response);
return "redirect:/user/login.htm";
}
} catch (UserNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (OAuthException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (AuthException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (ClientProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (IllegalStateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
}
}
}
这个是第三方登陆的Service
package com.shishuo.studio.service;
import java.io.IOException;
import java.util.HashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import net.sf.json.JSONObject;
import org.apache.http.HttpEntity;
import org.apache.http.client.ClientProtocolException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import com.shishuo.studio.constant.OAuthQQConstant;
import com.shishuo.studio.constant.StorageConstant;
import com.shishuo.studio.constant.SystemConstant;
import com.shishuo.studio.constant.UserConstant;
import com.shishuo.studio.entity.User;
import com.shishuo.studio.entity.vo.StorageVo;
import com.shishuo.studio.exception.AuthException;
import com.shishuo.studio.exception.LoginFailureException;
import com.shishuo.studio.exception.OpenIdNotFoundException;
import com.shishuo.studio.exception.UserNotFoundException;
import com.shishuo.studio.exception.notfound.StorageNotFoundException;
import com.shishuo.studio.util.HttpUtils;
/**
* @author QQ登陆service
*
*/
@Service
public class OAuthQQService implements OAuthService {
@Autowired
private UserService userService;
@Autowired
private TeacherService teacherService;
@Autowired
private StorageService pictureService;
/**
*
* 获得QQ登陆的code
*
* @return code
*/
public String getCodeUrl() {
HashMap<String, String> param = new HashMap<String, String>();
param.put("client_id", OAuthQQConstant.QQ_APPID);
param.put("client_secret", OAuthQQConstant.QQ_APPKEY);
param.put("redirect_uri", "http://www.shishuo.com/login/qq.htm");
return OAuthQQConstant.AUTH_CODE_URL + HttpUtils.getParam(param);
}
/**
*
* 配置通过Authorization Code获取Access Token的参数
*
* @param code
* @return token
*
*/
public String getTokenByCode(String code) {
HashMap<String, String> param = new HashMap<String, String>();
param.put("grant_type", "authorization_code");
param.put("client_id", OAuthQQConstant.QQ_APPID);
param.put("client_secret", OAuthQQConstant.QQ_APPKEY);
param.put("code", code);
param.put("redirect_uri", "http://www.shishuo.com/login/qq.htm");
String[] tokens = HttpUtils.getUrl(OAuthQQConstant.TOKEN_URL, param)
.split("&");
String token = tokens[0].split("=")[1];
return token;
}
/**
*
* 通过token获取openId数据
*
* @param token
* @return openId
* @throws Exception
*
*/
public String getOpenidByToken(String token) throws OpenIdNotFoundException {
String openid = "";
HashMap<String, String> param = new HashMap<String, String>();
param.put("access_token", token);
param.put("format", SystemConstant.FORMAT);
String jsonp = HttpUtils.getUrl(OAuthQQConstant.OPENID_URL, param);
Matcher m = Pattern.compile("\"openid\"\\s*:\\s*\"(\\w+)\"").matcher(
jsonp);
if (m.find()) {
openid = m.group(1);
} else {
throw new OpenIdNotFoundException("");
}
return openid;
}
/**
* 通过token和openId获取userInfo
*
* @param token
* @param openid
* @return json
*/
public JSONObject getUserByTokenAndOpenid(String token, String openid) {
HashMap<String, String> param = new HashMap<String, String>();
param.put("access_token", token);
param.put("oauth_consumer_key", OAuthQQConstant.QQ_APPID);
param.put("openid", openid);
param.put("format", SystemConstant.FORMAT);
String jsonp = HttpUtils.getUrl(OAuthQQConstant.USERINFO_URL, param);
JSONObject object = JSONObject.fromObject(jsonp);
return object;
}
/**
* 通过code获得userInfo并入库
*
* @param code
* @return user
* @throws UserNotFoundException
* @throws AuthException
* @throws IOException
* @throws ClientProtocolException
* @throws IllegalStateException
* @throws StorageNotFoundException
* @throws OpenIdNotFoundException
* @throws LoginFailureException
* @exception exception
*/
@Override
public User checkCode(String code) throws UserNotFoundException,
AuthException, ClientProtocolException, IOException,
StorageNotFoundException, IllegalStateException,
OpenIdNotFoundException, LoginFailureException {
String token = this.getTokenByCode(code);
String openId = this.getOpenidByToken(token);
JSONObject json = this.getUserByTokenAndOpenid(token, openId);
// ret==0 代表用户登陆成功
if (0 == Integer.parseInt(json.get("ret").toString())) {
if (userService.isUserByOpenIdAndType(openId, UserConstant.type.qq)) {
long userId = userService.updateTokenByOpenIdAndType(openId,
token, UserConstant.type.qq);
return userService.getUserById(userId);
} else {
User user = userService.addUserByThird(openId, token, "",
UserConstant.type.qq, "", "");
teacherService.updateNameByUserId(user.getUserId(),
json.getString("nickname"));
HttpEntity httpEntity = HttpUtils.download(json
.getString("figureurl_qq_2"));
StorageVo picture = pictureService.addPicture(
user.getUserId(),
user.getUserId(),
StorageConstant.kind.user,
httpEntity.getContentType().getValue()
.replaceAll("/", "."), httpEntity
.getContentType().getValue(), httpEntity
.getContent());
teacherService.updateTeacherStorageByUserId(user.getUserId(),
picture.getStorageId(), picture.getPath());
return user;
}
} else {
throw new LoginFailureException("登陆失败");
}
}
}
帮助类
/*
*
* Copyright © 2013 Changsha Shishuo Network Technology Co., Ltd. All rights reserved.
* 长沙市师说网络科技有限公司 版权所有
* http://www.shishuo.com
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.shishuo.studio.util;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import javax.servlet.http.HttpServletRequest;
import net.sf.json.JSONObject;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.apache.log4j.Logger;
import com.shishuo.studio.constant.SystemConstant;
/**
* @author Herbert
*
*/
public class HttpUtils {
private static final CloseableHttpClient httpClient = HttpClients
.createDefault();
private static final Logger logger = Logger.getLogger(HttpUtils.class);
/**
* 得到请求的IP地址
*
* @param request
* @return
*/
public static String getIp(HttpServletRequest request) {
String ip = request.getHeader("X-Real-IP");
if (StringUtils.isBlank(ip)) {
ip = request.getHeader("Host");
}
if (StringUtils.isBlank(ip)) {
ip = request.getHeader("X-Forwarded-For");
}
if (StringUtils.isBlank(ip)) {
ip = "0.0.0.0";
}
return ip;
}
/**
* 浏览器请求应用服务器的URL地址
*
* @param request
* @return
*/
public static String getBasePath(HttpServletRequest request) {
String path = request.getContextPath();
String basePath = request.getScheme() + "://" + request.getServerName()
+ ":" + request.getServerPort() + path;
return basePath;
}
/**
* 得到应用的物理地址
*
* @return
*/
public static String getRealPath() {
return System.getProperty(SystemConstant.SHISHUO_STUDIO_ROOT);
}
/**
* 组装参数
*
* @param params
* @return
*/
public static String getParam(HashMap<String, String> params) {
ArrayList<String> paramList = new ArrayList<String>();
Iterator<Entry<String, String>> iterator = params.entrySet().iterator();
while (iterator.hasNext()) {
Map.Entry<String, String> entry = (Entry<String, String>) iterator
.next();
String value = (String) entry.getValue();
String key = (String) entry.getKey();
paramList.add(key + "=" + value);
}
return StringUtils.join(paramList, "&");
}
/**
* @param params
* @return
*/
public static List<NameValuePair> getNameValuePair(
HashMap<String, String> params) {
List<NameValuePair> list = new ArrayList<NameValuePair>();
Iterator<Entry<String, String>> iterator = params.entrySet().iterator();
while (iterator.hasNext()) {
Map.Entry<String, String> entry = (Entry<String, String>) iterator
.next();
String value = (String) entry.getValue();
String key = (String) entry.getKey();
list.add(new BasicNameValuePair(key, value));
}
return list;
}
/**
* @param url
* @param param
* @return
*/
public static String getUrl(String url, HashMap<String, String> params) {
try {
HttpGet httpGet = new HttpGet(url + "?" + getParam(params));
logger.info(url + "?" + getParam(params));
HttpResponse response = httpClient.execute(httpGet);
HttpEntity entity = response.getEntity();
String responseString = EntityUtils.toString(response.getEntity());
EntityUtils.consume(entity);
return responseString;
} catch (Exception e) {
e.printStackTrace();
return "";
}
}
/**
* 得到JSON数据
*
* @param url
* @param param
* @return
*/
public static JSONObject getJSON(String url, HashMap<String, String> params) {
String json = getUrl(url, params);
return JSONObject.fromObject(json);
}
/**
* @param url
* @param params
* @return
*/
public static String postUrl(String url, HashMap<String, String> params) {
try {
HttpPost httpPost = new HttpPost(url);
httpPost.setEntity(new UrlEncodedFormEntity(
getNameValuePair(params), "UTF-8"));
HttpResponse response = httpClient.execute(httpPost);
HttpEntity entity = response.getEntity();
String responseString = EntityUtils.toString(response.getEntity());
EntityUtils.consume(entity);
return responseString;
} catch (Exception e) {
e.printStackTrace();
return "";
}
}
/**
* @param url
* @return
* @throws ClientProtocolException
* @throws IOException
*/
public static HttpEntity download(String url)
throws ClientProtocolException, IOException {
HttpGet httpget = new HttpGet(url);
// 伪装成google的爬虫JAVA问题查询
httpget.setHeader("User-Agent",
"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)");
// Execute HTTP request
System.out.println("executing request " + httpget.getURI());
HttpResponse response = httpClient.execute(httpget);
// 得到网络资源的字节数组,并写入文件
HttpEntity entity = response.getEntity();
return entity;
}
}
作者:chen.yu
深信服三年半工作经验,目前就职游戏厂商,希望能和大家交流和学习,
微信公众号:编程入门到秃头 或扫描下面二维码
零基础入门进阶人工智能(链接)
分类导航