1.OAuth授权说明
OAuth是一个开放协议,允许用户让第三方应用以安全且标准的方式获取该用户在某一网站、移动或桌面应用上存储的私密的资源(如用户个人信息、照片、视频、联系人列表),而无需将用户名和密码提供给第三方应用。
这个是微信很早出的微信公众号认证之后的一个高级权限接口,目前是2版本。
2.OAuth授权过程
1. 用户关注微信公众账号。 2. 微信公众账号提供用户请求授权页面URL。 3. 用户点击授权页面URL,将向服务器发起请求 4. 服务器询问用户是否同意授权给微信公众账号(scope为snsapi_base时无此步骤) 5. 用户同意(scope为snsapi_base时无此步骤) 6. 服务器将CODE通过回调传给微信公众账号 7. 微信公众账号获得CODE 8. 微信公众账号通过CODE向服务器请求Access Token 9. 服务器返回Access Token和OpenID给微信公众账号 10. 微信公众账号通过Access Token向服务器请求用户信息(scope为snsapi_base时无此步骤) 11. 服务器将用户信息回送给微信公众账号(scope为snsapi_base时无此步骤)
注意:实现这个授权获取用户信息最基本的APPID和APPSECRET配置。不过这里多了一个操作,配置授权回掉页面域名。
3.代码实现
我就简单做一个demo,但是类文件可以直接进行使用。
首先是view页面(index.php)
<?php
require_once('weixin.class.php');
$weixin = new class_weixin();
if (!isset($_GET["code"])){
$redirect_url = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
$jumpurl = $weixin->oauth2_authorize($redirect_url, "snsapi_userinfo", "123");
Header("Location: $jumpurl");
}else{
$access_token_oauth2 = $weixin->oauth2_access_token($_GET["code"]);
$userinfo = $weixin->oauth2_get_user_info($access_token_oauth2['access_token'], $access_token_oauth2['openid']);
}
?>
<!DOCTYPE html>
<html lang="zh-cn">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width,initial-scale=1,user-scalable=0">
<title>网页授权Demo</title>
<link rel="stylesheet" href="css/weui.min.css">
<link rel="stylesheet" href="css/example.css">
</head>
<body ontouchstart="">
<div class="container js_container">
<div class="page cell">
<div class="hd">
<h1 class="page_title">微信网页授权</h1>
</div>
<div class="bd">
<div class="weui_cells_title">个人信息</div>
<div class="weui_cells">
<div class="weui_cell">
<div class="weui_cell_bd weui_cell_primary">
<p>OpenID</p>
</div>
<div class="weui_cell_ft"><?php echo $userinfo["openid"];?></div>
</div>
<div class="weui_cell ">
<div class="weui_cell_bd weui_cell_primary">
<p>头像</p>
</div>
<div class="weui_cell_ft"><img src="<?php echo str_replace("/0","/46",$userinfo["headimgurl"]);?>"></div>
</div>
<div class="weui_cell">
<div class="weui_cell_bd weui_cell_primary">
<p>昵称</p>
</div>
<div class="weui_cell_ft"><?php echo $userinfo["nickname"];?></div>
</div>
<div class="weui_cell">
<div class="weui_cell_bd weui_cell_primary">
<p>性别</p>
</div>
<div class="weui_cell_ft"><?php echo (($userinfo["sex"] == 0)?"未知":(($userinfo["sex"] == 1)?"男":"女"));?></div>
</div>
<div class="weui_cell">
<div class="weui_cell_bd weui_cell_primary">
<p>地区</p>
</div>
<div class="weui_cell_ft"><?php echo $userinfo["country"];?> <?php echo $userinfo["province"];?> <?php echo $userinfo["city"];?></div>
</div>
<div class="weui_cell">
<div class="weui_cell_bd weui_cell_primary">
<p>语言</p>
</div>
<div class="weui_cell_ft"><?php echo $userinfo["language"];?></div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
接下来是类文件(weixin.class.php)
<?php
class class_weixin
{
var $appid = 'wx*****************49';
var $appsecret = '3************************215c';
//构造函数,获取Access Token
public function __construct($appid = NULL, $appsecret = NULL)
{
if($appid && $appsecret){
$this->appid = $appid;
$this->appsecret = $appsecret;
}
}
//生成OAuth2的URL
public function oauth2_authorize($redirect_url, $scope, $state = NULL)
{
$url = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=".$this->appid."&redirect_uri=".$redirect_url."&response_type=code&scope=".$scope."&state=".$state."#wechat_redirect";
return $url;
}
//生成OAuth2的Access Token
public function oauth2_access_token($code)
{
$url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=".$this->appid."&secret=".$this->appsecret."&code=".$code."&grant_type=authorization_code";
$res = $this->http_request($url);
return json_decode($res, true);
}
//获取用户基本信息(OAuth2 授权的 Access Token 获取 未关注用户,Access Token为临时获取)
public function oauth2_get_user_info($access_token, $openid)
{
$url = "https://api.weixin.qq.com/sns/userinfo?access_token=".$access_token."&openid=".$openid."&lang=zh_CN";
$res = $this->http_request($url);
return json_decode($res, true);
}
//获取用户基本信息
public function get_user_info($openid)
{
$url = "https://api.weixin.qq.com/cgi-bin/user/info?access_token=".$this->access_token."&openid=".$openid."&lang=zh_CN";
$res = $this->http_request($url);
return json_decode($res, true);
}
//HTTP请求(支持HTTP/HTTPS,支持GET/POST)
protected function http_request($url, $data = null)
{
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE);
if (!empty($data)){
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
}
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
$output = curl_exec($curl);
curl_close($curl);
return $output;
}
}
?>
大家可以结合上一篇微信接口看,然后呢有疑问的地方,欢迎交流。
