OAuth协议--PHP第三方登陆协议
慕课网Badguy老师的良心课程!
总会有那种什么都不想干的时候,但现在的日子又不这么允许个人的放纵,我一般就只有这几个选择:看课程视频,看书,看小说。。好像还是有可以做的事情。其中,看课程视频有点无聊一般,而且还得老子动手写代码。。找个好老师不错,嗯,最近跟着badguy学习吧~
做做笔记
1、关于OAuth
全称Open Authorization,开放协议;
是一个PHP实现第三方登录的协议;
具体实现就简化为三大步骤;
但我个人是这么记录的:
2、登陆前
需要到“签订”该协议的网站进行申请/注册(打算实现第三方登录的网站,比如慕课网到qq申请);
得到网站唯一的client_id,以及client_secret;
3、登陆时
用户点击“其他登陆”——》(三大步骤之第一步)网站向QQ OAuth服务器发请求,Request Token URL,请求服务地址,如下所示
https://graph.qq.com/oauth/...
client_id=100490398&...
redirect_uri=http%3A%2F%2Fpassport.mukewang.com%...
首先有个oauth标识,然后是client_id,然后是redirect_uri重新定向地址,也就是返回地址;
——》(第二步)用户看到第三方登陆界面,进行信息输入;这里会根据用户输入生成code,用户看不到,后台直接生成了;
——》(第三步)QQ auth服务器返回状态给网站,安全起见有一个User authorization URL,这里会有code,client_id,client_secret信息进行验证,同时code也有生命周期(很短,可能就5s);
4、登陆后
除了实现第三方登录,OAuth还允许授权后的网站进行一些功能,比如qq的一键发空间之类的,这时候就有AccessToken(令牌),生命周期一般为7天吧;没有了了的话,可以重新登陆申请,也有RefreshToken,会自动刷新令牌;
5、其他
关于开放,即可以指对内部的开放——比如淘宝一个号,支付宝什么的阿里系列都可以用;
对外部——比如腾讯账号到处插。。
最后一图
后续接着学习QQ登陆,weibo登陆啦~
------------5min后的更新--------------
火丁笔记这个写的也不错,通俗易懂,有图有例,5min看完。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1389
52
Alipay PHP SDK transfer error: How to solve the problem of 'Cannot declare class SignData'?
Apr 01, 2025 am 07:21 AM
Alipay PHP...
Explain JSON Web Tokens (JWT) and their use case in PHP APIs.
Apr 05, 2025 am 12:04 AM
JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,
How does session hijacking work and how can you mitigate it in PHP?
Apr 06, 2025 am 12:02 AM
Session hijacking can be achieved through the following steps: 1. Obtain the session ID, 2. Use the session ID, 3. Keep the session active. The methods to prevent session hijacking in PHP include: 1. Use the session_regenerate_id() function to regenerate the session ID, 2. Store session data through the database, 3. Ensure that all session data is transmitted through HTTPS.
Describe the SOLID principles and how they apply to PHP development.
Apr 03, 2025 am 12:04 AM
The application of SOLID principle in PHP development includes: 1. Single responsibility principle (SRP): Each class is responsible for only one function. 2. Open and close principle (OCP): Changes are achieved through extension rather than modification. 3. Lisch's Substitution Principle (LSP): Subclasses can replace base classes without affecting program accuracy. 4. Interface isolation principle (ISP): Use fine-grained interfaces to avoid dependencies and unused methods. 5. Dependency inversion principle (DIP): High and low-level modules rely on abstraction and are implemented through dependency injection.
How to automatically set permissions of unixsocket after system restart?
Mar 31, 2025 pm 11:54 PM
How to automatically set the permissions of unixsocket after the system restarts. Every time the system restarts, we need to execute the following command to modify the permissions of unixsocket: sudo...
How to debug CLI mode in PHPStorm?
Apr 01, 2025 pm 02:57 PM
How to debug CLI mode in PHPStorm? When developing with PHPStorm, sometimes we need to debug PHP in command line interface (CLI) mode...
Explain late static binding in PHP (static::).
Apr 03, 2025 am 12:04 AM
Static binding (static::) implements late static binding (LSB) in PHP, allowing calling classes to be referenced in static contexts rather than defining classes. 1) The parsing process is performed at runtime, 2) Look up the call class in the inheritance relationship, 3) It may bring performance overhead.
How to send a POST request containing JSON data using PHP's cURL library?
Apr 01, 2025 pm 03:12 PM
Sending JSON data using PHP's cURL library In PHP development, it is often necessary to interact with external APIs. One of the common ways is to use cURL library to send POST�...
