OAuth protocol - PHP third-party login protocol, oauth protocol php third-party_PHP tutorial

OAuth protocol - PHP third party login protocol, oauth protocol php third party

MOOC.com Badguy teacher ’s conscience course!

There will always be times when I don’t want to do anything, but today’s days don’t allow personal indulgence. I usually only have these few choices: watch course videos, read books, and read novels. . It seems there is still something that can be done. Among them, watching the course videos is a bit boring, and I have to write code by hand. . It’s good to find a good teacher. Well, let’s study with badguy recently~

Take notes

1. About OAuth

The full name is Open Authorization, open protocol;

is a protocol for PHP to implement third-party login ;

The specific implementation is simplified into three major steps;

But this is what I personally recorded:

2. Before logging in

You need to apply/register to the website that "signed" the agreement (websites that plan to enable third-party login, such as MOOC.com to apply via qq);

Get the website’s unique client_id and client_secret;

3. When logging in

The user clicks "Other Login"——" (The first step of the three steps) The website sends a request to the QQ OAuth server, Request Token URL, and requests the service address, as shown below

https://graph.qq.com/oauth/...

client_id=100490398&...

redirect_uri=http://passport.mukewang.com%...

First there is the oauth identifier, then the client_id, and then the redirect_uri redirect address, which is the return address;

——》(Second step) The user sees the third-party login interface and enters information; here the code will be generated based on the user input, which is invisible to the user and generated directly in the background;

——》(Step 3) The QQ auth server returns the status to the website. For security reasons, there is a User authorization URL. There will be code, client_id, client_secret information for verification. At the same time, the code also has a life cycle. (very short, maybe 5s);

4. After logging in

In addition to realizing third-party login, OAuth also allows authorized websites to perform some functions, such as QQ’s one-click posting space. At this time, there is AccessToken (token), which has a normal life cycle. It will be 7 days; if it is gone, you can log in again to apply. There is also RefreshToken, which will automatically refresh the token;

5. Others

Regarding openness, it can refer to internal openness - for example, Taobao one account, Alipay and other Alibaba series can be used;

Externally-for example, Tencent accounts can be inserted everywhere. .

Last picture

I will continue to learn how to log in with QQ and log in with weibo~

-------------Update in 5 minutes-------------

The writing of Huo Ding’s Notes is also good, easy to understand, with pictures and examples, and it takes 5 minutes to read.

http://www.bkjia.com/PHPjc/1126000.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/1126000.htmlTechArticleOAuth protocol - PHP third-party login protocol, oauth protocol php third-party MOOC network Badguy teacher's conscience course! There will always be times when you don’t want to do anything, but it’s not like this nowadays...