Detailed explanation of website access to QQ, WeChat and Weibo third-party login
The overall idea of three-party login isGet the openid in the third party, then associate it with the user (store it in the database), and log in. This article mainly shares with you the detailed explanation of third-party login for website access to QQ, WeChat, and Weibo. I hope it can help everyone.
The current requirement is: two (or more) first-level domain names, such as maxiye.cn and yexima.com, and each domain name has multiple Second-level domain name distribution, such as: app.maxiye.cn, new.maxiye.cn, old.maxiye.cn, app.yexima.com, new.yexima.com, old.yexima.com.. .etc., but these domain names use the same code (yes, the vest) and share the database and session. At the same time, each of its domain names includes PC, ios, and Android terminals. How to access all third-party logins?
QQ, WeChat, Weibo access points:
1.Application entrance: QQ is QQ Internet, WeChat is WeChat open platform, and Weibo is Weibo open platform;
2.Callback domain setting: QQ can set a first-level domain name and there can be multiple, it must start with http:// and end with ;, such as http://maxiye.cn;http://yexima.com;; WeChat can only be set to a second-level domain name and only one, the format is: app.maxiye.cn;
Weibo can also set a first-level domain name and it is one: maxiye.cn;
3.unionid acquisition: multiple apps (same ) shared database under developer account, so unionid needs to be used to confirm identity. QQ needs to apply for additional permissions to obtain uuid. For details, please refer to how to connect different appid applications under the same developer account; WeChat already has a unionid acquisition interface; Weibo uses uid as unionid;
pit:
1.QQ Many of the results returned by the interface are in jsonp format, which needs to be stripped manuallycallback();
2. Weibo acquisitionobtain access_tokenactually must be used post, shocked;
3. WeChat does not support filling in the first-level domain name for the callback address, so you need to use unified domain name (agent) as the callback address, and then redirect internally to the person who sent the application Domain name;
The following is a written tool class:
<?php
/* PHP SDK 第三方登录授权验证
* @version 1.0.0
* @author zyl
* @copyright
*/
namespace app\helpers;
use yii\helpers\Url;
use Yii;
class OauthLogin
{
public $server = '';//接入第三方的域名
public $proxy = 'app.maxiye.cn';//微信登录代理中转站点
private $type = '';//第三方类型:qq,weixin,weibo
private $app_id = '';//分配给网站的appid。
private $app_secret = '';//分配给网站的appkey。
private $state = '';//client端的状态值。用于第三方应用防止CSRF攻击,成功授权后回调时会原样带回。请务必严格按照流程检查用户与state参数状态的绑定。
private $code = '';//用户成功登录并授权,则会跳转到指定的回调地址,并在URL中带上Authorization Code。
private $access_token;
private $config = [//配置多个网站的appid&appkey
'maxiye.cn' => [
'qq' => [
'app_id' => '100000000',
'app_secret' => 'f9038c3d07c*******7884edf3e31708',
],
'weixin' => [
'app_id' => 'wxee7c90a7744c2002',
'app_secret' => '13e649627894*******7a85a0e2f50e7',
],
'weibo' => [
'app_id' => '1200000000',
'app_secret' => 'e074de8*******d3818d0df9ca28c459',
],
],
'yexima.com' => [
'qq' => [
'app_id' => '101111244',
'app_secret' => '6ca59c6a1b1*******77e636a10ac334',
],
'weixin' => [
'app_id' => 'wx0b822222ea9ee323',
'app_secret' => '7f9cbd*******f37ce7b4c267bdde029',
],
'weibo' => [
'app_id' => '911111998',
'app_secret' => '5b21c452f88e2982*******1722d8fcd',
],
],
];
function __construct($params = [])
{
$this->type = $params['type'];
$this->server = $_SERVER['SERVER_NAME'];
foreach ($this->config as $k => $v) {
if (stristr($this->server, $k) && isset($v[$this->type])) {
$this->app_id = $v[$this->type]['app_id'];
$this->app_secret = $v[$this->type]['app_secret'];
}
}
if (isset($params['code'])) {
$this->code = $params['code'];
}
}
/**
* 获取用户授权验证的链接
* @return string
*/
public function getOauthUrl()
{
$this->state = md5(uniqid(rand(), TRUE));
Yii::$app->session->setFlash('oauth_state', $this->state);
$redirect_uri = urlencode(Url::to(['login-by-openid', 'type' => $this->type, true));
if ($this->type == 'weixin' && $this->server != $this->proxy) {//微信回调多域名代理处理
$redirect_uri = str_replace($this->server, $this->proxy, $redirect_uri) . '%26redirect%3D' . $this->server;
}
$url = '';
switch ($this->type) {
case 'qq'://qq回调域填写一级域名并以“;”结束:http://maxiye.cn;http://yexima.com;
$url = "https://graph.qq.com/oauth/show?which=Login&display=pc&response_type=code&client_id={$this->app_id}&state={$this->state}&display=web&redirect_uri={$redirect_uri}";
break;
case 'weixin'://app.maxiye.cn不支持只填写二级域名
$url = "https://open.weixin.qq.com/connect/qrconnect?response_type=code&appid={$this->app_id}&state={$this->state}&scope=snsapi_login&redirect_uri={$redirect_uri}#wechat_redirect";
break;
case 'weibo'://微博设置安全域名:maxiye.cn
$url = "https://api.weibo.com/oauth2/authorize?response_type=code&client_id={$this->app_id}&state={$this->state}&display=web&redirect_uri={$redirect_uri}";
break;
default:
break;
}
return $url;
}
/**
* 获取针对开发者账号的惟一uuid
* @return string unionid或uid
*/
public function getUuid()
{
$openid = '';
if ($this->type == 'qq') {
$this->getAccessToken();
} else {
$openid = $this->getOpenid();
}
$access_token = $this->access_token;
$uuid = '';
if ($access_token) {
switch ($this->type) {
case 'qq':
$url = "https://graph.qq.com/oauth2.0/me?access_token={$access_token}&unionid=1";
// 返回示例...
/*callback({
"client_id":"YOUR_APPID",
"openid":"YOUR_OPENID",
"unionid":"YOUR_UNIONID"
});*/
$result = $this->get_contents($url);
if (strpos($result, "callback") !== false) {
$lpos = strpos($result, "(");
$rpos = strrpos($result, ")");
$result = json_decode(substr($result, $lpos + 1, $rpos - $lpos - 1), true);
$uuid = isset($result['unionid']) ? $result['unionid'] : '';
}
return $uuid;
// return $openid;
break;
case 'weixin':
$url = "https://api.weixin.qq.com/sns/userinfo?access_token={$access_token}&openid={$openid}";
// 返回示例
/*{
"openid":"OPENID",
"nickname":"NICKNAME",
"sex":1,
"province":"PROVINCE",
"city":"CITY",
"country":"COUNTRY",
"headimgurl": "http://wx.qlogo.cn/mmopen/g3MonUZtNHkdmzicIlibx6iaFqAc56vxLSUfpb6n5WKSYVY0ChQKkiaJSgQ1dZuTOgvLLrhJbERQQ4eMsv84eavHiaiceqxibJxCfHe/0",
"privilege":[
"PRIVILEGE1",
"PRIVILEGE2"
],
"unionid": " o6_bmasdasdsad6_2sgVt7hMZOPfL"
}*/
$result = json_decode($this->get_contents($url), true);
return isset($result['unionid']) ? $result['unionid'] : '';
break;
case 'weibo':
return $openid;
break;
default:
break;
}
}
return $uuid;
}
/**
* 获取access_token
* @param boolean $true false表示获取原始结果,true获取真正的access_token
* @return string json包|string
*/
public function getAccessToken($true = true)
{
//验证state
if (Yii::$app->request->get('state', '') != Yii::$app->session->getFlash('oauth_state')) {
return '';
}
$redirect_uri = urlencode(Url::to(['login-by-openid', 'type' => $this->type], true));
$url = '';
switch ($this->type) {
case 'qq':
$url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&code={$this->code}&client_id={$this->app_id}&client_secret={$this->app_secret}&redirect_uri={$redirect_uri}";
//返回示例...
//access_token=15C0CE01C0311240F9091A7DB6828E62&expires_in=7776000&refresh_token=7BFCE2E5B773D4F5531561A10E1C2B2D
break;
case 'weixin':
$url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid={$this->app_id}&secret={$this->app_secret}&code={$this->code}&grant_type=authorization_code";
//返回示例
/*{
"access_token":"ACCESS_TOKEN",
"expires_in":7200,
"refresh_token":"REFRESH_TOKEN",
"openid":"OPENID",
"scope":"SCOPE"
}*/
break;
case 'weibo':
$url = "https://api.weibo.com/oauth2/access_token?client_id={$this->app_id}&client_secret={$this->app_secret}&grant_type=authorization_code&redirect_uri={$redirect_uri}&code={$this->code}";//新浪微博
$post_data = [];
return $this->post($url, $post_data);//撒币制杖
//返回示例
/*{
"access_token": "SlAV32hkKG",
"remind_in": 3600,
"expires_in": 3600,
"uid":"12341234"
}*/
break;
default:
break;
}
if ($true) {
$res_access_token = $this->get_contents($url);
if ($this->type == 'qq' && strpos($res_access_token, "access_token") !== false) {
$token_result = ['access_token' => explode('=', explode('&', $res_access_token)[0])[1]];
} else {
$token_result = json_decode($res_access_token ?: '{}', true);
}
$access_token = !empty($token_result['access_token']) ? $token_result['access_token'] : '';
$this->access_token = $access_token;
return $access_token;
} else {
return $this->get_contents($url);
}
}
/**
* post
* post方式请求资源
* @param string $url 基于的baseUrl
* @param array $keysArr 请求的参数列表
* @param int $flag 标志位
* @return string 返回的资源内容
*/
public function post($url, $keysArr, $flag = 0)
{
$ch = curl_init();
if (!$flag) curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $keysArr);
curl_setopt($ch, CURLOPT_URL, $url);
$ret = curl_exec($ch);
curl_close($ch);
return $ret;
}
/**
* get_contents
* 服务器通过get请求获得内容
* @param string $url 请求的url,拼接后的
* @return string 请求返回的内容
*/
public function get_contents($url)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_URL, $url);
$response = curl_exec($ch);
curl_close($ch);
//-------请求为空
if (empty($response)) {
return '{}';
}
return $response;
}
/**
* 获取openid
* @return string openid
*/
public function getOpenid()
{
$res_access_token = $this->getAccessToken(false);
if ($this->type == 'qq' && strpos($res_access_token, "access_token") !== false) {
$access_token = ['access_token' => explode('=', explode('&', $res_access_token)[0])[1]];
} else {
$access_token = json_decode($res_access_token ?: '{}', true);
}
$openid = '';
if (isset($access_token['access_token'])) {
$this->access_token = $access_token['access_token'];
switch ($this->type) {
case 'qq':
$url = "https://graph.qq.com/oauth2.0/me?access_token={$access_token['access_token']}";
// 返回示例...
// callback( {"client_id":"101406183","openid":"6C611CBE0C72F765572AE2472C9B59A4"} );
$result = $this->get_contents($url);
if (strpos($result, "callback") !== false) {
$lpos = strpos($result, "(");
$rpos = strrpos($result, ")");
$result = json_decode(substr($result, $lpos + 1, $rpos - $lpos - 1), true);
$openid = isset($result['openid']) ? $result['openid'] : '';
}
break;
case 'weixin':
return $access_token['openid'];
break;
case 'weibo':
return $access_token['uid'];
/*$url = "https://api.weibo.com/oauth2/get_token_info?access_token={$access_token['access_token']}";
//返回示例
{
"uid": 1073880650,
"appkey": 1352222456,
"scope": null,
"create_at": 1352267591,
"expire_in": 157679471
}
$result = $this->get_contents($url);
$openid = isset($result['uid'])?$result['uid']:'';*/
break;
default:
break;
}
}
return $openid;
}
}The usage method is as follows:
//第三方登录界面处理
public function actionLoginByOpenid(){
Yii::$app->response->format= Response::FORMAT_HTML;
$params = Yii::$app->request->get();
$oauth = new OauthLogin($params);
if(empty($params['code'])){
$url = $oauth->getOauthUrl();
return $this->redirect($url);
}else{
//微信代理跳转处理
if(isset($params['redirect']) && $params['redirect'] != $oauth->server){
$proxy = $oauth->proxy;
$server = $params['redirect'];
return $this->redirect(str_replace($proxy, $server, Url::current(['redirect'=>null], 'http')));
}
$openid = $oauth->getUuid();
if (!$openid) {
//失败处理TODO
} else {
//成功处理TODO
}
}
}The specific process (qq as an example) is as follows:
1. User Click the QQ login icon and access the link http://app.maxiye.cn/site/login-by-openid?type=qq;
2. The server processes to obtain the QQ authorization link and redirect ;
3.QQ adds the code parameter (Authorization Code) in the callback address, callbackhttp://app.maxiye.cn/site/login-by-openid?type=qq&state=4a78***&code =1CA8DF***;
4. The server verifies the state according to the code parameter, obtains the access_token, then obtains the unionid (uid), and processes the result.
Related recommendations:
Add a third-party login PHP version to the website
##php QQ third-party login SDK program code_PHP tutorial
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1378
52
There are rumors that 'iPhone 16 may not support WeChat', and Apple's technical consultant in China said that it is communicating with Tencent about app store commissions
Sep 02, 2024 pm 10:45 PM
Thanks to netizens Qing Qiechensi, HH_KK, Satomi Ishihara and Wu Yanzu of South China for submitting clues! According to news on September 2, there are recent rumors that "iPhone 16 may not support WeChat." In response to this, a reporter from Shell Finance called Apple's official hotline. Apple's technical consultant in China responded that whether iOS systems or Apple devices can continue to use WeChat, and WeChat The issue of whether it can continue to be listed and downloaded on the Apple App Store requires communication and discussion between Apple and Tencent to determine the future situation. Software App Store and WeChat Problem Description Software App Store technical consultant pointed out that developers may need to pay fees to put software on the Apple Store. After reaching a certain number of downloads, Apple will need to pay corresponding fees for subsequent downloads. Apple is actively communicating with Tencent,
deepseek image generation tutorial
Feb 19, 2025 pm 04:15 PM
DeepSeek: A powerful AI image generation tool! DeepSeek itself is not an image generation tool, but its powerful core technology provides underlying support for many AI painting tools. Want to know how to use DeepSeek to generate images indirectly? Please continue reading! Generate images with DeepSeek-based AI tools: The following steps will guide you to use these tools: Launch the AI Painting Tool: Search and open a DeepSeek-based AI Painting Tool (for example, search "Simple AI"). Select the drawing mode: select "AI Drawing" or similar function, and select the image type according to your needs, such as "Anime Avatar", "Landscape"
People familiar with the matter responded that 'WeChat may not support Apple iPhone 16': Rumors are rumors
Sep 02, 2024 pm 10:43 PM
Rumors of WeChat supporting iPhone 16 were debunked. Thanks to netizens Xi Chuang Jiu Shi and HH_KK for submitting clues! According to news on September 2, there are rumors today that WeChat may not support iPhone 16. Once the iPhone is upgraded to the iOS 18.2 system, it will not be able to use WeChat. According to "Daily Economic News", it was learned from people familiar with the matter that this rumor is a rumor. Apple's response: According to Shell Finance, Apple's technical consultant in China responded that the issue of whether WeChat can continue to be used on iOS systems or Apple devices, and whether WeChat can continue to be listed and downloaded in the Apple App Store, needs to be resolved between Apple and Tencent. Only through communication and discussion can we determine the future situation. Currently, Apple is actively communicating with Tencent to confirm whether Tencent will continue to
gateio Chinese official website gate.io trading platform website
Feb 21, 2025 pm 03:06 PM
Gate.io, a leading cryptocurrency trading platform founded in 2013, provides Chinese users with a complete official Chinese website. The website provides a wide range of services, including spot trading, futures trading and lending, and provides special features such as Chinese interface, rich resources and community support.
List of handling fees for okx trading platform
Feb 15, 2025 pm 03:09 PM
The OKX trading platform offers a variety of rates, including transaction fees, withdrawal fees and financing fees. For spot transactions, transaction fees vary according to transaction volume and VIP level, and adopt the "market maker model", that is, the market charges a lower handling fee for each transaction. In addition, OKX also offers a variety of futures contracts, including currency standard contracts, USDT contracts and delivery contracts, and the fee structure of each contract is also different.
Sesame Open Door Login Registration Entrance gate.io Exchange Registration Official Website Entrance
Mar 04, 2025 pm 04:51 PM
Gate.io (Sesame Open Door) is the world's leading cryptocurrency trading platform. This article provides a complete tutorial on spot trading of Gate.io. The tutorial covers steps such as account registration and login, KYC certification, fiat currency and digital currency recharge, trading pair selection, limit/market transaction orders, and orders and transaction records viewing, helping you quickly get started on the Gate.io platform for cryptocurrency trading. Whether a beginner or a veteran, you can benefit from this tutorial and easily master the Gate.io trading skills.
gateio exchange app old version gateio exchange app old version download channel
Mar 04, 2025 pm 11:36 PM
Gateio Exchange app download channels for old versions, covering official, third-party application markets, forum communities and other channels. It also provides download precautions to help you easily obtain old versions and solve the problems of discomfort in using new versions or device compatibility.
Ouyi Exchange app domestic download tutorial
Mar 21, 2025 pm 05:42 PM
This article provides a detailed guide to safe download of Ouyi OKX App in China. Due to restrictions on domestic app stores, users are advised to download the App through the official website of Ouyi OKX, or use the QR code provided by the official website to scan and download. During the download process, be sure to verify the official website address, check the application permissions, perform a security scan after installation, and enable two-factor verification. During use, please abide by local laws and regulations, use a safe network environment, protect account security, be vigilant against fraud, and invest rationally. This article is for reference only and does not constitute investment advice. Digital asset transactions are at your own risk.