PHP写的oauth认证服务端
适用于Kohana3.x
1. [文件] oauth.zip
2. [文件] oauth.php
class Controller_OAuth extends Controller {
public function action_index() {
$result = array('status' => '400');
$this->sendQuery($result);
}
// 获取未授权的Request Token
public function action_request() {
$result = array('status' => '400');
$provider = new OAuth_Provider();
$provider->setRequestTokenQuery();
try {
$provider->checkRequest();
$token = $provider->generateRequestToken();
$result['status'] = 200;
$result = Arr::merge($result, $token);
} catch (Exception $e) {
$result['code'] = $e->getCode();
$result['message'] = $e->getMessage();
}
$this->sendQuery($result);
}
// 获取用户授权的Request Token
public function action_authorize() {
$result = array('status' => '400');
try {
$oauth_token = Arr::get($_REQUEST, 'oauth_token');
if (!$oauth_token) {
throw new Exception('缺少 oauth_token');
}
$request_token = OAuth_Token::findByToken($oauth_token);
if(!is_object($request_token) || !$request_token->isRequest()){
throw new Exception('oauth_token 错误');
}
$username = Arr::get($_REQUEST, 'username');
$password = Arr::get($_REQUEST, 'password');
if (Auth::instance()->login($username, $password) !== TRUE) {
throw new Exception('用户名或密码错误');
}
$request_token->setVerifier(OAuth_Provider::generateVerifier());
$request_token->setUserId(Auth::instance()->instance()->get_user()->id);
$result['status'] = 200;
$result['message'] = '授权成功';
$result['callback'] = $request_token->getCallback();
$result['oauth_token'] = $oauth_token;
$result['oauth_verifier'] = $request_token->getVerifier();
} catch (Exception $e) {
$result['message'] = $e->getMessage();
}
$this->sendQuery($result);
}
// 使用授权后的Request Token换取Access Toke
public function action_access() {
$result = array('status' => '400');
// xauth
$x_auth_mode = Arr::get($_REQUEST, 'x_auth_mode');
if ($x_auth_mode == 'client_auth') {
$username = Arr::get($_REQUEST, 'x_auth_username');
$password = Arr::get($_REQUEST, 'x_auth_password');
if (Auth::instance()->login($username, $password) !== TRUE) {
throw new Exception('用户名或密码错误');
}
$userid = Auth::instance()->instance()->get_user()->id;
try {
// 生成request token
$provider = new OAuth_Provider();
$provider->setRequestTokenQuery();
$provider->checkRequest();
$consumer = $provider->getConsumer();
if ($consumer->getType() !== 1) {
throw new Exception('请申请XAuth认证');
}
$token = sha1(OAuthProvider::generateToken(20, true));
$secret = sha1(OAuthProvider::generateToken(20, true));
$oauth_token = ORM::factory('oauth_token');
$oauth_token->type = 2;
$oauth_token->consumer_id = $consumer->getId();
$oauth_token->token = $token;
$oauth_token->token_secret = $secret;
$oauth_token->callback_url = '';
$oauth_token->user_id = $userid;
$oauth_token->verifier = '';
$oauth_token->save();
$result = array('status' => 200, 'oauth_token' => $token, 'oauth_token_secret' => $secret);
} catch (Exception $e) {
$result['code'] = $e->getCode();
$result['message'] = $e->getMessage();
}
$this->sendQuery($result);
} else {
$provider = new OAuth_Provider();
try {
$provider->checkRequest();
$token = $provider->generateAccessToken();
$result['status'] = 200;
$result = Arr::merge($result, $token);
} catch (Exception $e) {
$result['code'] = $e->getCode();
$result['message'] = $e->getMessage();
}
$this->sendQuery($result);
}
}
public function action_test() {
$result = array('status' => '400');
$provider = new OAuth_Provider();
try {
$provider->checkRequest();
$userid = $provider->getUserId();
$result['status'] = 200;
$result['message'] = '';
$result['userid'] = $userid;
} catch (Exception $e) {
$result['message'] = $e->getMessage();
}
$this->sendQuery($result);
}
// 输出JSON
public function sendQuery($result, $header = TRUE) {
$body = is_array($result) ? http_build_query($result) : $result;
$this->sendBody($body);
}
// 输出
public function sendBody($body) {
$this->response->body($body);
echo $this->response->send_headers()->body();
exit;
}
}Copy after login
3. [文件] provider.php
<?php defined('SYSPATH') or die('No direct script access.');
/**
* @author zhuzongxin dreamsxin@qq.com
*/
class OAuth_Provider {
private $oauth;
private $consumer;
private $user_id;
private $authentification_url;
public static function createConsumer() {
$key = sha1(OAuthProvider::generateToken(20, true));
$secret = sha1(OAuthProvider::generateToken(20, true));
return OAuth_Consumer::create($key, $secret);
}
public function __construct() {
$config = Kohana::$config->load('oauth');
$this->authentification_url = URL::base(TRUE).Arr::get($config, 'authentification_url');
/* create our instance */
$this->oauth = new OAuthProvider();
/* setup check functions */
$this->oauth->consumerHandler(array($this, 'checkConsumer'));
$this->oauth->timestampNonceHandler(array($this, 'checkNonce'));
$this->oauth->tokenHandler(array($this, 'checkToken'));
}
public function checkRequest() {
$this->oauth->checkOAuthRequest();
}
public function setRequestTokenQuery() {
$this->oauth->isRequestTokenEndpoint(true);
//$this->oauth->addRequiredParameter("oauth_callback");
}
public function generateRequestToken() {
$token = sha1(OAuthProvider::generateToken(20, true));
$token_secret = sha1(OAuthProvider::generateToken(20, true));
$callback = $this->oauth->callback;
OAuth_Token::createRequestToken($this->consumer, $token, $token_secret, $callback);
return array('authentification_url' => $this->authentification_url, 'oauth_token' => $token, 'oauth_token_secret' => $token_secret, 'oauth_callback_confirmed' => 'true');
}
public function generateAccesstoken() {
$access_token = sha1(OAuthProvider::generateToken(20, true));
$secret = sha1(OAuthProvider::generateToken(20, true));
$token = OAuth_Token::findByToken($this->oauth->token);
$token->changeToAccessToken($access_token, $secret);
return array('oauth_token' => $access_token, 'oauth_token_secret' => $secret);
}
public static function generateVerifier() {
$verifier = sha1(OAuthProvider::generateToken(20, true));
return $verifier;
}
public function checkConsumer($provider) {
$return = OAUTH_CONSUMER_KEY_UNKNOWN;
$aConsumer = OAuth_Consumer::findByKey($provider->consumer_key);
if (is_object($aConsumer)) {
if (!$aConsumer->isActive()) {
$return = OAUTH_CONSUMER_KEY_REFUSED;
} else {
$this->consumer = $aConsumer;
$provider->consumer_secret = $this->consumer->getSecretKey();
$return = OAUTH_OK;
}
}
return $return;
}
public function checkToken($provider) {
$token = OAuth_Token::findByToken($provider->token);
if (is_null($token)) {
return OAUTH_TOKEN_REJECTED;
} elseif ($token->getType() == 1) {
if ($token->getVerifier() != $provider->verifier) {
return OAUTH_VERIFIER_INVALID;
} else {
$provider->token_secret = $token->getSecret();
return OAUTH_OK;
}
} elseif ($token->getType() == 2) {
if ($token->getExpires() > 0 && time() - strtotime($token->getCreated()) > (int)$token->getExpires()) {
return OAUTH_TOKEN_EXPIRED;
}
$this->user_id = $token->getUserId();
$provider->token_secret = $token->getSecret();
return OAUTH_OK;
}
}
public function checkNonce($provider) {
if ($this->oauth->timestamp < time() - 5 * 60) {
return OAUTH_BAD_TIMESTAMP;
} elseif ($this->consumer->hasNonce($provider->nonce, $this->oauth->timestamp)) {
return OAUTH_BAD_NONCE;
} else {
$this->consumer->addNonce($this->oauth->nonce);
return OAUTH_OK;
}
}
public function getUserId() {
if ($this->user_id) {
return $this->user_id;
} else {
throw new Exception("User not authentificated");
}
}
public function getConsumer() {
return $this->consumer;
}
}Copy after login
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
3 weeks ago
By 尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Best Graphic Settings
3 weeks ago
By 尊渡假赌尊渡假赌尊渡假赌
Assassin's Creed Shadows: Seashell Riddle Solution
1 weeks ago
By DDD
R.E.P.O. How to Fix Audio if You Can't Hear Anyone
3 weeks ago
By 尊渡假赌尊渡假赌尊渡假赌
Where to find the Crane Control Keycard in Atomfall
1 weeks ago
By DDD
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
CakePHP Tutorial
1359
52
1359
52