您好,登錄后才能下訂單哦!
小編給大家分享一下ASP.NET怎樣實(shí)現(xiàn)QQ、微信、新浪微博OAuth2.0授權(quán)登錄,相信大部分人都還不怎么了解,因此分享這篇文章給大家參考一下,希望大家閱讀完這篇文章后大有收獲,下面讓我們一起去了解一下吧!
實(shí)現(xiàn)QQ、微信、新浪微博OAuth3.0授權(quán)登錄的示例,主要就是GET、POST遠(yuǎn)程接口,返回相應(yīng)的數(shù)據(jù),這里列出相關(guān)的代碼,供大家參考。
不管是騰訊還是新浪,查看他們的API,PHP都是有完整的接口,但對(duì)C#支持似乎都不是那么完善,都沒有,騰訊是完全沒有,新浪是提供第三方的,而且后期還不一定升級(jí),NND,用第三方的動(dòng)輒就一個(gè)類庫,各種配置還必須按照他們約定的寫,煩而且亂,索性自己寫,后期的擴(kuò)展也容易,看過接口后,開始以為很難,參考了幾個(gè)源碼之后發(fā)現(xiàn)也不是那么難,無非是GET或POST請(qǐng)求他們的接口獲取返回值之類的,話不多說,這里只提供幾個(gè)代碼共參考,拋磚引玉了。。。
我這個(gè)寫法的特點(diǎn)是,用到了Session,使用對(duì)象實(shí)例化之后調(diào)用 Login() 跳轉(zhuǎn)到登錄頁面,在回調(diào)頁面調(diào)用Callback() 執(zhí)行之后,可以從Session也可以寫?yīng)毩⒌暮瘮?shù)(如:GetOpenID())中獲取access_token或用戶的唯一標(biāo)識(shí),以方便做下一步的操作。所謂綁定就是把用戶的唯一標(biāo)識(shí)取出,插入數(shù)據(jù)庫,和帳號(hào)綁定起來。
1.首先是所有OAuth類的基類,放一些需要公用的方法
public abstract class BaseOAuth { public HttpRequest Request = HttpContext.Current.Request; public HttpResponse Response = HttpContext.Current.Response; public HttpSessionState Session = HttpContext.Current.Session; public abstract void Login(); public abstract string Callback(); #region 內(nèi)部使用函數(shù) /// <summary> /// 生成唯一隨機(jī)串防CSRF攻擊 /// </summary> /// <returns></returns> protected string GetStateCode() { Random rand = new Random(); string data = DateTime.Now.ToString("yyyyMMddHHmmssffff") + rand.Next(1, 0xf423f).ToString(); MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider(); byte[] md5byte = md5.ComputeHash(UTF8Encoding.Default.GetBytes(data)); return BitConverter.ToString(md5byte).Replace("-", ""); } /// <summary> /// GET請(qǐng)求 /// </summary> /// <param name="url"></param> /// <returns></returns> protected string GetRequest(string url) { HttpWebRequest httpWebRequest = System.Net.WebRequest.Create(url) as HttpWebRequest; httpWebRequest.Method = "GET"; httpWebRequest.ServicePoint.Expect100Continue = false; StreamReader responseReader = null; string responseData; try { responseReader = new StreamReader(httpWebRequest.GetResponse().GetResponseStream()); responseData = responseReader.ReadToEnd(); } finally { httpWebRequest.GetResponse().GetResponseStream().Close(); responseReader.Close(); } return responseData; } /// <summary> /// POST請(qǐng)求 /// </summary> /// <param name="url"></param> /// <param name="postData"></param> /// <returns></returns> protected string PostRequest(string url, string postData) { HttpWebRequest httpWebRequest = System.Net.WebRequest.Create(url) as HttpWebRequest; httpWebRequest.Method = "POST"; httpWebRequest.ServicePoint.Expect100Continue = false; httpWebRequest.ContentType = "application/x-www-form-urlencoded"; //寫入POST參數(shù) StreamWriter requestWriter = new StreamWriter(httpWebRequest.GetRequestStream()); try { requestWriter.Write(postData); } finally { requestWriter.Close(); } //讀取請(qǐng)求后的結(jié)果 StreamReader responseReader = null; string responseData; try { responseReader = new StreamReader(httpWebRequest.GetResponse().GetResponseStream()); responseData = responseReader.ReadToEnd(); } finally { httpWebRequest.GetResponse().GetResponseStream().Close(); responseReader.Close(); } return responseData; } /// <summary> /// 解析JSON /// </summary> /// <param name="strJson"></param> /// <returns></returns> protected NameValueCollection ParseJson(string strJson) { NameValueCollection mc = new NameValueCollection(); Regex regex = new Regex(@"(\s*\""?([^""]*)\""?\s*\:\s*\""?([^""]*)\""?\,?)"); strJson = strJson.Trim(); if (strJson.StartsWith("{")) { strJson = strJson.Substring(1, strJson.Length - 2); } foreach (Match m in regex.Matches(strJson)) { mc.Add(m.Groups[2].Value, m.Groups[3].Value); } return mc; } /// <summary> /// 解析URL /// </summary> /// <param name="strParams"></param> /// <returns></returns> protected NameValueCollection ParseUrlParameters(string strParams) { NameValueCollection nc = new NameValueCollection(); foreach (string p in strParams.Split('&')) { string[] ps = p.Split('='); nc.Add(ps[0], ps[1]); } return nc; } #endregion }
2.QQ的OAuth類
public class QQOAuth : BaseOAuth { public string AppId = ConfigurationManager.AppSettings["OAuth_QQ_AppId"]; public string AppKey = ConfigurationManager.AppSettings["OAuth_QQ_AppKey"]; public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_QQ_RedirectUrl"]; public const string GET_AUTH_CODE_URL = "https://graph.qq.com/oauth3.0/authorize"; public const string GET_ACCESS_TOKEN_URL = "https://graph.qq.com/oauth3.0/token"; public const string GET_OPENID_URL = "https://graph.qq.com/oauth3.0/me"; /// <summary> /// QQ登錄,跳轉(zhuǎn)到登錄頁面 /// </summary> public override void Login() { //-------生成唯一隨機(jī)串防CSRF攻擊 string state = GetStateCode(); Session["QC_State"] = state; //state 放入Session string parms = "?response_type=code&" + "client_id=" + AppId + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "&state=" + state; string url = GET_AUTH_CODE_URL + parms; Response.Redirect(url); //跳轉(zhuǎn)到登錄頁面 } /// <summary> /// QQ回調(diào)函數(shù) /// </summary> /// <param name="code"></param> /// <param name="state"></param> /// <returns></returns> public override string Callback() { string code = Request.QueryString["code"]; string state = Request.QueryString["state"]; //--------驗(yàn)證state防止CSRF攻擊 if (state != (string)Session["QC_State"]) { ShowError("30001"); } string parms = "?grant_type=authorization_code&" + "client_id=" + AppId + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "&client_secret=" + AppKey + "&code=" + code; string url = GET_ACCESS_TOKEN_URL + parms; string str = GetRequest(url); if (str.IndexOf("callback") != -1) { int lpos = str.IndexOf("("); int rpos = str.IndexOf(")"); str = str.Substring(lpos + 1, rpos - lpos - 1); NameValueCollection msg = ParseJson(str); if (!string.IsNullOrEmpty(msg["error"])) { ShowError(msg["error"], msg["error_description"]); } } NameValueCollection token = ParseUrlParameters(str); Session["QC_AccessToken"] = token["access_token"]; //access_token 放入Session return token["access_token"]; } /// <summary> /// 使用Access Token來獲取用戶的OpenID /// </summary> /// <param name="accessToken"></param> /// <returns></returns> public string GetOpenID() { string parms = "?access_token=" + Session["QC_AccessToken"]; string url = GET_OPENID_URL + parms; string str = GetRequest(url); if (str.IndexOf("callback") != -1) { int lpos = str.IndexOf("("); int rpos = str.IndexOf(")"); str = str.Substring(lpos + 1, rpos - lpos - 1); } NameValueCollection user = ParseJson(str); if (!string.IsNullOrEmpty(user["error"])) { ShowError(user["error"], user["error_description"]); } Session["QC_OpenId"] = user["openid"]; //openid 放入Session return user["openid"]; } /// <summary> /// 顯示錯(cuò)誤信息 /// </summary> /// <param name="code">錯(cuò)誤編號(hào)</param> /// <param name="description">錯(cuò)誤描述</param> private void ShowError(string code, string description = null) { if (description == null) { switch (code) { case "20001": description = "<h3>配置文件損壞或無法讀取,請(qǐng)檢查web.config</h3>"; break; case "30001": description = "<h3>The state does not match. You may be a victim of CSRF.</h3>"; break; case "50001": description = "<h3>可能是服務(wù)器無法請(qǐng)求https協(xié)議</h3>可能未開啟curl支持,請(qǐng)嘗試開啟curl支持,重啟web服務(wù)器,如果問題仍未解決,請(qǐng)聯(lián)系我們"; break; default: description = "<h3>系統(tǒng)未知錯(cuò)誤,請(qǐng)聯(lián)系我們</h3>"; break; } Response.Write(description); Response.End(); } else { Response.Write("<h4>error:<h4>" + code + "<h4>msg:<h4>" + description); Response.End(); } } }
3.新浪微博的OAuth類
public class SinaOAuth : BaseOAuth { public string AppKey = ConfigurationManager.AppSettings["OAuth_Sina_AppKey"]; public string AppSecret = ConfigurationManager.AppSettings["OAuth_Sina_AppSecret"]; public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_Sina_RedirectUrl"]; public const string GET_AUTH_CODE_URL = "https://api.weibo.com/oauth3/authorize"; public const string GET_ACCESS_TOKEN_URL = "https://api.weibo.com/oauth3/access_token"; public const string GET_UID_URL = "https://api.weibo.com/2/account/get_uid.json"; /// <summary> /// 新浪微博登錄,跳轉(zhuǎn)到登錄頁面 /// </summary> public override void Login() { //-------生成唯一隨機(jī)串防CSRF攻擊 string state = GetStateCode(); Session["Sina_State"] = state; //state 放入Session string parms = "?client_id=" + AppKey + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "&state=" + state; string url = GET_AUTH_CODE_URL + parms; Response.Redirect(url); //跳轉(zhuǎn)到登錄頁面 } /// <summary> /// 新浪微博回調(diào)函數(shù) /// </summary> /// <returns></returns> public override string Callback() { string code = Request.QueryString["code"]; string state = Request.QueryString["state"]; //--------驗(yàn)證state防止CSRF攻擊 if (state != (string)Session["Sina_State"]) { ShowError("The state does not match. You may be a victim of CSRF."); } string parms = "client_id=" + AppKey + "&client_secret=" + AppSecret + "&grant_type=authorization_code&code=" + code + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl); string str = PostRequest(GET_ACCESS_TOKEN_URL, parms); NameValueCollection user = ParseJson(str); Session["Sina_AccessToken"] = user["access_token"]; //access_token 放入Session Session["Sina_UId"] = user["uid"]; //uid 放入Session return user["access_token"]; } /// <summary> /// 顯示錯(cuò)誤信息 /// </summary> /// <param name="description">錯(cuò)誤描述</param> private void ShowError(string description = null) { Response.Write("<h3>" + description + "</h3>"); Response.End(); } }
4.微信的OAuth類
public class WeixinOAuth : BaseOAuth { public string AppId = ConfigurationManager.AppSettings["OAuth_Weixin_AppId"]; public string AppSecret = ConfigurationManager.AppSettings["OAuth_Weixin_AppSecret"]; public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_Weixin_RedirectUrl"]; public const string GET_AUTH_CODE_URL = "https://open.weixin.qq.com/connect/qrconnect"; public const string GET_ACCESS_TOKEN_URL = "https://api.weixin.qq.com/sns/oauth3/access_token"; public const string GET_USERINFO_URL = "https://api.weixin.qq.com/sns/userinfo"; /// <summary> /// 微信登錄,跳轉(zhuǎn)到登錄頁面 /// </summary> public override void Login() { //-------生成唯一隨機(jī)串防CSRF攻擊 string state = GetStateCode(); Session["Weixin_State"] = state; //state 放入Session string parms = "?appid=" + AppId + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "&response_type=code&scope=snsapi_login" + "&state=" + state + "#wechat_redirect"; string url = GET_AUTH_CODE_URL + parms; Response.Redirect(url); //跳轉(zhuǎn)到登錄頁面 } /// <summary> /// 微信回調(diào)函數(shù) /// </summary> /// <param name="code"></param> /// <param name="state"></param> /// <returns></returns> public override string Callback() { string code = Request.QueryString["code"]; string state = Request.QueryString["state"]; //--------驗(yàn)證state防止CSRF攻擊 if (state != (string)Session["Weixin_State"]) { ShowError("30001"); } string parms = "?appid=" + AppId + "&secret=" + AppSecret + "&code=" + code + "&grant_type=authorization_code"; string url = GET_ACCESS_TOKEN_URL + parms; string str = GetRequest(url); NameValueCollection msg = ParseJson(str); if (!string.IsNullOrEmpty(msg["errcode"])) { ShowError(msg["errcode"], msg["errmsg"]); } Session["Weixin_AccessToken"] = msg["access_token"]; //access_token 放入Session Session["Weixin_OpenId"] = msg["openid"]; //access_token 放入Session return msg["access_token"]; } /// <summary> /// 顯示錯(cuò)誤信息 /// </summary> /// <param name="code">錯(cuò)誤編號(hào)</param> /// <param name="description">錯(cuò)誤描述</param> private void ShowError(string code, string description = null) { if (description == null) { switch (code) { case "20001": description = "<h3>配置文件損壞或無法讀取,請(qǐng)檢查web.config</h3>"; break; case "30001": description = "<h3>The state does not match. You may be a victim of CSRF.</h3>"; break; case "50001": description = "<h3>接口未授權(quán)</h3>"; break; default: description = "<h3>系統(tǒng)未知錯(cuò)誤,請(qǐng)聯(lián)系我們</h3>"; break; } Response.Write(description); Response.End(); } else { Response.Write("<h4>error:<h4>" + code + "<h4>msg:<h4>" + description); Response.End(); } } }
5.web.config配置信息
<appSettings> <!--QQ登錄相關(guān)配置--> <add key="OAuth_QQ_AppId" value="123456789" /> <add key="OAuth_QQ_AppKey" value="25f9e794323b453885f5181f1b624d0b" /> <add key="OAuth_QQ_RedirectUrl" value="http://www.domain.com/oauth30/qqcallback.aspx" /> <!--新浪微博登錄相關(guān)配置--> <add key="OAuth_Sina_AppKey" value="123456789" /> <add key="OAuth_Sina_AppSecret" value="25f9e794323b453885f5181f1b624d0b" /> <add key="OAuth_Sina_RedirectUrl" value="http://www.domain.com/oauth30/sinacallback.aspx" /> <!--微信登錄相關(guān)配置--> <add key="OAuth_Weixin_AppId" value="wx123456789123" /> <add key="OAuth_Weixin_AppSecret" value="25f9e794323b453885f5181f1b624d0b" /> <add key="OAuth_Weixin_RedirectUrl" value="http://www.domain.com/oauth30/weixincallback.aspx" /> </appSettings>
以上是“ASP.NET怎樣實(shí)現(xiàn)QQ、微信、新浪微博OAuth2.0授權(quán)登錄”這篇文章的所有內(nèi)容,感謝各位的閱讀!相信大家都有了一定的了解,希望分享的內(nèi)容對(duì)大家有所幫助,如果還想學(xué)習(xí)更多知識(shí),歡迎關(guān)注億速云行業(yè)資訊頻道!
免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場,如果涉及侵權(quán)請(qǐng)聯(lián)系站長郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。