本文以百度为例实践了oauth2.0认证过程
百度开发服务平台入口:https://openapi.baidu.com/(不要用百度搜索“百度开放服务平台”)
过程分两步,第一步是让用户授权,就是让用户填用户名密码这个过程,第二部是获取临时授权码,第三步是用临时授权码获取access_token,有了access_token为参数,就可以调用api上那些接口了
第一步发起URL请求获取临时授权码:http://openapi.baidu.com/oauth/2.0/authorize?client_id=gYyDVE1pgQ709LluG95QWt28&response_type=code&redirect_uri=oob&state=huanghanqing&force_login=1
获得临时授权码;92254e9912d36e958ea7eb85f2a54567
非OOB:http://openapi.baidu.com/oauth/2.0/authorize?client_id=gYyDVE1pgQ709LluG95QWt28&response_type=code&redirect_uri=http://www.example.com/handler&state=huanghanqing&force_login=1
回调页地址:http://www.example.com/handler?code=a17a07b966570cca4294d35aa647fd1b&state=huanghanqing(/*code=...为临时授权码*/)
默认回调地址:http://openapi.baidu.com/oauth/2.0/authorize?client_id=gYyDVE1pgQ709LluG95QWt28&response_type=code&redirect_uri=https://openapi.baidu.com/&state=huanghanqing&force_login=1
回调百度OPENAPI默认地址:https://openapi.baidu.com/?code=16404cd788e42edc171c0c417d6c5eb1&state=huanghanqing
通过临时授权码换取access_token:https://openapi.baidu.com/oauth/2.0/token?grant_type=authorization_code&code=16404cd788e42edc171c0c417d6c5eb1&client_id=gYyDVE1pgQ709LluG95QWt28&client_secret=pX0ZMo9FlL5KFLwILbckeUaPqc5tWSNn&redirect_uri=https://openapi.baidu.com/
获得access_token=
{"expires_in":2592000,
"refresh_token":"22.dfdad5071e53e7ee14777d1b72218b6a.315360000.1764515441.880266090-7417192",
"access_token":"21.291940f8cc5d35a277ae732bbca60702.2592000.1451747441.880266090-7417192",
"session_secret":"5650f8877211bc9728cc040e656cc660",
"session_key":"9mnRdvuXgN9bXbTEYnfyauocniiejGWHUeQYFqYtrMctjjCStorVBURSX7U+r2Fbpjlsn8lFB8s1NuhT5gMEEi\/qz9iqD88X",
"scope":"basic"}
用access_token获取用户详细信息:https://openapi.baidu.com/rest/2.0/passport/users/getInfo?access_token=21.291940f8cc5d35a277ae732bbca60702.2592000.1451747441.880266090-7417192