<?php
//流程
一开始你需要进入微信开放平台申请网站应用或者移动应用,并且填写的回调地址,地址填写你项目的域名就可以了.比如:www.baidu.com或zhidao.baidu.com.如果你的项目在二级域名就写二级域名
1.第三方发起微信授权登录请求,微信用户允许授权第三方应用后,微信会拉起应用或重定向到第三方网站,并且带上授权临时票据code参数;
PC端:
$url="https://open.weixin.qq.com/connect/qrconnect?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope=SCOPE&state=STATE#wechat_redirect";
手机端:
$url="https://open.weixin.qq.com/connect/oauth2/authorize?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope=SCOPE&state=STATE#wechat_redirect";
注:网页应用scope=snsapi_login
2. 微信用户使用微信扫描二维码并且确认登录后,PC端会跳转到redirect_uri?code=CODE&state=STATE
3. 第三方通过code参数加上AppID和AppSecret等,通过API换取access_token;
$url="https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code"
4. 如果验证通过,则微信端会返回access_token和openid
5. 第三方通过access_token和openid进行接口调用,获取用户基本数据资源或帮助用户实现基本操作。
刷新access_token有效期
"https://api.weixin.qq.com/sns/oauth2/refresh_token?appid=APPID&grant_type=refresh_token&refresh_token=REFRESH_TOKEN"
oc0pDwLIrPb5dUq-zwCPNzMHCqXw
//调取微信oauth类库
define('APPID',"wxeff0087f114744d5");
define('APPSECRET',"6ffca53313eb63819501e016e4778abe");
$wx_oauth=new Weixin_Oautn(APPID,APPSECRET);
if(isset($_GET['code'])){
$code = $_GET['code'];
//通过code换取网页授权access_token
$access_token = $wx_oauth->get_code_access_token($code);
//检验授权凭证(access_token)是否有效
$data = $wx_oauth->checkAvail($access_token['access_token'],$access_token['openid']);
//var_dump($data);
if($data['errcode'] != '0' || $data['errmsg'] != 'ok'){
//刷新access_token
$access_token = $wx_oauth->refresh_access_token($access_token['refresh_token']);
}
//得到拉取用户信息(需scope为 snsapi_userinfo)
$userinfo = $wx_oauth->get_user_info($access_token['access_token'],$access_token['openid']);
$userifo=json_decode($userinfo,true);
//var_dump($userinfo);
//
//返回数据
//array(10) { ["openid"]=> string(28) "oc0pDwLIrPb5dUq-zwCPNzMHCqXw" ["nickname"]=> string(9) "从前慢" ["sex"]=> int(1) ["language"]=> string(5) "zh_CN" ["city"]=> string(9) "哈尔滨" ["province"]=> string(9) "黑龙江" ["country"]=> string(6) "中国" ["headimgurl"]=> string(127) "http://wx.qlogo.cn/mmopen/DKYRQAB8YXPAk9RFOCeicF2cZ64RUxAfAM1ttKcNUXS8H6GHOko3BE2VHAH3rntmce5nKRSnKsprbxoF1ejfLkSfwicXfQvicyS/0" ["privilege"]=> array(0) { } ["unionid"]=> string(28) "oAI-Cv9qYmqtQOT-V16E7PfOZtqE" }
}
}else{
//跳转到微信的认证页
$redirect_uri="http://fuwu.darenai.com/taobao/card/collection/user_login.php";
$url = $wx_oauth->get_authorize_url($redirect_uri,'daren');
header('location:'.$url);
}
//微信oauth类库
class Weixin_Oautn{
var $appid = APPID;
var $appsecret = APPSECRET;
//构造函数
public function __construct($appid = NULL, $appsecret = NULL)
{
if($appid && $appsecret){
$this->appid = $appid;
$this->appsecret = $appsecret;
}
}
//http get
public function httpRequest($url){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($ch);
if($output == false){
return 'curl error:'.curl_error($ch);
}
curl_close($ch);
return$output;
}
//curl获取参数 //https 中的 get 和 post
public function https_request($url,$data=null){
$curl = curl_init();
curl_setopt($curl,CURLOPT_URL,$url);
curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($curl,CURLOPT_SSL_VERIFYHOST,false);
//不为空,使用post传参数,否则使用get
if($data){
curl_setopt($curl,CURLOPT_POST,1);
curl_setopt($curl,CURLOPT_POSTFIELDS,$data);
}
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
$output = curl_exec($curl);
curl_close($curl);
return $output;
}
//获取接口票据access_token
public function get_token(){
$url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=".$this->appid."&secret=".$this->appsecret;
$json = $this->https_request($url);
$arr = json_decode($json,true);
return $arr['access_token'];
}
/*获取授权后重定向的回调链接地址,请使用urlencode对链接进行处理
* @param string $redirect_uri
*
* * @param string $state *
*
* 手机微信端
* */
public function get_authorize_url2($redirect_uri = '', $state = ''){
$redirect_uri = urlencode($redirect_uri);
return "https://open.weixin.qq.com/connect/oauth2/authorize?appid=".$this->appid."&redirect_uri={$redirect_uri}&response_type=code&scope=snsapi_base&state={$state}#wechat_redirect";
}
/*获取授权后重定向的回调链接地址,请使用urlencode对链接进行处理
* @param string $redirect_uri
*
* * @param string $state *
*
* 网页端
* */
public function get_authorize_url($redirect_uri = '', $state = ''){
$redirect_uri = urlencode($redirect_uri);
return "https://open.weixin.qq.com/connect/qrconnect?appid=".$this->appid."&redirect_uri={$redirect_uri}&response_type=code&scope=snsapi_login&state={$state}#wechat_redirect";
}
/** *加载网页授权通过code获取access_token *
* @param string $code *
* */
public function get_code_access_token($code){
//第一步:用户同意授权,获取code
// 第二步:通过code换取网页授权access_token,与接口票据不一样
$access_token_url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=".$this->appid."&secret=".$this->appsecret."&code={$code}&grant_type=authorization_code";
$access_token = $this->https_request($access_token_url);
$arr = json_decode($access_token,true);
return$arr;
}
/**
* * 刷新access_token(如果需要) * *
*/
public function refresh_access_token($refresh_token){
//三步:刷新access_token(如果需要)
$refresh_url = "https://api.weixin.qq.com/sns/oauth2/refresh_token?appid=".$this->appid."&grant_type=refresh_token&refresh_token={$refresh_token}";
$access_token = $this->https_request($refresh_url);
return json_decode($access_token,true);
}
/** * 获取授权后的微信用户信息 *
* @param string $access_token
* * @param string $open_id *
* */
public function get_user_info($access_token = '', $open_id = ''){
// 第四步:拉取用户信息(需scope为 snsapi_userinfo)
if($access_token && $open_id){
$info_url = "https://api.weixin.qq.com/sns/userinfo?access_token={$access_token}&openid={$open_id}&lang=zh_CN";
$info_data = $this->https_request($info_url);
return json_decode($info_data, TRUE);
}
return FALSE;
}
/** *检验授权凭证(access_token)是否有效
* @param string $access_token
* * @param string $open_id *
* */
public function checkAvail($access_token='',$openid=''){
if($access_token && $openid){
$avail_url = "https://api.weixin.qq.com/sns/auth?access_token={$access_token}&openid={$openid}";
$avail_data = $this->https_request($avail_url);
return json_decode($avail_data, TRUE);
}
return FALSE;
}
}