第三方QQ、微博登陆

一定要把token  uid 这些参数搞明白是干什么的 

第一种方法是转的  （通过javascript来调用）  

     

最近接触了一些第三方登陆的东西，弄的真是一个头，两个大>.<

今天，终于把腾讯第三方登陆调试通了，做一个记录，顺便发发牢骚。

QQ互联官网：http://connect.qq.com/

申请之类的就不多说了，没什么难点，主要记录一下代码方面的东西。

看官方文档的时候写的太详细，太复杂了。看了一堆没用的，和误导的。

由于项目中用的是自定义的图标，所以没有用Js SDK(后来才知道好像官方的js SDK也可以自定义图标)

之前看的是

OAuth2.0开发指引

• 开发攻略_Server-side
• 开发攻略_Client-side

中的“开发攻略_Server-side”

光获取access_token就非了九牛二虎之力。

后来发现“开发攻略_Client-side”中的方法要简单的多。现在也没弄清楚为什么要分两个。

废话不多说，进入主题：

1. 打开浏览器，访问如下地址（请将client_id，redirect_uri，scope等参数值替换为你自己的）：

https://graph.qq.com/oauth2.0/authorize?response_type=token&client_id=[YOUR_APPID]&redirect_uri=[YOUR_REDIRECT_URI]&scope=[THE_SCOPE]

QQ登陆示例代码：

[html] view plaincopyprint?

1. <a href="https://graph.qq.com/oauth2.0/authorize?response_type=token&client_id=101009536&redirect_uri=jishanjia.lanbaoo.com/login/bind&scope=get_user_info">腾讯QQ登录</a>  

特别提示：
1. 请求时传入的recirect_uri必须与注册时填写的回调地址一致，用来进行第三方应用的身份验证。

2. 可通过js方法：window.location.hash来获取URL中#后的参数值，

授权成功后就跳转到recirect_uri这时就可以将？之前的路径换成本地环境，进行本地调试，

将

[plain] view plaincopyprint?

1. http://jishanjia.lanbaoo.com/login/bind?#access_token=F2B24AABBF5D69995C52D9007D1DBCE6&expires_in=7776000  

换成

[plain] view plaincopyprint?

1. http://localhost:8088/mercy/login/bind?#access_token=F2B24AABBF5D69995C52D9007D1DBCE6&expires_in=7776000  

expires_in=7776000应该是access_token的有效时间

然后用获取到的access_token获取OpenID

发送请求到如下地址（请将access_token等参数值替换为你自己的）：

https://graph.qq.com/oauth2.0/me?access_token=YOUR_ACCESS_TOKEN

2. 获取到用户OpenID，返回包如下：

1

callback({"client_id":"YOUR_APPID","openid":"YOUR_OPENID"});

示例代码：

[javascript] view plaincopyprint?

1. var accessToken = window.location.hash.substring(1);//获取路径中的access_token  
2.     $.ajax({  
3.           type: 'GET',  
4.           url: 'https://graph.qq.com/oauth2.0/me?'+accessToken,  
5.           async: false,  
6.           dataType: "jsonp",  
7.           jsonp: "callback",//传递给请求处理程序或页面的，用以获得jsonp回调函数名的参数名(一般默认为:callback)  
8.           jsonpCallback:"callback",  
9.           success: function(o){  
10.               console.log(o);//o就是上面提到的返回包  
11.               $.ajax({  
12.                   type: 'POST',  
13.                   url:$CONFIG.base_url+"/third/qq/get_user_info",  
14.                   data:{url: 'https://graph.qq.com/user/get_user_info?'+accessToken+'&oauth_consumer_key=101009536&openid='+o.openid},  
15.                   async: false,  
16.                   dataType: "json",  
17.                   success: function(e){  
18.                       alert(e.nickname);  
19.                       console.log(e);  
20.                       $("#userImg").attr("src",e.figureurl_qq_2);  
21.                   }  
22.             });  
23.           }  
24.     });  

获取到OpenID后就可以获取用户信息了（get_user_info）详情参照api文档

获取user_info的时候jsonp就有点不对头了，虽然可以获取到，但是要报错，可能时jsonp用的不够熟练吧。然后我有采用后台获取用户信息的方式进行了一次中转。

代码如下：

[java] view plaincopyprint?

1. @RequestMapping(value = "/qq/get_user_info", method = RequestMethod.POST)  
2.     public ResponseEntity<HttpEntity> qqGetUserInfo(HttpServletRequest request) {  
3.   
4.         String url = request.getParameter("url");  
5.         System.out.println(url);  
6.         HttpClient httpClient = new HttpClient();  
7.         // 创建GET方法的实例  
8.         GetMethod getMethod = new GetMethod(url);  
9.         // 使用系统提供的默认的恢复策略  
10.         getMethod.getParams().setParameter(HttpMethodParams.RETRY_HANDLER,  
11.                 new DefaultHttpMethodRetryHandler());  
12.         try {  
13.             // 执行getMethod  
14.             int statusCode = httpClient.executeMethod(getMethod);  
15.             if (statusCode != 200) {  
16.                 System.err.println("Method failed: "  
17.                         + getMethod.getStatusLine());  
18.             }  
19.             // 读取内容  
20.             byte[] responseBody = getMethod.getResponseBody();  
21.             // 处理内容  
22.             return new ResponseEntity(responseBody,HttpStatus.OK);  
23.         } catch (HttpException e) {  
24.             // 发生致命的异常，可能是协议不对或者返回的内容有问题  
25.             System.out.println();  
26.             e.printStackTrace();  
27.             return new ResponseEntity("Please check your provided http address!",HttpStatus.BAD_REQUEST);  
28.         } catch (IOException e) {  
29.             // 发生网络异常  
30.             e.printStackTrace();  
31.             return new ResponseEntity("Time out!",HttpStatus.BAD_GATEWAY);  
32.         } finally {  
33.             // 释放连接  
34.             getMethod.releaseConnection();  
35.         }  
36.           
37.     }  

第二种 是通过后台去交互数据 数据时通过json或者xml格式就行交互  可以是QQ登陆或者微博登陆 登陆类似，可以通过封装来实现

这个类是action 用springMvc来写的

package com.shishuo.studio.action;


import java.io.IOException;


import javax.servlet.http.HttpServletResponse;


import org.apache.http.client.ClientProtocolException;
import org.apache.ibatis.annotations.Param;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;


import com.shishuo.studio.entity.User;
import com.shishuo.studio.exception.AuthException;
import com.shishuo.studio.exception.LoginFailureException;
import com.shishuo.studio.exception.OAuthException;
import com.shishuo.studio.exception.OpenIdNotFoundException;
import com.shishuo.studio.exception.UserNotFoundException;
import com.shishuo.studio.exception.notfound.StorageNotFoundException;


/**
 * @author Herbert
 * 
 */
@Controller
@RequestMapping("/login")
public class LoginAction extends BaseAction {


private static final CharSequence jsonp = null;


/**
* 第3方登陆
* 
* @param name
* @return
*/
@RequestMapping(value = "/third.htm", method = RequestMethod.GET)
public String third(@Param("name") String name) {
if (name.equalsIgnoreCase("qq")) {
return "redirect:" + oAuthQQService.getCodeUrl();
} else {
return "redirect:" + oAuthWeiBoService.getCodeUrl();
}


}


/**
* 
* qq登陆
* 
* @param code
* 
* @return
*/
@RequestMapping(value = "/qq.htm", method = RequestMethod.GET)
public String qq(@Param("code") String code, HttpServletResponse response) {
try {
User user = oAuthQQService.checkCode(code);
userService.addAuth(user, response);
return "redirect:/index.htm";
} catch (UserNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (StorageNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (OpenIdNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (AuthException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (ClientProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (IllegalStateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (LoginFailureException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
}
}


/**
* weibo登陆
* 
* @param modelMap
* @return
* @throws IOException
* @throws IllegalStateException
* @throws StorageNotFoundException
*/
@RequestMapping(value = "/wei bo.htm", method = RequestMethod.GET)
public String weibo(@Param("code") String code, HttpServletResponse response)
throws StorageNotFoundException {
User user;
try {
user = oAuthWeiBoService.checkCode(code);
if (user != null) {
userService.addAuth(user, response);
return "redirect:/index.htm";
} else {
userService.delAuth(response);
return "redirect:/user/login.htm";
}


} catch (UserNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (OAuthException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (AuthException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (ClientProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (IllegalStateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return "redirect:/user/login.htm";
}
}
}

这个是第三方登陆的Service 

package com.shishuo.studio.service;


import java.io.IOException;
import java.util.HashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;


import net.sf.json.JSONObject;


import org.apache.http.HttpEntity;
import org.apache.http.client.ClientProtocolException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;


import com.shishuo.studio.constant.OAuthQQConstant;
import com.shishuo.studio.constant.StorageConstant;
import com.shishuo.studio.constant.SystemConstant;
import com.shishuo.studio.constant.UserConstant;
import com.shishuo.studio.entity.User;
import com.shishuo.studio.entity.vo.StorageVo;
import com.shishuo.studio.exception.AuthException;
import com.shishuo.studio.exception.LoginFailureException;
import com.shishuo.studio.exception.OpenIdNotFoundException;
import com.shishuo.studio.exception.UserNotFoundException;
import com.shishuo.studio.exception.notfound.StorageNotFoundException;
import com.shishuo.studio.util.HttpUtils;


/**
 * @author QQ登陆service
 * 
 */
@Service
public class OAuthQQService implements OAuthService {


@Autowired
private UserService userService;


@Autowired
private TeacherService teacherService;


@Autowired
private StorageService pictureService;


/**
* 
* 获得QQ登陆的code
* 
* @return code
*/


public String getCodeUrl() {
HashMap<String, String> param = new HashMap<String, String>();
param.put("client_id", OAuthQQConstant.QQ_APPID);
param.put("client_secret", OAuthQQConstant.QQ_APPKEY);
param.put("redirect_uri", "http://www.shishuo.com/login/qq.htm");
return OAuthQQConstant.AUTH_CODE_URL + HttpUtils.getParam(param);
}


/**
* 
* 配置通过Authorization Code获取Access Token的参数
* 
* @param code
* @return token
* 
*/


public String getTokenByCode(String code) {
HashMap<String, String> param = new HashMap<String, String>();
param.put("grant_type", "authorization_code");
param.put("client_id", OAuthQQConstant.QQ_APPID);
param.put("client_secret", OAuthQQConstant.QQ_APPKEY);
param.put("code", code);
param.put("redirect_uri", "http://www.shishuo.com/login/qq.htm");
String[] tokens = HttpUtils.getUrl(OAuthQQConstant.TOKEN_URL, param)
.split("&");
String token = tokens[0].split("=")[1];
return token;
}


/**
* 
* 通过token获取openId数据
* 
* @param token
* @return openId
* @throws Exception
* 
*/
public String getOpenidByToken(String token) throws OpenIdNotFoundException {
String openid = "";
HashMap<String, String> param = new HashMap<String, String>();
param.put("access_token", token);
param.put("format", SystemConstant.FORMAT);
String jsonp = HttpUtils.getUrl(OAuthQQConstant.OPENID_URL, param);
Matcher m = Pattern.compile("\"openid\"\\s*:\\s*\"(\\w+)\"").matcher(
jsonp);


if (m.find()) {
openid = m.group(1);
} else {
throw new OpenIdNotFoundException("");
}
return openid;
}


/**
* 通过token和openId获取userInfo
* 
* @param token
* @param openid
* @return json
*/


public JSONObject getUserByTokenAndOpenid(String token, String openid) {


HashMap<String, String> param = new HashMap<String, String>();
param.put("access_token", token);
param.put("oauth_consumer_key", OAuthQQConstant.QQ_APPID);
param.put("openid", openid);
param.put("format", SystemConstant.FORMAT);
String jsonp = HttpUtils.getUrl(OAuthQQConstant.USERINFO_URL, param);
JSONObject object = JSONObject.fromObject(jsonp);
return object;
}


/**
* 通过code获得userInfo并入库
* 
* @param code
* @return user
* @throws UserNotFoundException
* @throws AuthException
* @throws IOException
* @throws ClientProtocolException
* @throws IllegalStateException
* @throws StorageNotFoundException
* @throws OpenIdNotFoundException
* @throws LoginFailureException
* @exception exception
*/


@Override
public User checkCode(String code) throws UserNotFoundException,
AuthException, ClientProtocolException, IOException,
StorageNotFoundException, IllegalStateException,
OpenIdNotFoundException, LoginFailureException {


String token = this.getTokenByCode(code);
String openId = this.getOpenidByToken(token);
JSONObject json = this.getUserByTokenAndOpenid(token, openId);
// ret==0 代表用户登陆成功
if (0 == Integer.parseInt(json.get("ret").toString())) {
if (userService.isUserByOpenIdAndType(openId, UserConstant.type.qq)) {
long userId = userService.updateTokenByOpenIdAndType(openId,
token, UserConstant.type.qq);
return userService.getUserById(userId);
} else {
User user = userService.addUserByThird(openId, token, "",
UserConstant.type.qq, "", "");
teacherService.updateNameByUserId(user.getUserId(),
json.getString("nickname"));
HttpEntity httpEntity = HttpUtils.download(json
.getString("figureurl_qq_2"));
StorageVo picture = pictureService.addPicture(
user.getUserId(),
user.getUserId(),
StorageConstant.kind.user,
httpEntity.getContentType().getValue()
.replaceAll("/", "."), httpEntity
.getContentType().getValue(), httpEntity
.getContent());
teacherService.updateTeacherStorageByUserId(user.getUserId(),
picture.getStorageId(), picture.getPath());
return user;
}
} else {
throw new LoginFailureException("登陆失败");
}
}
}

帮助类

/*
 * 
 * Copyright © 2013 Changsha Shishuo Network Technology Co., Ltd. All rights reserved.
 * 长沙市师说网络科技有限公司 版权所有
 * http://www.shishuo.com
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *  
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.shishuo.studio.util;


import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;


import javax.servlet.http.HttpServletRequest;


import net.sf.json.JSONObject;


import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.apache.log4j.Logger;


import com.shishuo.studio.constant.SystemConstant;


/**
 * @author Herbert
 * 
 */
public class HttpUtils {


private static final CloseableHttpClient httpClient = HttpClients
.createDefault();


private static final Logger logger = Logger.getLogger(HttpUtils.class);


/**
* 得到请求的IP地址
* 
* @param request
* @return
*/


public static String getIp(HttpServletRequest request) {
String ip = request.getHeader("X-Real-IP");
if (StringUtils.isBlank(ip)) {
ip = request.getHeader("Host");
}
if (StringUtils.isBlank(ip)) {
ip = request.getHeader("X-Forwarded-For");
}
if (StringUtils.isBlank(ip)) {
ip = "0.0.0.0";
}
return ip;
}


/**
* 浏览器请求应用服务器的URL地址
* 
* @param request
* @return
*/
public static String getBasePath(HttpServletRequest request) {
String path = request.getContextPath();
String basePath = request.getScheme() + "://" + request.getServerName()
+ ":" + request.getServerPort() + path;
return basePath;
}


/**
* 得到应用的物理地址
* 
* @return
*/
public static String getRealPath() {
return System.getProperty(SystemConstant.SHISHUO_STUDIO_ROOT);
}


/**
* 组装参数
* 
* @param params
* @return
*/
public static String getParam(HashMap<String, String> params) {
ArrayList<String> paramList = new ArrayList<String>();
Iterator<Entry<String, String>> iterator = params.entrySet().iterator();
while (iterator.hasNext()) {
Map.Entry<String, String> entry = (Entry<String, String>) iterator
.next();
String value = (String) entry.getValue();
String key = (String) entry.getKey();
paramList.add(key + "=" + value);


}
return StringUtils.join(paramList, "&");
}


/**
* @param params
* @return
*/
public static List<NameValuePair> getNameValuePair(
HashMap<String, String> params) {
List<NameValuePair> list = new ArrayList<NameValuePair>();
Iterator<Entry<String, String>> iterator = params.entrySet().iterator();
while (iterator.hasNext()) {
Map.Entry<String, String> entry = (Entry<String, String>) iterator
.next();
String value = (String) entry.getValue();
String key = (String) entry.getKey();
list.add(new BasicNameValuePair(key, value));
}
return list;
}


/**
* @param url
* @param param
* @return
*/
public static String getUrl(String url, HashMap<String, String> params) {
try {
HttpGet httpGet = new HttpGet(url + "?" + getParam(params));
logger.info(url + "?" + getParam(params));
HttpResponse response = httpClient.execute(httpGet);
HttpEntity entity = response.getEntity();
String responseString = EntityUtils.toString(response.getEntity());
EntityUtils.consume(entity);
return responseString;
} catch (Exception e) {
e.printStackTrace();
return "";
}
}


/**
* 得到JSON数据
* 
* @param url
* @param param
* @return
*/
public static JSONObject getJSON(String url, HashMap<String, String> params) {
String json = getUrl(url, params);
return JSONObject.fromObject(json);
}


/**
* @param url
* @param params
* @return
*/
public static String postUrl(String url, HashMap<String, String> params) {
try {
HttpPost httpPost = new HttpPost(url);
httpPost.setEntity(new UrlEncodedFormEntity(
getNameValuePair(params), "UTF-8"));
HttpResponse response = httpClient.execute(httpPost);
HttpEntity entity = response.getEntity();
String responseString = EntityUtils.toString(response.getEntity());
EntityUtils.consume(entity);
return responseString;
} catch (Exception e) {
e.printStackTrace();
return "";
}


}


/**
* @param url
* @return
* @throws ClientProtocolException
* @throws IOException
*/
public static HttpEntity download(String url)
throws ClientProtocolException, IOException {
HttpGet httpget = new HttpGet(url);


// 伪装成google的爬虫JAVA问题查询
httpget.setHeader("User-Agent",
"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)");
// Execute HTTP request
System.out.println("executing request " + httpget.getURI());
HttpResponse response = httpClient.execute(httpget);


// 得到网络资源的字节数组,并写入文件
HttpEntity entity = response.getEntity();
return entity;
}


}