主頁 > 知識庫 > ASP.NET實現(xiàn)QQ、微信、新浪微博OAuth2.0授權(quán)登錄 原創(chuàng)

ASP.NET實現(xiàn)QQ、微信、新浪微博OAuth2.0授權(quán)登錄 原創(chuàng)
熱門標簽:地圖定位圖標標注 濮陽外呼電銷系統(tǒng)怎么樣 地圖標注專業(yè)團隊 地圖標注的公司有哪些 代理接電話機器人如何取消 天心智能電銷機器人 400電話辦理哪家性價比高 遂寧市地圖標注app 塔城代理外呼系統(tǒng)

不管是騰訊還是新浪,查看他們的API,PHP都是有完整的接口,但對C#支持似乎都不是那么完善,都沒有,騰訊是完全沒有,新浪是提供第三方的,而且后期還不一定升級,NND,用第三方的動輒就一個類庫,各種配置還必須按照他們約定的寫,煩而且亂,索性自己寫,后期的擴展也容易,看過接口后,開始以為很難,參考了幾個源碼之后發(fā)現(xiàn)也不是那么難,無非是GET或POST請求他們的接口獲取返回值之類的,話不多說,這里只提供幾個代碼共參考,拋磚引玉了。。。

我這個寫法的特點是,用到了Session,使用對象實例化之后調(diào)用 Login() 跳轉(zhuǎn)到登錄頁面,在回調(diào)頁面調(diào)用Callback() 執(zhí)行之后,可以從Session也可以寫獨立的函數(shù)(如:GetOpenID())中獲取access_token或用戶的唯一標識,以方便做下一步的操作。所謂綁定就是把用戶的唯一標識取出,插入數(shù)據(jù)庫,和帳號綁定起來。

1.首先是所有OAuth類的基類,放一些需要公用的方法

public abstract class BaseOAuth
{
  public HttpRequest Request = HttpContext.Current.Request;
  public HttpResponse Response = HttpContext.Current.Response;
  public HttpSessionState Session = HttpContext.Current.Session;

  public abstract void Login();
  public abstract string Callback();

  #region 內(nèi)部使用函數(shù)

  /// summary>
  /// 生成唯一隨機串防CSRF攻擊
  /// /summary>
  /// returns>/returns>
  protected string GetStateCode()
  {
    Random rand = new Random();
    string data = DateTime.Now.ToString("yyyyMMddHHmmssffff") + rand.Next(1, 0xf423f).ToString();

    MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();

    byte[] md5byte = md5.ComputeHash(UTF8Encoding.Default.GetBytes(data));

    return BitConverter.ToString(md5byte).Replace("-", "");

  }

  /// summary>
  /// GET請求
  /// /summary>
  /// param name="url">/param>
  /// returns>/returns>
  protected string GetRequest(string url)
  {
    HttpWebRequest httpWebRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
    httpWebRequest.Method = "GET";
    httpWebRequest.ServicePoint.Expect100Continue = false;

    StreamReader responseReader = null;
    string responseData;
    try
    {
      responseReader = new StreamReader(httpWebRequest.GetResponse().GetResponseStream());
      responseData = responseReader.ReadToEnd();
    }
    finally
    {
      httpWebRequest.GetResponse().GetResponseStream().Close();
      responseReader.Close();
    }

    return responseData;
  }

  /// summary>
  /// POST請求
  /// /summary>
  /// param name="url">/param>
  /// param name="postData">/param>
  /// returns>/returns>
  protected string PostRequest(string url, string postData)
  {
    HttpWebRequest httpWebRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
    httpWebRequest.Method = "POST";
    httpWebRequest.ServicePoint.Expect100Continue = false;
    httpWebRequest.ContentType = "application/x-www-form-urlencoded";

    //寫入POST參數(shù)
    StreamWriter requestWriter = new StreamWriter(httpWebRequest.GetRequestStream());
    try
    {
      requestWriter.Write(postData);
    }
    finally
    {
      requestWriter.Close();
    }

    //讀取請求后的結(jié)果
    StreamReader responseReader = null;
    string responseData;
    try
    {
      responseReader = new StreamReader(httpWebRequest.GetResponse().GetResponseStream());
      responseData = responseReader.ReadToEnd();
    }
    finally
    {
      httpWebRequest.GetResponse().GetResponseStream().Close();
      responseReader.Close();
    }

    return responseData;
  }

  /// summary>
  /// 解析JSON
  /// /summary>
  /// param name="strJson">/param>
  /// returns>/returns>
  protected NameValueCollection ParseJson(string strJson)
  {
    NameValueCollection mc = new NameValueCollection();
    Regex regex = new Regex(@"(\s*\""?([^""]*)\""?\s*\:\s*\""?([^""]*)\""?\,?)");
    strJson = strJson.Trim();
    if (strJson.StartsWith("{"))
    {
      strJson = strJson.Substring(1, strJson.Length - 2);
    }

    foreach (Match m in regex.Matches(strJson))
    {
      mc.Add(m.Groups[2].Value, m.Groups[3].Value);
    }
    return mc;
  }

  /// summary>
  /// 解析URL
  /// /summary>
  /// param name="strParams">/param>
  /// returns>/returns>
  protected NameValueCollection ParseUrlParameters(string strParams)
  {
    NameValueCollection nc = new NameValueCollection();
    foreach (string p in strParams.Split(''))
    {
      string[] ps = p.Split('=');
      nc.Add(ps[0], ps[1]);
    }
    return nc;
  }

  #endregion

}

2.QQ的OAuth類

public class QQOAuth : BaseOAuth
{
  public string AppId = ConfigurationManager.AppSettings["OAuth_QQ_AppId"];
  public string AppKey = ConfigurationManager.AppSettings["OAuth_QQ_AppKey"];
  public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_QQ_RedirectUrl"];

  public const string GET_AUTH_CODE_URL = "https://graph.qq.com/oauth2.0/authorize";
  public const string GET_ACCESS_TOKEN_URL = "https://graph.qq.com/oauth2.0/token";
  public const string GET_OPENID_URL = "https://graph.qq.com/oauth2.0/me";

  /// summary>
  /// QQ登錄,跳轉(zhuǎn)到登錄頁面
  /// /summary>
  public override void Login()
  {
    //-------生成唯一隨機串防CSRF攻擊
    string state = GetStateCode();
    Session["QC_State"] = state; //state 放入Session

    string parms = "?response_type=code"
      + "client_id=" + AppId + "redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "state=" + state;

    string url = GET_AUTH_CODE_URL + parms;
    Response.Redirect(url); //跳轉(zhuǎn)到登錄頁面
  }

  /// summary>
  /// QQ回調(diào)函數(shù)
  /// /summary>
  /// param name="code">/param>
  /// param name="state">/param>
  /// returns>/returns>
  public override string Callback()
  {
    string code = Request.QueryString["code"];
    string state = Request.QueryString["state"];

    //--------驗證state防止CSRF攻擊
    if (state != (string)Session["QC_State"])
    {
      ShowError("30001");
    }

    string parms = "?grant_type=authorization_code"
      + "client_id=" + AppId + "redirect_uri=" + Uri.EscapeDataString(RedirectUrl)
      + "client_secret=" + AppKey + "code=" + code;

    string url = GET_ACCESS_TOKEN_URL + parms;
    string str = GetRequest(url);

    if (str.IndexOf("callback") != -1)
    {
      int lpos = str.IndexOf("(");
      int rpos = str.IndexOf(")");
      str = str.Substring(lpos + 1, rpos - lpos - 1);
      NameValueCollection msg = ParseJson(str);
      if (!string.IsNullOrEmpty(msg["error"]))
      {
        ShowError(msg["error"], msg["error_description"]);
      }

    }

    NameValueCollection token = ParseUrlParameters(str);
    Session["QC_AccessToken"] = token["access_token"]; //access_token 放入Session
    return token["access_token"];
  }


  /// summary>
  /// 使用Access Token來獲取用戶的OpenID
  /// /summary>
  /// param name="accessToken">/param>
  /// returns>/returns>
  public string GetOpenID()
  {
    string parms = "?access_token=" + Session["QC_AccessToken"];

    string url = GET_OPENID_URL + parms;
    string str = GetRequest(url);

    if (str.IndexOf("callback") != -1)
    {
      int lpos = str.IndexOf("(");
      int rpos = str.IndexOf(")");
      str = str.Substring(lpos + 1, rpos - lpos - 1);
    }

    NameValueCollection user = ParseJson(str);

    if (!string.IsNullOrEmpty(user["error"]))
    {
      ShowError(user["error"], user["error_description"]);
    }

    Session["QC_OpenId"] = user["openid"]; //openid 放入Session
    return user["openid"];
  }

  /// summary>
  /// 顯示錯誤信息
  /// /summary>
  /// param name="code">錯誤編號/param>
  /// param name="description">錯誤描述/param>
  private void ShowError(string code, string description = null)
  {
    if (description == null)
    {
      switch (code)
      {
        case "20001":
          description = "h2>配置文件損壞或無法讀取,請檢查web.config/h2>";
          break;
        case "30001":
          description = "h2>The state does not match. You may be a victim of CSRF./h2>";
          break;
        case "50001":
          description = "h2>可能是服務器無法請求https協(xié)議/h2>可能未開啟curl支持,請嘗試開啟curl支持,重啟web服務器,如果問題仍未解決,請聯(lián)系我們";
          break;
        default:
          description = "h2>系統(tǒng)未知錯誤,請聯(lián)系我們/h2>";
          break;
      }
      Response.Write(description);
      Response.End();
    }
    else
    {
      Response.Write("h3>error:h3>" + code + "h3>msg:h3>" + description);
      Response.End();
    }
  }

}

3.新浪微博的OAuth類

public class SinaOAuth : BaseOAuth
{
  public string AppKey = ConfigurationManager.AppSettings["OAuth_Sina_AppKey"];
  public string AppSecret = ConfigurationManager.AppSettings["OAuth_Sina_AppSecret"];
  public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_Sina_RedirectUrl"];

  public const string GET_AUTH_CODE_URL = "https://api.weibo.com/oauth2/authorize";
  public const string GET_ACCESS_TOKEN_URL = "https://api.weibo.com/oauth2/access_token";
  public const string GET_UID_URL = "https://api.weibo.com/2/account/get_uid.json";

  /// summary>
  /// 新浪微博登錄,跳轉(zhuǎn)到登錄頁面
  /// /summary>
  public override void Login()
  {
    //-------生成唯一隨機串防CSRF攻擊
    string state = GetStateCode();
    Session["Sina_State"] = state; //state 放入Session

    string parms = "?client_id=" + AppKey + "redirect_uri=" + Uri.EscapeDataString(RedirectUrl)
      + "state=" + state;

    string url = GET_AUTH_CODE_URL + parms;
    Response.Redirect(url); //跳轉(zhuǎn)到登錄頁面
  }

  /// summary>
  /// 新浪微博回調(diào)函數(shù)
  /// /summary>
  /// returns>/returns>
  public override string Callback()
  {
    string code = Request.QueryString["code"];
    string state = Request.QueryString["state"];

    //--------驗證state防止CSRF攻擊
    if (state != (string)Session["Sina_State"])
    {
      ShowError("The state does not match. You may be a victim of CSRF.");
    }

    string parms = "client_id=" + AppKey + "client_secret=" + AppSecret
      + "grant_type=authorization_codecode=" + code + "redirect_uri=" + Uri.EscapeDataString(RedirectUrl);

    string str = PostRequest(GET_ACCESS_TOKEN_URL, parms);

    NameValueCollection user = ParseJson(str);

    Session["Sina_AccessToken"] = user["access_token"]; //access_token 放入Session
    Session["Sina_UId"] = user["uid"]; //uid 放入Session
    return user["access_token"];
  }


  /// summary>
  /// 顯示錯誤信息
  /// /summary>
  /// param name="description">錯誤描述/param>
  private void ShowError(string description = null)
  {
    Response.Write("h2>" + description + "/h2>");
    Response.End();
  }
}

4.微信的OAuth類

public class WeixinOAuth : BaseOAuth
{
  public string AppId = ConfigurationManager.AppSettings["OAuth_Weixin_AppId"];
  public string AppSecret = ConfigurationManager.AppSettings["OAuth_Weixin_AppSecret"];
  public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_Weixin_RedirectUrl"];

  public const string GET_AUTH_CODE_URL = "https://open.weixin.qq.com/connect/qrconnect";
  public const string GET_ACCESS_TOKEN_URL = "https://api.weixin.qq.com/sns/oauth2/access_token";
  public const string GET_USERINFO_URL = "https://api.weixin.qq.com/sns/userinfo";

  /// summary>
  /// 微信登錄,跳轉(zhuǎn)到登錄頁面
  /// /summary>
  public override void Login()
  {
    //-------生成唯一隨機串防CSRF攻擊
    string state = GetStateCode();
    Session["Weixin_State"] = state; //state 放入Session

    string parms = "?appid=" + AppId
      + "redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "response_type=codescope=snsapi_login"
      + "state=" + state + "#wechat_redirect";

    string url = GET_AUTH_CODE_URL + parms;
    Response.Redirect(url); //跳轉(zhuǎn)到登錄頁面
  }

  /// summary>
  /// 微信回調(diào)函數(shù)
  /// /summary>
  /// param name="code">/param>
  /// param name="state">/param>
  /// returns>/returns>
  public override string Callback()
  {
    string code = Request.QueryString["code"];
    string state = Request.QueryString["state"];

    //--------驗證state防止CSRF攻擊
    if (state != (string)Session["Weixin_State"])
    {
      ShowError("30001");
    }

    string parms = "?appid=" + AppId + "secret=" + AppSecret
      + "code=" + code + "grant_type=authorization_code";

    string url = GET_ACCESS_TOKEN_URL + parms;
    string str = GetRequest(url);


    NameValueCollection msg = ParseJson(str);
    if (!string.IsNullOrEmpty(msg["errcode"]))
    {
      ShowError(msg["errcode"], msg["errmsg"]);
    }

    Session["Weixin_AccessToken"] = msg["access_token"]; //access_token 放入Session
    Session["Weixin_OpenId"] = msg["openid"]; //access_token 放入Session
    return msg["access_token"];
  }


  /// summary>
  /// 顯示錯誤信息
  /// /summary>
  /// param name="code">錯誤編號/param>
  /// param name="description">錯誤描述/param>
  private void ShowError(string code, string description = null)
  {
    if (description == null)
    {
      switch (code)
      {
        case "20001":
          description = "h2>配置文件損壞或無法讀取,請檢查web.config/h2>";
          break;
        case "30001":
          description = "h2>The state does not match. You may be a victim of CSRF./h2>";
          break;
        case "50001":
          description = "h2>接口未授權(quán)/h2>";
          break;
        default:
          description = "h2>系統(tǒng)未知錯誤,請聯(lián)系我們/h2>";
          break;
      }
      Response.Write(description);
      Response.End();
    }
    else
    {
      Response.Write("h3>error:h3>" + code + "h3>msg:h3>" + description);
      Response.End();
    }
  }

}

5.web.config配置信息

appSettings>
    !--QQ登錄相關配置-->
    add key="OAuth_QQ_AppId" value="123456789" />
    add key="OAuth_QQ_AppKey" value="25f9e794323b453885f5181f1b624d0b" />
    add key="OAuth_QQ_RedirectUrl" value="http://www.domain.com/oauth20/qqcallback.aspx" />

    !--新浪微博登錄相關配置-->
    add key="OAuth_Sina_AppKey" value="123456789" />
    add key="OAuth_Sina_AppSecret" value="25f9e794323b453885f5181f1b624d0b" />
    add key="OAuth_Sina_RedirectUrl" value="http://www.domain.com/oauth20/sinacallback.aspx" />

    !--微信登錄相關配置-->
    add key="OAuth_Weixin_AppId" value="wx123456789123" />
    add key="OAuth_Weixin_AppSecret" value="25f9e794323b453885f5181f1b624d0b" />
    add key="OAuth_Weixin_RedirectUrl" value="http://www.domain.com/oauth20/weixincallback.aspx" />
/appSettings>

您可能感興趣的文章:
  • Spring Security Oauth2.0 實現(xiàn)短信驗證碼登錄示例
  • 使用Springboot搭建OAuth2.0 Server的方法示例
  • nodejs實現(xiàn)OAuth2.0授權(quán)服務認證
  • 微信網(wǎng)頁授權(quán)(OAuth2.0) PHP 源碼簡單實現(xiàn)
  • 基于OAuth2.0授權(quán)系統(tǒng)的驗證碼功能的實現(xiàn)

標簽:河南 婁底 吉林 麗江 汕頭 重慶 本溪 宜春

巨人網(wǎng)絡通訊聲明:本文標題《ASP.NET實現(xiàn)QQ、微信、新浪微博OAuth2.0授權(quán)登錄 原創(chuàng)》,本文關鍵詞  ASP.NET,實現(xiàn),微信,新浪,微博,;如發(fā)現(xiàn)本文內(nèi)容存在版權(quán)問題,煩請?zhí)峁┫嚓P信息告之我們,我們將及時溝通與處理。本站內(nèi)容系統(tǒng)采集于網(wǎng)絡,涉及言論、版權(quán)與本站無關。
  • 相關文章
  • 下面列出與本文章《ASP.NET實現(xiàn)QQ、微信、新浪微博OAuth2.0授權(quán)登錄 原創(chuàng)》相關的同類信息!
  • 本頁收集關于ASP.NET實現(xiàn)QQ、微信、新浪微博OAuth2.0授權(quán)登錄 原創(chuàng)的相關信息資訊供網(wǎng)民參考!
    • 推薦文章