*/ /** * @ignore */ class OAuthException extends Exception { // pass } /** * 新浪微博 OAuth 认证类(OAuth2) * * 授权机制说明请大家参考微博开放平台文档：{@link http://open.weibo.com/wiki/Oauth2} * * @package sae * @author Elmer Zhang * @version 1.0 */ class SaeTOAuthV2 { /** * @ignore */ public $client_id; /** * @ignore */ public $client_secret; /** * @ignore */ public $access_token; /** * @ignore */ public $refresh_token; /** * Contains the last HTTP status code returned. * * @ignore */ public $http_code; /** * Contains the last API call. * * @ignore */ public $url; /** * Set up the API root URL. * * @ignore */ public $host = "https://api.weibo.com/2/"; /** * Set timeout default. * * @ignore */ public $timeout = 30; /** * Set connect timeout. * * @ignore */ public $connecttimeout = 30; /** * Verify SSL Cert. * * @ignore */ public $ssl_verifypeer = FALSE; /** * Respons format. * * @ignore */ public $format = 'json'; /** * Decode returned json data. * * @ignore */ public $decode_json = TRUE; /** * Contains the last HTTP headers returned. * * @ignore */ public $http_info; /** * Set the useragnet. * * @ignore */ public $useragent = 'Sae T OAuth2 v0.1'; /** * print the debug info * * @ignore */ public $debug = FALSE; /** * boundary of multipart * @ignore */ public static $boundary = ''; /** * Set API URLS */ /** * @ignore */ function accessTokenURL() { return 'https://api.weibo.com/oauth2/access_token'; } /** * @ignore */ function authorizeURL() { return 'https://api.weibo.com/oauth2/authorize'; } /** * construct WeiboOAuth object */ function __construct($client_id, $client_secret, $access_token = NULL, $refresh_token = NULL) { $this->client_id = $client_id; $this->client_secret = $client_secret; $this->access_token = $access_token; $this->refresh_token = $refresh_token; } /** * authorize接口 * * 对应API：{@link http://open.weibo.com/wiki/Oauth2/authorize Oauth2/authorize} * * @param string $url 授权后的回调地址,站外应用需与回调地址一致,站内应用需要填写canvas page的地址 * @param string $response_type 支持的值包括 code 和token 默认值为code * @param string $state 用于保持请求和回调的状态。在回调时,会在Query Parameter中回传该参数 * @param string $display 授权页面类型 可选范围: * - default 默认授权页面 * - mobile 支持html5的手机 * - popup 弹窗授权页 * - wap1.2 wap1.2页面 * - wap2.0 wap2.0页面 * - js js-sdk 专用 授权页面是弹窗，返回结果为js-sdk回掉函数 * - apponweibo 站内应用专用,站内应用不传display参数,并且response_type为token时,默认使用改display.授权后不会返回access_token，只是输出js刷新站内应用父框架 * @return array */ function getAuthorizeURL( $url, $response_type = 'code', $state = NULL, $display = NULL ) { $params = array(); $params['client_id'] = $this->client_id; $params['redirect_uri'] = $url; $params['response_type'] = $response_type; $params['state'] = $state; $params['display'] = $display; return $this->authorizeURL() . "?" . http_build_query($params); } /** * access_token接口 * * 对应API：{@link http://open.weibo.com/wiki/OAuth2/access_token OAuth2/access_token} * * @param string $type 请求的类型,可以为:code, password, token * @param array $keys 其他参数： * - 当$type为code时： array('code'=>..., 'redirect_uri'=>...) * - 当$type为password时： array('username'=>..., 'password'=>...) * - 当$type为token时： array('refresh_token'=>...) * @return array */ function getAccessToken( $type = 'code', $keys ) { $params = array(); $params['client_id'] = $this->client_id; $params['client_secret'] = $this->client_secret; if ( $type === 'token' ) { $params['grant_type'] = 'refresh_token'; $params['refresh_token'] = $keys['refresh_token']; } elseif ( $type === 'code' ) { $params['grant_type'] = 'authorization_code'; $params['code'] = $keys['code']; $params['redirect_uri'] = $keys['redirect_uri']; } elseif ( $type === 'password' ) { $params['grant_type'] = 'password'; $params['username'] = $keys['username']; $params['password'] = $keys['password']; } else { throw new OAuthException("wrong auth type"); } $response = $this->oAuthRequest($this->accessTokenURL(), 'POST', $params); $token = json_decode($response, true); if ( is_array($token) && !isset($token['error']) ) { $this->access_token = $token['access_token']; //$this->refresh_token = $token['refresh_token']; } else { throw new OAuthException("get access token failed." . $token['error']); } return $token; } /** * 解析 signed_request * * @param string $signed_request 应用框架在加载iframe时会通过向Canvas URL post的参数signed_request * * @return array */ function parseSignedRequest($signed_request) { list($encoded_sig, $payload) = explode('.', $signed_request, 2); $sig = self::base64decode($encoded_sig) ; $data = json_decode(self::base64decode($payload), true); if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') return '-1'; $expected_sig = hash_hmac('sha256', $payload, $this->client_secret, true); return ($sig !== $expected_sig)? '-2':$data; } /** * @ignore */ function base64decode($str) { return base64_decode(strtr($str.str_repeat('=', (4 - strlen($str) % 4)), '-_', '+/')); } /** * 读取jssdk授权信息，用于和jssdk的同步登录 * * @return array 成功返回array('access_token'=>'value', 'refresh_token'=>'value'); 失败返回false */ function getTokenFromJSSDK() { $key = "weibojs_" . $this->client_id; if ( isset($_COOKIE[$key]) && $cookie = $_COOKIE[$key] ) { parse_str($cookie, $token); if ( isset($token['access_token']) && isset($token['refresh_token']) ) { $this->access_token = $token['access_token']; $this->refresh_token = $token['refresh_token']; return $token; } else { return false; } } else { return false; } } /** * 从数组中读取access_token和refresh_token * 常用于从Session或Cookie中读取token，或通过Session/Cookie中是否存有token判断登录状态。 * * @param array $arr 存有access_token和secret_token的数组 * @return array 成功返回array('access_token'=>'value', 'refresh_token'=>'value'); 失败返回false */ function getTokenFromArray( $arr ) { if (isset($arr['access_token']) && $arr['access_token']) { $token = array(); $this->access_token = $token['access_token'] = $arr['access_token']; if (isset($arr['refresh_token']) && $arr['refresh_token']) { $this->refresh_token = $token['refresh_token'] = $arr['refresh_token']; } return $token; } else { return false; } } /** * GET wrappwer for oAuthRequest. * * @return mixed */ function get($url, $parameters = array()) { $response = $this->oAuthRequest($url, 'GET', $parameters); if ($this->format === 'json' && $this->decode_json) { return json_decode($response, true); } return $response; } /** * POST wreapper for oAuthRequest. * * @return mixed */ function post($url, $parameters = array(), $multi = false) { $response = $this->oAuthRequest($url, 'POST', $parameters, $multi ); if ($this->format === 'json' && $this->decode_json) { return json_decode($response, true); } return $response; } /** * DELTE wrapper for oAuthReqeust. * * @return mixed */ function delete($url, $parameters = array()) { $response = $this->oAuthRequest($url, 'DELETE', $parameters); if ($this->format === 'json' && $this->decode_json) { return json_decode($response, true); } return $response; } /** * Format and sign an OAuth / API request * * @return string * @ignore */ function oAuthRequest($url, $method, $parameters, $multi = false) { if (strrpos($url, 'http://') !== 0 && strrpos($url, 'https://') !== 0) { $url = "{$this->host}{$url}.{$this->format}"; } switch ($method) { case 'GET': $url = $url . '?' . http_build_query($parameters); return $this->http($url, 'GET'); default: $headers = array(); if (!$multi && (is_array($parameters) || is_object($parameters)) ) { $body = http_build_query($parameters); } else { $body = self::build_http_query_multi($parameters); $headers[] = "Content-Type: multipart/form-data; boundary=" . self::$boundary; } return $this->http($url, $method, $body, $headers); } } /** * Make an HTTP request * * @return string API results * @ignore */ function http($url, $method, $postfields = NULL, $headers = array()) { $this->http_info = array(); $ci = curl_init(); /* Curl settings */ curl_setopt($ci, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); curl_setopt($ci, CURLOPT_USERAGENT, $this->useragent); curl_setopt($ci, CURLOPT_CONNECTTIMEOUT, $this->connecttimeout); curl_setopt($ci, CURLOPT_TIMEOUT, $this->timeout); curl_setopt($ci, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ci, CURLOPT_ENCODING, ""); curl_setopt($ci, CURLOPT_SSL_VERIFYPEER, $this->ssl_verifypeer); curl_setopt($ci, CURLOPT_SSL_VERIFYHOST, 1); curl_setopt($ci, CURLOPT_HEADERFUNCTION, array($this, 'getHeader')); curl_setopt($ci, CURLOPT_HEADER, FALSE); switch ($method) { case 'POST': curl_setopt($ci, CURLOPT_POST, TRUE); if (!empty($postfields)) { curl_setopt($ci, CURLOPT_POSTFIELDS, $postfields); $this->postdata = $postfields; } break; case 'DELETE': curl_setopt($ci, CURLOPT_CUSTOMREQUEST, 'DELETE'); if (!empty($postfields)) { $url = "{$url}?{$postfields}"; } } if ( isset($this->access_token) && $this->access_token ) $headers[] = "Authorization: OAuth2 ".$this->access_token; if ( !empty($this->remote_ip) ) { if ( defined('SAE_ACCESSKEY') ) { $headers[] = "SaeRemoteIP: " . $this->remote_ip; } else { $headers[] = "API-RemoteIP: " . $this->remote_ip; } } else { if ( !defined('SAE_ACCESSKEY') ) { $headers[] = "API-RemoteIP: " . $_SERVER['REMOTE_ADDR']; } } curl_setopt($ci, CURLOPT_URL, $url ); curl_setopt($ci, CURLOPT_HTTPHEADER, $headers ); curl_setopt($ci, CURLINFO_HEADER_OUT, TRUE ); $response = curl_exec($ci); $this->http_code = curl_getinfo($ci, CURLINFO_HTTP_CODE); $this->http_info = array_merge($this->http_info, curl_getinfo($ci)); $this->url = $url; if ($this->debug) { echo "=====post data======\r\n"; var_dump($postfields); echo "=====headers======\r\n"; print_r($headers); echo '=====request info====='."\r\n"; print_r( curl_getinfo($ci) ); echo '=====response====='."\r\n"; print_r( $response ); } curl_close ($ci); return $response; } /** * Get the header info to store. * * @return int * @ignore */ function getHeader($ch, $header) { $i = strpos($header, ':'); if (!empty($i)) { $key = str_replace('-', '_', strtolower(substr($header, 0, $i))); $value = trim(substr($header, $i + 2)); $this->http_header[$key] = $value; } return strlen($header); } /** * @ignore */ public static function build_http_query_multi($params) { if (!$params) return ''; uksort($params, 'strcmp'); $pairs = array(); self::$boundary = $boundary = uniqid('------------------'); $MPboundary = '--'.$boundary; $endMPboundary = $MPboundary. '--'; $multipartbody = ''; foreach ($params as $parameter => $value) { if( in_array($parameter, array('pic', 'image')) && $value{0} == '@' ) { $url = ltrim( $value, '@' ); $content = file_get_contents( $url ); $array = explode( '?', basename( $url ) ); $filename = $array[0]; $multipartbody .= $MPboundary . "\r\n"; $multipartbody .= 'Content-Disposition: form-data; name="' . $parameter . '"; filename="' . $filename . '"'. "\r\n"; $multipartbody .= "Content-Type: image/unknown\r\n\r\n"; $multipartbody .= $content. "\r\n"; } else { $multipartbody .= $MPboundary . "\r\n"; $multipartbody .= 'content-disposition: form-data; name="' . $parameter . "\"\r\n\r\n"; $multipartbody .= $value."\r\n"; } } $multipartbody .= $endMPboundary; return $multipartbody; } } /** * 新浪微博操作类V2 * * 使用前需要先手工调用saetv2.ex.class.php
* * @package sae * @author Easy Chen, Elmer Zhang,Lazypeople * @version 1.0 */ class SaeTClientV2 { /** * 构造函数 * * @access public * @param mixed $akey 微博开放平台应用APP KEY * @param mixed $skey 微博开放平台应用APP SECRET * @param mixed $access_token OAuth认证返回的token * @param mixed $refresh_token OAuth认证返回的token secret * @return void */ function __construct( $akey, $skey, $access_token, $refresh_token = NULL) { $this->oauth = new SaeTOAuthV2( $akey, $skey, $access_token, $refresh_token ); } /** * 开启调试信息 * * 开启调试信息后，SDK会将每次请求微博API所发送的POST Data、Headers以及请求信息、返回内容输出出来。 * * @access public * @param bool $enable 是否开启调试信息 * @return void */ function set_debug( $enable ) { $this->oauth->debug = $enable; } /** * 获取用户基本信息 * * 对应API：{@link http://open.weibo.com/wiki/2/account/profile/basic account/profile/basic} * * @param int $uid 需要获取基本信息的用户UID，默认为当前登录用户。 * @return array */ function account_profile_basic( $uid = NULL ) { $params = array(); if ($uid) { $this->id_format($uid); $params['uid'] = $uid; } return $this->oauth->get( 'account/profile/basic', $params ); } /** * OAuth授权之后，获取授权用户的UID * * 对应API：{@link http://open.weibo.com/wiki/2/account/get_uid account/get_uid} * * @access public * @return array */ function get_uid() { return $this->oauth->get( 'account/get_uid' ); } // ========================================= /** * @ignore */ protected function request_with_pager( $url, $page = false, $count = false, $params = array() ) { if( $page ) $params['page'] = $page; if( $count ) $params['count'] = $count; return $this->oauth->get($url, $params ); } /** * @ignore */ protected function request_with_uid( $url, $uid_or_name, $page = false, $count = false, $cursor = false, $post = false, $params = array()) { if( $page ) $params['page'] = $page; if( $count ) $params['count'] = $count; if( $cursor )$params['cursor'] = $cursor; if( $post ) $method = 'post'; else $method = 'get'; if ( $uid_or_name !== NULL ) { $this->id_format($uid_or_name); $params['id'] = $uid_or_name; } return $this->oauth->$method($url, $params ); } /** * @ignore */ protected function id_format(&$id) { if ( is_float($id) ) { $id = number_format($id, 0, '', ''); } elseif ( is_string($id) ) { $id = trim($id); } } }