45fan.com - 路饭网

搜索: 您的位置主页 > 电脑频道 > 编程代码 > 阅读资讯:如何通过ASP.NET实现QQ、微信及新浪ASP.NETOAuth2.0授权登录?

如何通过ASP.NET实现QQ、微信及新浪ASP.NETOAuth2.0授权登录?

2016-04-15 07:38:40 来源:www.45fan.com 【

如何通过ASP.NET实现QQ、微信及新浪ASP.NETOAuth2.0授权登录?

不管是腾讯还是新浪,查看他们的API,PHP都是有完整的接口,但对C#支持似乎都不是那么完善,都没有,腾讯是完全没有,新浪是提供第三方的,而且后期还不一定升级,NND,用第三方的动辄就一个类库,各种配置还必须按照他们约定的写,烦而且乱,索性自己写,后期的扩展也容易,看过接口后,开始以为很难,参考了几个源码之后发现也不是那么难,无非是GET或POST请求他们的接口获取返回值之类的,话不多说,这里只提供几个代码共参考,抛砖引玉了。。。

我这个写法的特点是,用到了Session,使用对象实例化之后调用 Login() 跳转到登录页面,在回调页面调用Callback() 执行之后,可以从Session也可以写独立的函数(如:GetOpenID())中获取access_token或用户的唯一标识,以方便做下一步的操作。所谓绑定就是把用户的唯一标识取出,插入数据库,和帐号绑定起来。

1.首先是所有OAuth类的基类,放一些需要公用的方法

public abstract class BaseOAuth
{
 public HttpRequest Request = HttpContext.Current.Request;
 public HttpResponse Response = HttpContext.Current.Response;
 public HttpSessionState Session = HttpContext.Current.Session;

 public abstract void Login();
 public abstract string Callback();

 #region 内部使用函数

 /// <summary>
 /// 生成唯一随机串防CSRF攻击
 /// </summary>
 /// <returns></returns>
 protected string GetStateCode()
 {
  Random rand = new Random();
  string data = DateTime.Now.ToString("yyyyMMddHHmmssffff") + rand.Next(1, 0xf423f).ToString();

  MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();

  byte[] md5byte = md5.ComputeHash(UTF8Encoding.Default.GetBytes(data));

  return BitConverter.ToString(md5byte).Replace("-", "");

 }

 /// <summary>
 /// GET请求
 /// </summary>
 /// <param name="url"></param>
 /// <returns></returns>
 protected string GetRequest(string url)
 {
  HttpWebRequest httpWebRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
  httpWebRequest.Method = "GET";
  httpWebRequest.ServicePoint.Expect100Continue = false;

  StreamReader responseReader = null;
  string responseData;
  try
  {
   responseReader = new StreamReader(httpWebRequest.GetResponse().GetResponseStream());
   responseData = responseReader.ReadToEnd();
  }
  finally
  {
   httpWebRequest.GetResponse().GetResponseStream().Close();
   responseReader.Close();
  }

  return responseData;
 }

 /// <summary>
 /// POST请求
 /// </summary>
 /// <param name="url"></param>
 /// <param name="postData"></param>
 /// <returns></returns>
 protected string PostRequest(string url, string postData)
 {
  HttpWebRequest httpWebRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
  httpWebRequest.Method = "POST";
  httpWebRequest.ServicePoint.Expect100Continue = false;
  httpWebRequest.ContentType = "application/x-www-form-urlencoded";

  //写入POST参数
  StreamWriter requestWriter = new StreamWriter(httpWebRequest.GetRequestStream());
  try
  {
   requestWriter.Write(postData);
  }
  finally
  {
   requestWriter.Close();
  }

  //读取请求后的结果
  StreamReader responseReader = null;
  string responseData;
  try
  {
   responseReader = new StreamReader(httpWebRequest.GetResponse().GetResponseStream());
   responseData = responseReader.ReadToEnd();
  }
  finally
  {
   httpWebRequest.GetResponse().GetResponseStream().Close();
   responseReader.Close();
  }

  return responseData;
 }

 /// <summary>
 /// 解析JSON
 /// </summary>
 /// <param name="strJson"></param>
 /// <returns></returns>
 protected NameValueCollection ParseJson(string strJson)
 {
  NameValueCollection mc = new NameValueCollection();
  Regex regex = new Regex(@"(\s*\""?([^""]*)\""?\s*\:\s*\""?([^""]*)\""?\,?)");
  strJson = strJson.Trim();
  if (strJson.StartsWith("{"))
  {
   strJson = strJson.Substring(1, strJson.Length - 2);
  }

  foreach (Match m in regex.Matches(strJson))
  {
   mc.Add(m.Groups[2].Value, m.Groups[3].Value);
  }
  return mc;
 }

 /// <summary>
 /// 解析URL
 /// </summary>
 /// <param name="strParams"></param>
 /// <returns></returns>
 protected NameValueCollection ParseUrlParameters(string strParams)
 {
  NameValueCollection nc = new NameValueCollection();
  foreach (string p in strParams.Split('&'))
  {
   string[] ps = p.Split('=');
   nc.Add(ps[0], ps[1]);
  }
  return nc;
 }

 #endregion

}

2.QQ的OAuth类

public class QQOAuth : BaseOAuth
{
 public string AppId = ConfigurationManager.AppSettings["OAuth_QQ_AppId"];
 public string AppKey = ConfigurationManager.AppSettings["OAuth_QQ_AppKey"];
 public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_QQ_RedirectUrl"];

 public const string GET_AUTH_CODE_URL = "https://graph.qq.com/oauth2.0/authorize";
 public const string GET_ACCESS_TOKEN_URL = "https://graph.qq.com/oauth2.0/token";
 public const string GET_OPENID_URL = "https://graph.qq.com/oauth2.0/me";

 /// <summary>
 /// QQ登录,跳转到登录页面
 /// </summary>
 public override void Login()
 {
  //-------生成唯一随机串防CSRF攻击
  string state = GetStateCode();
  Session["QC_State"] = state; //state 放入Session

  string parms = "?response_type=code&"
   + "client_id=" + AppId + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "&state=" + state;

  string url = GET_AUTH_CODE_URL + parms;
  Response.Redirect(url); //跳转到登录页面
 }

 /// <summary>
 /// QQ回调函数
 /// </summary>
 /// <param name="code"></param>
 /// <param name="state"></param>
 /// <returns></returns>
 public override string Callback()
 {
  string code = Request.QueryString["code"];
  string state = Request.QueryString["state"];

  //--------验证state防止CSRF攻击
  if (state != (string)Session["QC_State"])
  {
   ShowError("30001");
  }

  string parms = "?grant_type=authorization_code&"
   + "client_id=" + AppId + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl)
   + "&client_secret=" + AppKey + "&code=" + code;

  string url = GET_ACCESS_TOKEN_URL + parms;
  string str = GetRequest(url);

  if (str.IndexOf("callback") != -1)
  {
   int lpos = str.IndexOf("(");
   int rpos = str.IndexOf(")");
   str = str.Substring(lpos + 1, rpos - lpos - 1);
   NameValueCollection msg = ParseJson(str);
   if (!string.IsNullOrEmpty(msg["error"]))
   {
    ShowError(msg["error"], msg["error_description"]);
   }

  }

  NameValueCollection token = ParseUrlParameters(str);
  Session["QC_AccessToken"] = token["access_token"]; //access_token 放入Session
  return token["access_token"];
 }


 /// <summary>
 /// 使用Access Token来获取用户的OpenID
 /// </summary>
 /// <param name="accessToken"></param>
 /// <returns></returns>
 public string GetOpenID()
 {
  string parms = "?access_token=" + Session["QC_AccessToken"];

  string url = GET_OPENID_URL + parms;
  string str = GetRequest(url);

  if (str.IndexOf("callback") != -1)
  {
   int lpos = str.IndexOf("(");
   int rpos = str.IndexOf(")");
   str = str.Substring(lpos + 1, rpos - lpos - 1);
  }

  NameValueCollection user = ParseJson(str);

  if (!string.IsNullOrEmpty(user["error"]))
  {
   ShowError(user["error"], user["error_description"]);
  }

  Session["QC_OpenId"] = user["openid"]; //openid 放入Session
  return user["openid"];
 }

 /// <summary>
 /// 显示错误信息
 /// </summary>
 /// <param name="code">错误编号</param>
 /// <param name="description">错误描述</param>
 private void ShowError(string code, string description = null)
 {
  if (description == null)
  {
   switch (code)
   {
    case "20001":
     description = "<h2>配置文件损坏或无法读取,请检查web.config</h2>";
     break;
    case "30001":
     description = "<h2>The state does not match. You may be a victim of CSRF.</h2>";
     break;
    case "50001":
     description = "<h2>可能是服务器无法请求https协议</h2>可能未开启curl支持,请尝试开启curl支持,重启web服务器,如果问题仍未解决,请联系我们";
     break;
    default:
     description = "<h2>系统未知错误,请联系我们</h2>";
     break;
   }
   Response.Write(description);
   Response.End();
  }
  else
  {
   Response.Write("<h3>error:<h3>" + code + "<h3>msg:<h3>" + description);
   Response.End();
  }
 }

}

3.新浪微博的OAuth类

public class SinaOAuth : BaseOAuth
{
 public string AppKey = ConfigurationManager.AppSettings["OAuth_Sina_AppKey"];
 public string AppSecret = ConfigurationManager.AppSettings["OAuth_Sina_AppSecret"];
 public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_Sina_RedirectUrl"];

 public const string GET_AUTH_CODE_URL = "https://api.weibo.com/oauth2/authorize";
 public const string GET_ACCESS_TOKEN_URL = "https://api.weibo.com/oauth2/access_token";
 public const string GET_UID_URL = "https://api.weibo.com/2/account/get_uid.json";

 /// <summary>
 /// 新浪微博登录,跳转到登录页面
 /// </summary>
 public override void Login()
 {
  //-------生成唯一随机串防CSRF攻击
  string state = GetStateCode();
  Session["Sina_State"] = state; //state 放入Session

  string parms = "?client_id=" + AppKey + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl)
   + "&state=" + state;

  string url = GET_AUTH_CODE_URL + parms;
  Response.Redirect(url); //跳转到登录页面
 }

 /// <summary>
 /// 新浪微博回调函数
 /// </summary>
 /// <returns></returns>
 public override string Callback()
 {
  string code = Request.QueryString["code"];
  string state = Request.QueryString["state"];

  //--------验证state防止CSRF攻击
  if (state != (string)Session["Sina_State"])
  {
   ShowError("The state does not match. You may be a victim of CSRF.");
  }

  string parms = "client_id=" + AppKey + "&client_secret=" + AppSecret
   + "&grant_type=authorization_code&code=" + code + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl);

  string str = PostRequest(GET_ACCESS_TOKEN_URL, parms);

  NameValueCollection user = ParseJson(str);

  Session["Sina_AccessToken"] = user["access_token"]; //access_token 放入Session
  Session["Sina_UId"] = user["uid"]; //uid 放入Session
  return user["access_token"];
 }


 /// <summary>
 /// 显示错误信息
 /// </summary>
 /// <param name="description">错误描述</param>
 private void ShowError(string description = null)
 {
  Response.Write("<h2>" + description + "</h2>");
  Response.End();
 }
}

4.微信的OAuth类

public class WeixinOAuth : BaseOAuth
{
 public string AppId = ConfigurationManager.AppSettings["OAuth_Weixin_AppId"];
 public string AppSecret = ConfigurationManager.AppSettings["OAuth_Weixin_AppSecret"];
 public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_Weixin_RedirectUrl"];

 public const string GET_AUTH_CODE_URL = "https://open.weixin.qq.com/connect/qrconnect";
 public const string GET_ACCESS_TOKEN_URL = "https://api.weixin.qq.com/sns/oauth2/access_token";
 public const string GET_USERINFO_URL = "https://api.weixin.qq.com/sns/userinfo";

 /// <summary>
 /// 微信登录,跳转到登录页面
 /// </summary>
 public override void Login()
 {
  //-------生成唯一随机串防CSRF攻击
  string state = GetStateCode();
  Session["Weixin_State"] = state; //state 放入Session

  string parms = "?appid=" + AppId
   + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "&response_type=code&scope=snsapi_login"
   + "&state=" + state + "#wechat_redirect";

  string url = GET_AUTH_CODE_URL + parms;
  Response.Redirect(url); //跳转到登录页面
 }

 /// <summary>
 /// 微信回调函数
 /// </summary>
 /// <param name="code"></param>
 /// <param name="state"></param>
 /// <returns></returns>
 public override string Callback()
 {
  string code = Request.QueryString["code"];
  string state = Request.QueryString["state"];

  //--------验证state防止CSRF攻击
  if (state != (string)Session["Weixin_State"])
  {
   ShowError("30001");
  }

  string parms = "?appid=" + AppId + "&secret=" + AppSecret
   + "&code=" + code + "&grant_type=authorization_code";

  string url = GET_ACCESS_TOKEN_URL + parms;
  string str = GetRequest(url);


  NameValueCollection msg = ParseJson(str);
  if (!string.IsNullOrEmpty(msg["errcode"]))
  {
   ShowError(msg["errcode"], msg["errmsg"]);
  }

  Session["Weixin_AccessToken"] = msg["access_token"]; //access_token 放入Session
  Session["Weixin_OpenId"] = msg["openid"]; //access_token 放入Session
  return msg["access_token"];
 }


 /// <summary>
 /// 显示错误信息
 /// </summary>
 /// <param name="code">错误编号</param>
 /// <param name="description">错误描述</param>
 private void ShowError(string code, string description = null)
 {
  if (description == null)
  {
   switch (code)
   {
    case "20001":
     description = "<h2>配置文件损坏或无法读取,请检查web.config</h2>";
     break;
    case "30001":
     description = "<h2>The state does not match. You may be a victim of CSRF.</h2>";
     break;
    case "50001":
     description = "<h2>接口未授权</h2>";
     break;
    default:
     description = "<h2>系统未知错误,请联系我们</h2>";
     break;
   }
   Response.Write(description);
   Response.End();
  }
  else
  {
   Response.Write("<h3>error:<h3>" + code + "<h3>msg:<h3>" + description);
   Response.End();
  }
 }

}

5.web.config配置信息

<appSettings>
  <!--QQ登录相关配置-->
  <add key="OAuth_QQ_AppId" value="123456789" />
  <add key="OAuth_QQ_AppKey" value="25f9e794323b453885f5181f1b624d0b" />
  <add key="OAuth_QQ_RedirectUrl" value="http://www.domain.com/oauth20/qqcallback.aspx" />

  <!--新浪微博登录相关配置-->
  <add key="OAuth_Sina_AppKey" value="123456789" />
  <add key="OAuth_Sina_AppSecret" value="25f9e794323b453885f5181f1b624d0b" />
  <add key="OAuth_Sina_RedirectUrl" value="http://www.domain.com/oauth20/sinacallback.aspx" />

  <!--微信登录相关配置-->
  <add key="OAuth_Weixin_AppId" value="wx123456789123" />
  <add key="OAuth_Weixin_AppSecret" value="25f9e794323b453885f5181f1b624d0b" />
  <add key="OAuth_Weixin_RedirectUrl" value="http://www.domain.com/oauth20/weixincallback.aspx" />
</appSettings>

本文地址:http://www.45fan.com/bcdm/46166.html
Tags: 实现 微信 ASP.NET
编辑:路饭网
推广内容
推荐阅读
热门推荐
推荐文章
关于我们 | 联系我们 | 友情链接 | 网站地图 | Sitemap | App | 返回顶部