mirror of
https://github.com/DzzXH/DzzOffice.git
synced 2026-01-22 03:46:50 +08:00
229 lines
6.8 KiB
PHP
229 lines
6.8 KiB
PHP
<?php
|
|
|
|
/***************************************************************************
|
|
*
|
|
* Copyright (c) 2012 Baidu.com, Inc. All Rights Reserved
|
|
*
|
|
**************************************************************************/
|
|
|
|
require_once(dirname(__FILE__) . '/BaiduUtils.php');
|
|
|
|
/**
|
|
* Client for Baidu OAuth2.0 service.
|
|
*
|
|
* @package Baidu
|
|
* @author zhujianting(zhujianting@baidu.com)
|
|
* @version v2.0.0
|
|
*/
|
|
class BaiduOAuth2
|
|
{
|
|
/**
|
|
* Endpoints for Baidu OAuth2.0.
|
|
*/
|
|
public static $BD_OAUTH2_ENDPOINTS = array(
|
|
'authorize' => 'https://openapi.baidu.com/oauth/2.0/authorize',
|
|
'token' => 'https://openapi.baidu.com/oauth/2.0/token',
|
|
'logout' => 'https://openapi.baidu.com/connect/2.0/logout',
|
|
'getLoginUser' => 'https://openapi.baidu.com/rest/2.0/passport/users/getLoggedInUser',
|
|
);
|
|
|
|
protected $clientId='';
|
|
protected $clientSecret='';
|
|
protected $redirectUri;
|
|
|
|
/**
|
|
* Constructor
|
|
*
|
|
* @param string $clientId Client_id of the baidu thirdparty app or access_key of the developer.
|
|
* @param string $clientSecret Client_secret of the baidu thirdparty app or secret_key of the developer.
|
|
*/
|
|
public function __construct($clientId='',$clientSecret='')
|
|
{
|
|
if($clientId) $this->clientId = $clientId;
|
|
if($clientSecret) $this->clientSecret = $clientSecret;
|
|
}
|
|
|
|
/**
|
|
* Set the redirect uri for the app.
|
|
*
|
|
* @param $redirectUri Where to redirect after user authorization.
|
|
* @return BaiduOAuth2
|
|
*/
|
|
public function setRedirectUri($redirectUri)
|
|
{
|
|
if (empty($redirectUri)) {
|
|
$redirectUri = BaiduUtils::getCurrentUrl();
|
|
}
|
|
$this->redirectUri = $redirectUri;
|
|
return $this;
|
|
}
|
|
|
|
/**
|
|
* Get the redirect uri for the app.
|
|
*
|
|
* @return string
|
|
*/
|
|
public function getRedirectUri()
|
|
{
|
|
return $this->redirectUri;
|
|
}
|
|
|
|
|
|
public function getClientId()
|
|
{
|
|
return $this->ClientId;
|
|
}
|
|
|
|
/**
|
|
* Get a Logout URL suitable for use with redirects.
|
|
*
|
|
* @param string $accessToken Access token for current user
|
|
* @param string $next Url to go to after a successful logout
|
|
* @return String The URL for the logout flow
|
|
*/
|
|
public function getLogoutUrl($accessToken, $next = '')
|
|
{
|
|
$params = array('access_token' => $accessToken,
|
|
'next' => $next ? $next : BaiduUtils::getCurrentUrl());
|
|
return self::$BD_OAUTH2_ENDPOINTS['logout'] . '?' . http_build_query($params, '', '&');
|
|
}
|
|
|
|
/**
|
|
* Get baidu oauth2's authorization granting url.
|
|
*
|
|
* @param string $responseType Response type, 'code' or 'token'
|
|
* @param string $scope blank space separated list of requested extended perms
|
|
* @param string $display Authorization page style, 'page', 'popup', 'touch' or 'mobile'
|
|
* @param string $state state parameter
|
|
* @return string Page url for authorization granting
|
|
*/
|
|
public function getAuthorizeUrl($responseType = 'code', $scope = '', $state = '', $display = 'popup')
|
|
{
|
|
$params = array(
|
|
'client_id' => $this->clientId,
|
|
'response_type' => $responseType,
|
|
'redirect_uri' => $this->redirectUri,
|
|
'scope' => $scope,
|
|
'state' => $state,
|
|
'display' => $display,
|
|
);
|
|
return self::$BD_OAUTH2_ENDPOINTS['authorize'] . '?' . http_build_query($params, '', '&');
|
|
}
|
|
|
|
/**
|
|
* Get access token ifno by authorization code.
|
|
*
|
|
* @param string $code Authorization code
|
|
* @return array|false returns access token info if success, or false if failed
|
|
*/
|
|
public function getAccessTokenByAuthorizationCode($code)
|
|
{
|
|
$params = array(
|
|
'grant_type' => 'authorization_code',
|
|
'code' => $code,
|
|
'client_id' => $this->clientId,
|
|
'client_secret' => $this->clientSecret,
|
|
'redirect_uri' => $this->redirectUri,
|
|
);
|
|
return $this->makeAccessTokenRequest($params);
|
|
}
|
|
|
|
/**
|
|
* Get access token info by client credentials.
|
|
*
|
|
* @param string $scope Extend permissions delimited by blank space
|
|
* @return array|false returns access token info if success, or false if failed.
|
|
*/
|
|
public function getAccessTokenByClientCredentials($scope = '')
|
|
{
|
|
$params = array(
|
|
'grant_type' => 'client_credentials',
|
|
'client_id' => $this->clientId,
|
|
'client_secret' => $this->clientSecret,
|
|
'scope' => $scope,
|
|
);
|
|
return $this->makeAccessTokenRequest($params);
|
|
}
|
|
|
|
/**
|
|
* Get access token info by developer credentials
|
|
* @param string $accessKey Access key you got from baidu cloud platform
|
|
* @param string $secretKey Secret key you got from baidu cloud platform
|
|
* @return array|false Returns access token info if success, or false if failed
|
|
*/
|
|
public function getAccessTokenByDeveloperCredentials($accessKey, $secretKey)
|
|
{
|
|
$params = array(
|
|
'grant_type' => 'developer_credentials',
|
|
'client_id' => $accessKey,
|
|
'client_secret' => $secretKey,
|
|
);
|
|
return $this->makeAccessTokenRequest($params);
|
|
}
|
|
|
|
/**
|
|
* Refresh access token by refresh token.
|
|
*
|
|
* @param string $refreshToken The refresh token
|
|
* @param string $scope Extend permissions delimited by blank space
|
|
* @return array|false returns access token info if success, or false if failed.
|
|
*/
|
|
public function getAccessTokenByRefreshToken($refreshToken, $scope = '')
|
|
{
|
|
$params = array(
|
|
'grant_type' => 'refresh_token',
|
|
'refresh_token' => $refreshToken,
|
|
'client_id' => $this->clientId,
|
|
'client_secret' => $this->clientSecret,
|
|
'scope' => $scope,
|
|
);
|
|
return $this->makeAccessTokenRequest($params);
|
|
}
|
|
|
|
/**
|
|
* Make an oauth access token request
|
|
*
|
|
* The parameters:
|
|
* - client_id: The client identifier, just use api key
|
|
* - response_type: 'token' or 'code'
|
|
* - redirect_uri: the url to go to after a successful login
|
|
* - scope: The scope of the access request expressed as a list of space-delimited, case sensitive strings.
|
|
* - state: An opaque value used by the client to maintain state between the request and callback.
|
|
* - display: login page style, 'page', 'popup', 'touch' or 'mobile'
|
|
*
|
|
* @param array $params oauth request parameters
|
|
* @return mixed returns access token info if success, or false if failed
|
|
*/
|
|
|
|
public function makeAccessTokenRequest($params)
|
|
{
|
|
$result = BaiduUtils::request(self::$BD_OAUTH2_ENDPOINTS['token'], $params, 'POST');
|
|
if ($result) {
|
|
$result = json_decode($result, true);
|
|
if (isset($result['error_description'])) {
|
|
BaiduUtils::setError($result['error'], $result['error_description']);
|
|
return false;
|
|
}
|
|
return $result;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
public function getLoggedInUser($access_token)
|
|
{
|
|
$result = BaiduUtils::request(self::$BD_OAUTH2_ENDPOINTS['getLoginUser'], array('access_token'=>$access_token,'redirect_uri' => $this->redirectUri), 'GET');
|
|
if ($result) {
|
|
$result = json_decode($result, true);
|
|
if (isset($result['error_msg'])) {
|
|
BaiduUtils::setError($result['error_code'], $result['error_msg']);
|
|
return false;
|
|
}
|
|
return $result;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
|
|
/* vim: set expandtab ts=4 sw=4 sts=4 tw=100: */ |