您现在的位置是：网站首页> 编程资料编程资料

ASP.NET实现QQ、微信、新浪微博OAuth2.0授权登录[原创]_实用技巧_

2023-05-24 309人已围观

简介 ASP.NET实现QQ、微信、新浪微博OAuth2.0授权登录[原创]_实用技巧_

不管是腾讯还是新浪，查看他们的API，PHP都是有完整的接口，但对C#支持似乎都不是那么完善，都没有，腾讯是完全没有，新浪是提供第三方的，而且后期还不一定升级，NND，用第三方的动辄就一个类库，各种配置还必须按照他们约定的写，烦而且乱，索性自己写，后期的扩展也容易，看过接口后，开始以为很难，参考了几个源码之后发现也不是那么难，无非是GET或POST请求他们的接口获取返回值之类的，话不多说，这里只提供几个代码共参考，抛砖引玉了。。。

我这个写法的特点是，用到了Session，使用对象实例化之后调用 Login() 跳转到登录页面，在回调页面调用Callback() 执行之后，可以从Session也可以写独立的函数（如：GetOpenID()）中获取access_token或用户的唯一标识，以方便做下一步的操作。所谓绑定就是把用户的唯一标识取出，插入数据库，和帐号绑定起来。

1.首先是所有OAuth类的基类，放一些需要公用的方法

 public abstract class BaseOAuth { public HttpRequest Request = HttpContext.Current.Request; public HttpResponse Response = HttpContext.Current.Response; public HttpSessionState Session = HttpContext.Current.Session; public abstract void Login(); public abstract string Callback(); #region 内部使用函数 ///  /// 生成唯一随机串防CSRF攻击 /// 
 ///  protected string GetStateCode() { Random rand = new Random(); string data = DateTime.Now.ToString("yyyyMMddHHmmssffff") + rand.Next(1, 0xf423f).ToString(); MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider(); byte[] md5byte = md5.ComputeHash(UTF8Encoding.Default.GetBytes(data)); return BitConverter.ToString(md5byte).Replace("-", ""); } ///  /// GET请求 /// 
 ///  ///  protected string GetRequest(string url) { HttpWebRequest httpWebRequest = System.Net.WebRequest.Create(url) as HttpWebRequest; httpWebRequest.Method = "GET"; httpWebRequest.ServicePoint.Expect100Continue = false; StreamReader responseReader = null; string responseData; try { responseReader = new StreamReader(httpWebRequest.GetResponse().GetResponseStream()); responseData = responseReader.ReadToEnd(); } finally { httpWebRequest.GetResponse().GetResponseStream().Close(); responseReader.Close(); } return responseData; } ///  /// POST请求 /// 
 ///  ///  ///  protected string PostRequest(string url, string postData) { HttpWebRequest httpWebRequest = System.Net.WebRequest.Create(url) as HttpWebRequest; httpWebRequest.Method = "POST"; httpWebRequest.ServicePoint.Expect100Continue = false; httpWebRequest.ContentType = "application/x-www-form-urlencoded"; //写入POST参数 StreamWriter requestWriter = new StreamWriter(httpWebRequest.GetRequestStream()); try { requestWriter.Write(postData); } finally { requestWriter.Close(); } //读取请求后的结果 StreamReader responseReader = null; string responseData; try { responseReader = new StreamReader(httpWebRequest.GetResponse().GetResponseStream()); responseData = responseReader.ReadToEnd(); } finally { httpWebRequest.GetResponse().GetResponseStream().Close(); responseReader.Close(); } return responseData; } ///  /// 解析JSON /// 
 ///  ///  protected NameValueCollection ParseJson(string strJson) { NameValueCollection mc = new NameValueCollection(); Regex regex = new Regex(@"(\s*\""?([^""]*)\""?\s*\:\s*\""?([^""]*)\""?\,?)"); strJson = strJson.Trim(); if (strJson.StartsWith("{")) { strJson = strJson.Substring(1, strJson.Length - 2); } foreach (Match m in regex.Matches(strJson)) { mc.Add(m.Groups[2].Value, m.Groups[3].Value); } return mc; } ///  /// 解析URL /// 
 ///  ///  protected NameValueCollection ParseUrlParameters(string strParams) { NameValueCollection nc = new NameValueCollection(); foreach (string p in strParams.Split('&')) { string[] ps = p.Split('='); nc.Add(ps[0], ps[1]); } return nc; } #endregion }

2.QQ的OAuth类

 public class QQOAuth : BaseOAuth { public string AppId = ConfigurationManager.AppSettings["OAuth_QQ_AppId"]; public string AppKey = ConfigurationManager.AppSettings["OAuth_QQ_AppKey"]; public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_QQ_RedirectUrl"]; public const string GET_AUTH_CODE_URL = "https://graph.qq.com/oauth2.0/authorize"; public const string GET_ACCESS_TOKEN_URL = "https://graph.qq.com/oauth2.0/token"; public const string GET_OPENID_URL = "https://graph.qq.com/oauth2.0/me"; ///  /// QQ登录，跳转到登录页面 /// 
 public override void Login() { //-------生成唯一随机串防CSRF攻击 string state = GetStateCode(); Session["QC_State"] = state; //state 放入Session string parms = "?response_type=code&" + "client_id=" + AppId + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "&state=" + state; string url = GET_AUTH_CODE_URL + parms; Response.Redirect(url); //跳转到登录页面 } ///  /// QQ回调函数 /// 
 ///  ///  ///  public override string Callback() { string code = Request.QueryString["code"]; string state = Request.QueryString["state"]; //--------验证state防止CSRF攻击 if (state != (string)Session["QC_State"]) { ShowError("30001"); } string parms = "?grant_type=authorization_code&" + "client_id=" + AppId + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "&client_secret=" + AppKey + "&code=" + code; string url = GET_ACCESS_TOKEN_URL + parms; string str = GetRequest(url); if (str.IndexOf("callback") != -1) { int lpos = str.IndexOf("("); int rpos = str.IndexOf(")"); str = str.Substring(lpos + 1, rpos - lpos - 1); NameValueCollection msg = ParseJson(str); if (!string.IsNullOrEmpty(msg["error"])) { ShowError(msg["error"], msg["error_description"]); } } NameValueCollection token = ParseUrlParameters(str); Session["QC_AccessToken"] = token["access_token"]; //access_token 放入Session return token["access_token"]; } ///  /// 使用Access Token来获取用户的OpenID /// 
 ///  ///  public string GetOpenID() { string parms = "?access_token=" + Session["QC_AccessToken"]; string url = GET_OPENID_URL + parms; string str = GetRequest(url); if (str.IndexOf("callback") != -1) { int lpos = str.IndexOf("("); int rpos = str.IndexOf(")"); str = str.Substring(lpos + 1, rpos - lpos - 1); } NameValueCollection user = ParseJson(str); if (!string.IsNullOrEmpty(user["error"])) { ShowError(user["error"], user["error_description"]); } Session["QC_OpenId"] = user["openid"]; //openid 放入Session return user["openid"]; } ///  /// 显示错误信息 /// 
 /// 错误编号 /// 错误描述 private void ShowError(string code, string description = null) { if (description == null) { switch (code) { case "20001": description = "配置文件损坏或无法读取，请检查web.config
"; break; case "30001": description = "The state does not match. You may be a victim of CSRF.
"; break; case "50001": description = "可能是服务器无法请求https协议
可能未开启curl支持,请尝试开启curl支持，重启web服务器，如果问题仍未解决，请联系我们"; break; default: description = "系统未知错误，请联系我们
"; break; } Response.Write(description); Response.End(); } else { Response.Write("error:
" + code + "
msg:
" + description); Response.End(); } } }

3.新浪微博的OAuth类

 public class SinaOAuth : BaseOAuth { public string AppKey = ConfigurationManager.AppSettings["OAuth_Sina_AppKey"]; public string AppSecret = ConfigurationManager.AppSettings["OAuth_Sina_AppSecret"]; public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_Sina_RedirectUrl"]; public const string GET_AUTH_CODE_URL = "https://api.weibo.com/oauth2/authorize"; public const string GET_ACCESS_TOKEN_URL = "https://api.weibo.com/oauth2/access_token"; public const string GET_UID_URL = "https://api.weibo.com/2/account/get_uid.json"; ///  /// 新浪微博登录，跳转到登录页面 /// 
 public override void Login() { //-------生成唯一随机串防CSRF攻击 string state = GetStateCode(); Session["Sina_State"] = state; //state 放入Session string parms = "?client_id=" + AppKey + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "&state=" + state; string url = GET_AUTH_CODE_URL + parms; Response.Redirect(url); //跳转到登录页面 } ///  /// 新浪微博回调函数 /// 
 ///  public override string Callback() { string code = Request.QueryString["code"]; string state = Request.QueryString["state"]; //--------验证state防止CSRF攻击 if (state != (string)Session["Sina_State"]) { ShowError("The state does not match. You may be a victim of CSRF."); } string parms = "client_id=" + AppKey + "&client_secret=" + AppSecret + "&grant_type=authorization_code&code=" + code + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl); string str = PostRequest(GET_ACCESS_TOKEN_URL, parms); NameValueCollection user = ParseJson(str); Session["Sina_AccessToken"] = user["access_token"]; //access_token 放入Session Session["Sina_UId"] = user["uid"]; //uid 放入Session return user["access_token"]; } ///  /// 显示错误信息 /// 
 /// 错误描述 private void ShowError(string description = null) { Response.Write("" + description + "
"); Response.End(); } }

4.微信的OAuth类

 public class WeixinOAuth : BaseOAuth { public string AppId = ConfigurationManager.AppSettings["OAuth_Weixin_AppId"]; public string AppSecret = ConfigurationManager.AppSettings["OAuth_Weixin_AppSecret"]; public string RedirectUrl = ConfigurationManager.AppSettings["OAuth_Weixin_RedirectUrl"]; public const string GET_AUTH_CODE_URL = "https://open.weixin.qq.com/connect/qrconnect"; public const string GET_ACCESS_TOKEN_URL = "https://api.weixin.qq.com/sns/oauth2/access_token"; public const string GET_USERINFO_URL = "https://api.weixin.qq.com/sns/userinfo"; ///  /// 微信登录，跳转到登录页面 ///  public override void Login() { //-------生成唯一随机串防CSRF攻击 string state = GetStateCode(); Session["Weixin_State"] = state; //state 放入Session string parms = "?appid=" + AppId + "&redirect_uri=" + Uri.EscapeDataString(RedirectUrl) + "&response_type=code&scope=snsapi_login" + "&state=" + state + "#wechat_redirect"; string ur
                提示：
                    本文由神整理自网络，如有侵权请联系本站删除！
                    

                    本站声明： 

                    1、本站所有资源均来源于互联网，不保证100%完整、不提供任何技术支持； 

                    2、本站所发布的文章以及附件仅限用于学习和研究目的;不得将用于商业或者非法用途；否则由此产生的法律后果，本站概不负责！
                
                
                
                                            上一篇：ASP.NET 5已终结，迎来ASP.NET Core 1.0和.NET Core 1.0_基础应用_
                                                                下一篇：详解ASP.NET MVC Form表单验证_实用技巧_

您现在的位置是：网站首页> 编程资料编程资料

ASP.NET实现QQ、微信、新浪微博OAuth2.0授权登录[原创]_实用技巧_

配置文件损坏或无法读取，请检查web.config

The state does not match. You may be a victim of CSRF.

可能是服务器无法请求https协议

系统未知错误，请联系我们

error:

" + code + "

msg:

" + description); Response.End(); } } }

" + description + "

相关内容

点击排行

本栏推荐

猜你喜欢