{"id":29802,"date":"2024-11-25T13:02:34","date_gmt":"2024-11-25T05:02:34","guid":{"rendered":"https:\/\/fwq.ai\/blog\/29802\/"},"modified":"2024-11-25T13:02:34","modified_gmt":"2024-11-25T05:02:34","slug":"asp-net%e5%ae%9e%e7%8e%b0qq%e3%80%81%e5%be%ae%e4%bf%a1%e3%80%81%e6%96%b0%e6%b5%aa%e5%be%ae%e5%8d%9aoauth2-0%e6%8e%88%e6%9d%83%e7%99%bb%e5%bd%95%e7%9a%84%e5%ae%9e%e4%be%8b%e8%af%a6%e8%a7%a3","status":"publish","type":"post","link":"https:\/\/fwq.ai\/blog\/29802\/","title":{"rendered":"ASP.NET\u5b9e\u73b0QQ\u3001\u5fae\u4fe1\u3001\u65b0\u6d6a\u5fae\u535aOAuth2.0\u6388\u6743\u767b\u5f55\u7684\u5b9e\u4f8b\u8be6\u89e3"},"content":{"rendered":"

\u672c\u6587\u4e3b\u8981\u4ecb\u7ecd\u4e86qq\u3001\u5fae\u4fe1\u3001\u65b0\u6d6a\u5fae\u535aoauth2.0\u6388\u6743\u767b\u5f55\u7684\u793a\u4f8b\uff0c\u4e3b\u8981\u5c31\u662fget\u3001post\u8fdc\u7a0b\u63a5\u53e3\uff0c\u8fd4\u56de\u76f8\u5e94\u7684\u6570\u636e\uff0c\u8fd9\u91cc\u5217\u51fa\u76f8\u5173\u7684\u4ee3\u7801\uff0c\u4f9b\u5927\u5bb6\u53c2\u8003\u3002<\/p>\n

\u4e0d\u7ba1\u662f\u817e\u8baf\u8fd8\u662f\u65b0\u6d6a\uff0c\u67e5\u770b\u4ed6\u4eec\u7684API\uff0cPHP\u90fd\u662f\u6709\u5b8c\u6574\u7684\u63a5\u53e3\uff0c\u4f46\u5bf9C#\u652f\u6301\u4f3c\u4e4e\u90fd\u4e0d\u662f\u90a3\u4e48\u5b8c\u5584\uff0c\u90fd\u6ca1\u6709\uff0c\u817e\u8baf\u662f\u5b8c\u5168\u6ca1\u6709\uff0c\u65b0\u6d6a\u662f\u63d0\u4f9b\u7b2c\u4e09\u65b9\u7684\uff0c\u800c\u4e14\u540e\u671f\u8fd8\u4e0d\u4e00\u5b9a\u5347\u7ea7\uff0cNND\uff0c\u7528\u7b2c\u4e09\u65b9\u7684\u52a8\u8f84\u5c31\u4e00\u4e2a\u7c7b\u5e93\uff0c\u5404\u79cd\u914d\u7f6e\u8fd8\u5fc5\u987b\u6309\u7167\u4ed6\u4eec\u7ea6\u5b9a\u7684\u5199\uff0c\u70e6\u800c\u4e14\u4e71\uff0c\u7d22\u6027\u81ea\u5df1\u5199\uff0c\u540e\u671f\u7684\u6269\u5c55\u4e5f\u5bb9\u6613\uff0c\u770b\u8fc7\u63a5\u53e3\u540e\uff0c\u5f00\u59cb\u4ee5\u4e3a\u5f88\u96be\uff0c\u53c2\u8003\u4e86\u51e0\u4e2a\u6e90\u7801\u4e4b\u540e\u53d1\u73b0\u4e5f\u4e0d\u662f\u90a3\u4e48\u96be\uff0c\u65e0\u975e\u662fGET\u6216POST\u8bf7\u6c42\u4ed6\u4eec\u7684\u63a5\u53e3\u83b7\u53d6\u8fd4\u56de\u503c\u4e4b\u7c7b\u7684\uff0c\u8bdd\u4e0d\u591a\u8bf4\uff0c\u8fd9\u91cc\u53ea\u63d0\u4f9b\u51e0\u4e2a\u4ee3\u7801\u5171\u53c2\u8003\uff0c\u629b\u7816\u5f15\u7389\u4e86\u3002\u3002\u3002<\/p>\n

\u6211\u8fd9\u4e2a\u5199\u6cd5\u7684\u7279\u70b9\u662f\uff0c\u7528\u5230\u4e86Session\uff0c\u4f7f\u7528\u5bf9\u8c61\u5b9e\u4f8b\u5316\u4e4b\u540e\u8c03\u7528 Login() \u8df3\u8f6c\u5230\u767b\u5f55\u9875\u9762\uff0c\u5728\u56de\u8c03\u9875\u9762\u8c03\u7528Callback() \u6267\u884c\u4e4b\u540e\uff0c\u53ef\u4ee5\u4eceSession\u4e5f\u53ef\u4ee5\u5199\u72ec\u7acb\u7684\u51fd\u6570\uff08\u5982\uff1aGetOpenID()\uff09\u4e2d\u83b7\u53d6access_token\u6216\u7528\u6237\u7684\u552f\u4e00\u6807\u8bc6\uff0c\u4ee5\u65b9\u4fbf\u505a\u4e0b\u4e00\u6b65\u7684\u64cd\u4f5c\u3002\u6240\u8c13\u7ed1\u5b9a\u5c31\u662f\u628a\u7528\u6237\u7684\u552f\u4e00\u6807\u8bc6\u53d6\u51fa\uff0c\u63d2\u5165\u6570\u636e\u5e93\uff0c\u548c\u5e10\u53f7\u7ed1\u5b9a\u8d77\u6765\u3002<\/p>\n

1.\u9996\u5148\u662f\u6240\u6709OAuth\u7c7b\u7684\u57fa\u7c7b\uff0c\u653e\u4e00\u4e9b\u9700\u8981\u516c\u7528\u7684\u65b9\u6cd5<\/strong><\/p>\n

public abstract class BaseOAuth\r\n{\r\n  public HttpRequest Request = HttpContext.Current.Request;\r\n  public HttpResponse Response = HttpContext.Current.Response;\r\n  public HttpSessionState Session = HttpContext.Current.Session;\r\n  public abstract void Login();\r\n  public abstract string Callback();\r\n  #region \u5185\u90e8\u4f7f\u7528\u51fd\u6570\r\n  \/\/\/ <summary>\r\n  \/\/\/ \u751f\u6210\u552f\u4e00\u968f\u673a\u4e32\u9632CSRF\u653b\u51fb\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <returns><\/returns>\r\n  protected string GetStateCode()\r\n  {\r\n    Random rand = new Random();\r\n    string data = DateTime.Now.ToString(\"yyyyMMddHHmmssffff\") + rand.Next(1, 0xf423f).ToString();\r\n\r\n    MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();\r\n\r\n    byte[] md5byte = md5.ComputeHash(UTF8Encoding.Default.GetBytes(data));\r\n\r\n    return BitConverter.ToString(md5byte).Replace(\"-\", \"\");\r\n\r\n  }\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ GET\u8bf7\u6c42\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <param>\r\n  \/\/\/ <returns><\/returns>\r\n  protected string GetRequest(string url)\r\n  {\r\n    HttpWebRequest httpWebRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;\r\n    httpWebRequest.Method = \"GET\";\r\n    httpWebRequest.ServicePoint.Expect100Continue = false;\r\n\r\n    StreamReader responseReader = null;\r\n    string responseData;\r\n    try\r\n    {\r\n      responseReader = new StreamReader(httpWebRequest.GetResponse().GetResponseStream());\r\n      responseData = responseReader.ReadToEnd();\r\n    }\r\n    finally\r\n    {\r\n      httpWebRequest.GetResponse().GetResponseStream().Close();\r\n      responseReader.Close();\r\n    }\r\n\r\n    return responseData;\r\n  }\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ POST\u8bf7\u6c42\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <param>\r\n  \/\/\/ <param>\r\n  \/\/\/ <returns><\/returns>\r\n  protected string PostRequest(string url, string postData)\r\n  {\r\n    HttpWebRequest httpWebRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;\r\n    httpWebRequest.Method = \"POST\";\r\n    httpWebRequest.ServicePoint.Expect100Continue = false;\r\n    httpWebRequest.ContentType = \"application\/x-www-form-urlencoded\";\r\n\r\n    \/\/\u5199\u5165POST\u53c2\u6570\r\n    StreamWriter requestWriter = new StreamWriter(httpWebRequest.GetRequestStream());\r\n    try\r\n    {\r\n      requestWriter.Write(postData);\r\n    }\r\n    finally\r\n    {\r\n      requestWriter.Close();\r\n    }\r\n\r\n    \/\/\u8bfb\u53d6\u8bf7\u6c42\u540e\u7684\u7ed3\u679c\r\n    StreamReader responseReader = null;\r\n    string responseData;\r\n    try\r\n    {\r\n      responseReader = new StreamReader(httpWebRequest.GetResponse().GetResponseStream());\r\n      responseData = responseReader.ReadToEnd();\r\n    }\r\n    finally\r\n    {\r\n      httpWebRequest.GetResponse().GetResponseStream().Close();\r\n      responseReader.Close();\r\n    }\r\n\r\n    return responseData;\r\n  }\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ \u89e3\u6790JSON\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <param>\r\n  \/\/\/ <returns><\/returns>\r\n  protected NameValueCollection ParseJson(string strJson)\r\n  {\r\n    NameValueCollection mc = new NameValueCollection();\r\n    Regex regex = new Regex(@\"(s*\"\"?([^\"\"]*)\"\"?s*:s*\"\"?([^\"\"]*)\"\"?,?)\");\r\n    strJson = strJson.Trim();\r\n    if (strJson.StartsWith(\"{\"))\r\n    {\r\n      strJson = strJson.Substring(1, strJson.Length - 2);\r\n    }\r\n\r\n    foreach (Match m in regex.Matches(strJson))\r\n    {\r\n      mc.Add(m.Groups[2].Value, m.Groups[3].Value);\r\n    }\r\n    return mc;\r\n  }\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ \u89e3\u6790URL\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <param>\r\n  \/\/\/ <returns><\/returns>\r\n  protected NameValueCollection ParseUrlParameters(string strParams)\r\n  {\r\n    NameValueCollection nc = new NameValueCollection();\r\n    foreach (string p in strParams.Split('&amp;'))\r\n    {\r\n      string[] ps = p.Split('=');\r\n      nc.Add(ps[0], ps[1]);\r\n    }\r\n    return nc;\r\n  }\r\n\r\n  #endregion\r\n\r\n}<\/pre>\n
  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n
2.QQ\u7684OAuth\u7c7b<\/strong><\/p>\n
public class QQOAuth : BaseOAuth\r\n{\r\n  public string AppId = ConfigurationManager.AppSettings[\"OAuth_QQ_AppId\"];\r\n  public string AppKey = ConfigurationManager.AppSettings[\"OAuth_QQ_AppKey\"];\r\n  public string RedirectUrl = ConfigurationManager.AppSettings[\"OAuth_QQ_RedirectUrl\"];\r\n\r\n  public const string GET_AUTH_CODE_URL = \"https:\/\/graph.qq.com\/oauth2.0\/authorize\";\r\n  public const string GET_ACCESS_TOKEN_URL = \"https:\/\/graph.qq.com\/oauth2.0\/token\";\r\n  public const string GET_OPENID_URL = \"https:\/\/graph.qq.com\/oauth2.0\/me\";\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ QQ\u767b\u5f55\uff0c\u8df3\u8f6c\u5230\u767b\u5f55\u9875\u9762\r\n  \/\/\/ <\/summary>\r\n  public override void Login()\r\n  {\r\n    \/\/-------\u751f\u6210\u552f\u4e00\u968f\u673a\u4e32\u9632CSRF\u653b\u51fb\r\n    string state = GetStateCode();\r\n    Session[\"QC_State\"] = state; \/\/state \u653e\u5165Session\r\n\r\n    string parms = \"?response_type=code&amp;\"\r\n      + \"client_id=\" + AppId + \"&amp;redirect_uri=\" + Uri.EscapeDataString(RedirectUrl) + \"&amp;state=\" + state;\r\n\r\n    string url = GET_AUTH_CODE_URL + parms;\r\n    Response.Redirect(url); \/\/\u8df3\u8f6c\u5230\u767b\u5f55\u9875\u9762\r\n  }\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ QQ\u56de\u8c03\u51fd\u6570\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <param>\r\n  \/\/\/ <param>\r\n  \/\/\/ <returns><\/returns>\r\n  public override string Callback()\r\n  {\r\n    string code = Request.QueryString[\"code\"];\r\n    string state = Request.QueryString[\"state\"];\r\n\r\n    \/\/--------\u9a8c\u8bc1state\u9632\u6b62CSRF\u653b\u51fb\r\n    if (state != (string)Session[\"QC_State\"])\r\n    {\r\n      ShowError(\"30001\");\r\n    }\r\n\r\n    string parms = \"?grant_type=authorization_code&amp;\"\r\n      + \"client_id=\" + AppId + \"&amp;redirect_uri=\" + Uri.EscapeDataString(RedirectUrl)\r\n      + \"&amp;client_secret=\" + AppKey + \"&amp;code=\" + code;\r\n\r\n    string url = GET_ACCESS_TOKEN_URL + parms;\r\n    string str = GetRequest(url);\r\n\r\n    if (str.IndexOf(\"callback\") != -1)\r\n    {\r\n      int lpos = str.IndexOf(\"(\");\r\n      int rpos = str.IndexOf(\")\");\r\n      str = str.Substring(lpos + 1, rpos - lpos - 1);\r\n      NameValueCollection msg = ParseJson(str);\r\n      if (!string.IsNullOrEmpty(msg[\"error\"]))\r\n      {\r\n        ShowError(msg[\"error\"], msg[\"error_description\"]);\r\n      }\r\n\r\n    }\r\n\r\n    NameValueCollection token = ParseUrlParameters(str);\r\n    Session[\"QC_AccessToken\"] = token[\"access_token\"]; \/\/access_token \u653e\u5165Session\r\n    return token[\"access_token\"];\r\n  }\r\n\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ \u4f7f\u7528Access Token\u6765\u83b7\u53d6\u7528\u6237\u7684OpenID\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <param>\r\n  \/\/\/ <returns><\/returns>\r\n  public string GetOpenID()\r\n  {\r\n    string parms = \"?access_token=\" + Session[\"QC_AccessToken\"];\r\n\r\n    string url = GET_OPENID_URL + parms;\r\n    string str = GetRequest(url);\r\n\r\n    if (str.IndexOf(\"callback\") != -1)\r\n    {\r\n      int lpos = str.IndexOf(\"(\");\r\n      int rpos = str.IndexOf(\")\");\r\n      str = str.Substring(lpos + 1, rpos - lpos - 1);\r\n    }\r\n\r\n    NameValueCollection user = ParseJson(str);\r\n\r\n    if (!string.IsNullOrEmpty(user[\"error\"]))\r\n    {\r\n      ShowError(user[\"error\"], user[\"error_description\"]);\r\n    }\r\n\r\n    Session[\"QC_OpenId\"] = user[\"openid\"]; \/\/openid \u653e\u5165Session\r\n    return user[\"openid\"];\r\n  }\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ \u663e\u793a\u9519\u8bef\u4fe1\u606f\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <param>\u9519\u8bef\u7f16\u53f7\r\n  \/\/\/ <param>\u9519\u8bef\u63cf\u8ff0\r\n  private void ShowError(string code, string description = null)\r\n  {\r\n    if (description == null)\r\n    {\r\n      switch (code)\r\n      {\r\n        case \"20001\":\r\n          description = \"<h2>\u914d\u7f6e\u6587\u4ef6\u635f\u574f\u6216\u65e0\u6cd5\u8bfb\u53d6\uff0c\u8bf7\u68c0\u67e5web.config<\/h2>\";\r\n          break;\r\n        case \"30001\":\r\n          description = \"<h2>The state does not match. You may be a victim of CSRF.<\/h2>\";\r\n          break;\r\n        case \"50001\":\r\n          description = \"<h2>\u53ef\u80fd\u662f\u670d\u52a1\u5668\u65e0\u6cd5\u8bf7\u6c42https\u534f\u8bae<\/h2>\u53ef\u80fd\u672a\u5f00\u542fcurl\u652f\u6301,\u8bf7\u5c1d\u8bd5\u5f00\u542fcurl\u652f\u6301\uff0c\u91cd\u542fweb\u670d\u52a1\u5668\uff0c\u5982\u679c\u95ee\u9898\u4ecd\u672a\u89e3\u51b3\uff0c\u8bf7\u8054\u7cfb\u6211\u4eec\";\r\n          break;\r\n        default:\r\n          description = \"<h2>\u7cfb\u7edf\u672a\u77e5\u9519\u8bef\uff0c\u8bf7\u8054\u7cfb\u6211\u4eec<\/h2>\";\r\n          break;\r\n      }\r\n      Response.Write(description);\r\n      Response.End();\r\n    }\r\n    else\r\n    {\r\n      Response.Write(\"<h3>error:<h3>\" + code + \"<h3>msg:<h3>\" + description);\r\n      Response.End();\r\n    }\r\n  }\r\n\r\n}<\/h3>\n<\/h3>\n<\/h3>\n<\/h3><\/pre>\n
  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n
3.\u65b0\u6d6a\u5fae\u535a\u7684OAuth\u7c7b<\/strong><\/p>\n
public class SinaOAuth : BaseOAuth\r\n{\r\n  public string AppKey = ConfigurationManager.AppSettings[\"OAuth_Sina_AppKey\"];\r\n  public string AppSecret = ConfigurationManager.AppSettings[\"OAuth_Sina_AppSecret\"];\r\n  public string RedirectUrl = ConfigurationManager.AppSettings[\"OAuth_Sina_RedirectUrl\"];\r\n\r\n  public const string GET_AUTH_CODE_URL = \"https:\/\/api.weibo.com\/oauth2\/authorize\";\r\n  public const string GET_ACCESS_TOKEN_URL = \"https:\/\/api.weibo.com\/oauth2\/access_token\";\r\n  public const string GET_UID_URL = \"https:\/\/api.weibo.com\/2\/account\/get_uid.json\";\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ \u65b0\u6d6a\u5fae\u535a\u767b\u5f55\uff0c\u8df3\u8f6c\u5230\u767b\u5f55\u9875\u9762\r\n  \/\/\/ <\/summary>\r\n  public override void Login()\r\n  {\r\n    \/\/-------\u751f\u6210\u552f\u4e00\u968f\u673a\u4e32\u9632CSRF\u653b\u51fb\r\n    string state = GetStateCode();\r\n    Session[\"Sina_State\"] = state; \/\/state \u653e\u5165Session\r\n\r\n    string parms = \"?client_id=\" + AppKey + \"&amp;redirect_uri=\" + Uri.EscapeDataString(RedirectUrl)\r\n      + \"&amp;state=\" + state;\r\n\r\n    string url = GET_AUTH_CODE_URL + parms;\r\n    Response.Redirect(url); \/\/\u8df3\u8f6c\u5230\u767b\u5f55\u9875\u9762\r\n  }\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ \u65b0\u6d6a\u5fae\u535a\u56de\u8c03\u51fd\u6570\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <returns><\/returns>\r\n  public override string Callback()\r\n  {\r\n    string code = Request.QueryString[\"code\"];\r\n    string state = Request.QueryString[\"state\"];\r\n\r\n    \/\/--------\u9a8c\u8bc1state\u9632\u6b62CSRF\u653b\u51fb\r\n    if (state != (string)Session[\"Sina_State\"])\r\n    {\r\n      ShowError(\"The state does not match. You may be a victim of CSRF.\");\r\n    }\r\n\r\n    string parms = \"client_id=\" + AppKey + \"&amp;client_secret=\" + AppSecret\r\n      + \"&amp;grant_type=authorization_code&amp;code=\" + code + \"&amp;redirect_uri=\" + Uri.EscapeDataString(RedirectUrl);\r\n\r\n    string str = PostRequest(GET_ACCESS_TOKEN_URL, parms);\r\n\r\n    NameValueCollection user = ParseJson(str);\r\n\r\n    Session[\"Sina_AccessToken\"] = user[\"access_token\"]; \/\/access_token \u653e\u5165Session\r\n    Session[\"Sina_UId\"] = user[\"uid\"]; \/\/uid \u653e\u5165Session\r\n    return user[\"access_token\"];\r\n  }\r\n\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ \u663e\u793a\u9519\u8bef\u4fe1\u606f\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <param>\u9519\u8bef\u63cf\u8ff0\r\n  private void ShowError(string description = null)\r\n  {\r\n    Response.Write(\"<h2>\" + description + \"<\/h2>\");\r\n    Response.End();\r\n  }\r\n}<\/pre>\n
  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n
4.\u5fae\u4fe1\u7684OAuth\u7c7b<\/strong><\/p>\n
public class WeixinOAuth : BaseOAuth\r\n{\r\n  public string AppId = ConfigurationManager.AppSettings[\"OAuth_Weixin_AppId\"];\r\n  public string AppSecret = ConfigurationManager.AppSettings[\"OAuth_Weixin_AppSecret\"];\r\n  public string RedirectUrl = ConfigurationManager.AppSettings[\"OAuth_Weixin_RedirectUrl\"];\r\n\r\n  public const string GET_AUTH_CODE_URL = \"https:\/\/open.weixin.qq.com\/connect\/qrconnect\";\r\n  public const string GET_ACCESS_TOKEN_URL = \"https:\/\/api.weixin.qq.com\/sns\/oauth2\/access_token\";\r\n  public const string GET_USERINFO_URL = \"https:\/\/api.weixin.qq.com\/sns\/userinfo\";\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ \u5fae\u4fe1\u767b\u5f55\uff0c\u8df3\u8f6c\u5230\u767b\u5f55\u9875\u9762\r\n  \/\/\/ <\/summary>\r\n  public override void Login()\r\n  {\r\n    \/\/-------\u751f\u6210\u552f\u4e00\u968f\u673a\u4e32\u9632CSRF\u653b\u51fb\r\n    string state = GetStateCode();\r\n    Session[\"Weixin_State\"] = state; \/\/state \u653e\u5165Session\r\n\r\n    string parms = \"?appid=\" + AppId\r\n      + \"&amp;redirect_uri=\" + Uri.EscapeDataString(RedirectUrl) + \"&amp;response_type=code&amp;scope=snsapi_login\"\r\n      + \"&amp;state=\" + state + \"#wechat_redirect\";\r\n\r\n    string url = GET_AUTH_CODE_URL + parms;\r\n    Response.Redirect(url); \/\/\u8df3\u8f6c\u5230\u767b\u5f55\u9875\u9762\r\n  }\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ \u5fae\u4fe1\u56de\u8c03\u51fd\u6570\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <param>\r\n  \/\/\/ <param>\r\n  \/\/\/ <returns><\/returns>\r\n  public override string Callback()\r\n  {\r\n    string code = Request.QueryString[\"code\"];\r\n    string state = Request.QueryString[\"state\"];\r\n\r\n    \/\/--------\u9a8c\u8bc1state\u9632\u6b62CSRF\u653b\u51fb\r\n    if (state != (string)Session[\"Weixin_State\"])\r\n    {\r\n      ShowError(\"30001\");\r\n    }\r\n\r\n    string parms = \"?appid=\" + AppId + \"&amp;secret=\" + AppSecret\r\n      + \"&amp;code=\" + code + \"&amp;grant_type=authorization_code\";\r\n\r\n    string url = GET_ACCESS_TOKEN_URL + parms;\r\n    string str = GetRequest(url);\r\n\r\n\r\n    NameValueCollection msg = ParseJson(str);\r\n    if (!string.IsNullOrEmpty(msg[\"errcode\"]))\r\n    {\r\n      ShowError(msg[\"errcode\"], msg[\"errmsg\"]);\r\n    }\r\n\r\n    Session[\"Weixin_AccessToken\"] = msg[\"access_token\"]; \/\/access_token \u653e\u5165Session\r\n    Session[\"Weixin_OpenId\"] = msg[\"openid\"]; \/\/access_token \u653e\u5165Session\r\n    return msg[\"access_token\"];\r\n  }\r\n\r\n\r\n  \/\/\/ <summary>\r\n  \/\/\/ \u663e\u793a\u9519\u8bef\u4fe1\u606f\r\n  \/\/\/ <\/summary>\r\n  \/\/\/ <param>\u9519\u8bef\u7f16\u53f7\r\n  \/\/\/ <param>\u9519\u8bef\u63cf\u8ff0\r\n  private void ShowError(string code, string description = null)\r\n  {\r\n    if (description == null)\r\n    {\r\n      switch (code)\r\n      {\r\n        case \"20001\":\r\n          description = \"<h2>\u914d\u7f6e\u6587\u4ef6\u635f\u574f\u6216\u65e0\u6cd5\u8bfb\u53d6\uff0c\u8bf7\u68c0\u67e5web.config<\/h2>\";\r\n          break;\r\n        case \"30001\":\r\n          description = \"<h2>The state does not match. You may be a victim of CSRF.<\/h2>\";\r\n          break;\r\n        case \"50001\":\r\n          description = \"<h2>\u63a5\u53e3\u672a\u6388\u6743<\/h2>\";\r\n          break;\r\n        default:\r\n          description = \"<h2>\u7cfb\u7edf\u672a\u77e5\u9519\u8bef\uff0c\u8bf7\u8054\u7cfb\u6211\u4eec<\/h2>\";\r\n          break;\r\n      }\r\n      Response.Write(description);\r\n      Response.End();\r\n    }\r\n    else\r\n    {\r\n      Response.Write(\"<h3>error:<h3>\" + code + \"<h3>msg:<h3>\" + description);\r\n      Response.End();\r\n    }\r\n  }\r\n\r\n}<\/h3>\n<\/h3>\n<\/h3>\n<\/h3><\/pre>\n
  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n
5.web.config\u914d\u7f6e\u4fe1\u606f<\/strong><\/p>\n
<appsettings>\r\n    <!--QQ\u767b\u5f55\u76f8\u5173\u914d\u7f6e-->\r\n    <add><\/add>\r\n    <add><\/add>\r\n    <add><\/add>\r\n\r\n    <!--\u65b0\u6d6a\u5fae\u535a\u767b\u5f55\u76f8\u5173\u914d\u7f6e-->\r\n    <add><\/add>\r\n    <add><\/add>\r\n    <add><\/add>\r\n\r\n    <!--\u5fae\u4fe1\u767b\u5f55\u76f8\u5173\u914d\u7f6e-->\r\n    <add><\/add>\r\n    <add><\/add>\r\n    <add><\/add><\/appsettings><\/pre>\n
  \u767b\u5f55\u540e\u590d\u5236   <\/p>\n
\u4ee5\u4e0a\u5c31\u662fASP.NET\u5b9e\u73b0QQ\u3001\u5fae\u4fe1\u3001\u65b0\u6d6a\u5fae\u535aOAuth2.0\u6388\u6743\u767b\u5f55\u7684\u5b9e\u4f8b\u8be6\u89e3\u7684\u8be6\u7ec6\u5185\u5bb9\uff0c\u66f4\u591a\u8bf7\u5173\u6ce8\u7c73\u4e91\u5176\u5b83\u76f8\u5173\u6587\u7ae0\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"
\u672c\u6587\u4e3b\u8981\u4ecb\u7ecd\u4e86qq\u3001\u5fae\u4fe1\u3001\u65b0\u6d6a\u5fae\u535aoauth2.0\u6388\u6743\u767b\u5f55\u7684\u793a\u4f8b\uff0c\u4e3b\u8981\u5c31\u662fget\u3001post\u8fdc\u7a0b\u63a5\u53e3\uff0c\u8fd4\u56de\u76f8\u5e94\u7684\u6570\u636e\uff0c\u8fd9\u91cc\u5217\u51fa\u76f8\u5173\u7684\u4ee3\u7801\uff0c\u4f9b\u5927\u5bb6\u53c2\u8003\u3002 \u4e0d\u7ba1\u662f\u817e\u8baf\u8fd8\u662f\u65b0\u6d6a\uff0c\u67e5\u770b\u4ed6\u4eec\u7684API\uff0cPHP\u90fd\u662f\u6709\u5b8c\u6574\u7684\u63a5\u53e3\uff0c\u4f46\u5bf9C#\u652f\u6301\u4f3c\u4e4e\u90fd\u4e0d\u662f\u90a3\u4e48\u5b8c\u5584\uff0c\u90fd\u6ca1\u6709\uff0c\u817e\u8baf\u662f\u5b8c\u5168\u6ca1\u6709\uff0c\u65b0\u6d6a\u662f\u63d0\u4f9b\u7b2c\u4e09\u65b9\u7684\uff0c\u800c\u4e14\u540e\u671f\u8fd8\u4e0d\u4e00\u5b9a\u5347\u7ea7\uff0cNND\uff0c\u7528\u7b2c\u4e09\u65b9\u7684\u52a8\u8f84\u5c31\u4e00\u4e2a\u7c7b\u5e93\uff0c\u5404\u79cd\u914d\u7f6e\u8fd8\u5fc5\u987b\u6309\u7167\u4ed6\u4eec\u7ea6\u5b9a\u7684\u5199\uff0c\u70e6\u800c\u4e14\u4e71\uff0c\u7d22\u6027\u81ea\u5df1\u5199\uff0c\u540e\u671f\u7684\u6269\u5c55\u4e5f\u5bb9\u6613\uff0c\u770b\u8fc7\u63a5\u53e3\u540e\uff0c\u5f00\u59cb\u4ee5\u4e3a\u5f88\u96be\uff0c\u53c2\u8003\u4e86\u51e0\u4e2a\u6e90\u7801\u4e4b\u540e\u53d1\u73b0\u4e5f\u4e0d\u662f\u90a3\u4e48\u96be\uff0c\u65e0\u975e\u662fGET\u6216POST\u8bf7\u6c42\u4ed6\u4eec\u7684\u63a5\u53e3\u83b7\u53d6\u8fd4\u56de\u503c\u4e4b\u7c7b\u7684\uff0c\u8bdd\u4e0d\u591a\u8bf4\uff0c\u8fd9\u91cc\u53ea\u63d0\u4f9b\u51e0\u4e2a\u4ee3\u7801\u5171\u53c2\u8003\uff0c\u629b\u7816\u5f15\u7389\u4e86\u3002\u3002\u3002 \u6211\u8fd9\u4e2a\u5199\u6cd5\u7684\u7279\u70b9\u662f\uff0c\u7528\u5230\u4e86Session\uff0c\u4f7f\u7528\u5bf9\u8c61\u5b9e\u4f8b\u5316\u4e4b\u540e\u8c03\u7528 Login() \u8df3\u8f6c\u5230\u767b\u5f55\u9875\u9762\uff0c\u5728\u56de\u8c03\u9875\u9762\u8c03\u7528Callback() \u6267\u884c\u4e4b\u540e\uff0c\u53ef\u4ee5\u4eceSession\u4e5f\u53ef\u4ee5\u5199\u72ec\u7acb\u7684\u51fd\u6570\uff08\u5982\uff1aGetOpenID()\uff09\u4e2d\u83b7\u53d6access_token\u6216\u7528\u6237\u7684\u552f\u4e00\u6807\u8bc6\uff0c\u4ee5\u65b9\u4fbf\u505a\u4e0b\u4e00\u6b65\u7684\u64cd\u4f5c\u3002\u6240\u8c13\u7ed1\u5b9a\u5c31\u662f\u628a\u7528\u6237\u7684\u552f\u4e00\u6807\u8bc6\u53d6\u51fa\uff0c\u63d2\u5165\u6570\u636e\u5e93\uff0c\u548c\u5e10\u53f7\u7ed1\u5b9a\u8d77\u6765\u3002 1.\u9996\u5148\u662f\u6240\u6709OAuth\u7c7b\u7684\u57fa\u7c7b\uff0c\u653e\u4e00\u4e9b\u9700\u8981\u516c\u7528\u7684\u65b9\u6cd5 public abstract class BaseOAuth {   public HttpRequest Request = HttpContext.Current.Request;   public HttpResponse Response = HttpContext.Current.Response;   public HttpSessionState Session = HttpContext.Current.Session;   public abstract void Login();   public abstract string Callback();   #region \u5185\u90e8\u4f7f\u7528\u51fd\u6570   \/\/\/ <summary>   \/\/\/ \u751f\u6210\u552f\u4e00\u968f\u673a\u4e32\u9632CSRF\u653b\u51fb   \/\/\/ <\/summary>   \/\/\/ <returns><\/returns>   protected string GetStateCode()   {     Random rand = new Random();     string data = DateTime.Now.ToString(“yyyyMMddHHmmssffff”) + rand.Next(1, 0xf423f).ToString();     MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();     byte[] md5byte = md5.ComputeHash(UTF8Encoding.Default.GetBytes(data));     return BitConverter.ToString(md5byte).Replace(“-“, “”);   }   \/\/\/ <summary>   \/\/\/ GET\u8bf7\u6c42   \/\/\/ <\/summary>   \/\/\/ <param>   \/\/\/ <returns><\/returns>   protected string GetRequest(string url)   {     HttpWebRequest httpWebRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;     httpWebRequest.Method = “GET”;     httpWebRequest.ServicePoint.Expect100Continue = false;     StreamReader responseReader = null;     string responseData;     try     {       responseReader = new StreamReader(httpWebRequest.GetResponse().GetResponseStream());       responseData = responseReader.ReadToEnd();     }     finally     {       httpWebRequest.GetResponse().GetResponseStream().Close();       responseReader.Close();     }     return responseData;   }   \/\/\/ <summary>   \/\/\/ POST\u8bf7\u6c42   \/\/\/ <\/summary>   \/\/\/ <param> […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19],"tags":[],"class_list":["post-29802","post","type-post","status-publish","format-standard","hentry","category-19"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/29802","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=29802"}],"version-history":[{"count":0,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/29802\/revisions"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=29802"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=29802"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=29802"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}