?前言

大家好，我是yma16，本文分享OAuth規(guī)則機(jī)制下實(shí)現(xiàn)個(gè)人站點(diǎn)接入qq三方登錄。
oauth授權(quán)

OAuth是一種授權(quán)機(jī)制，用于允許用戶（資源所有者）向第三方應(yīng)用程序授予有限的訪問權(quán)限，而不必將憑證直接提供給第三方應(yīng)用程序。OAuth的目的是為了保護(hù)用戶的私密數(shù)據(jù)，如社交媒體帳戶、云存儲(chǔ)、銀行帳戶等。它通過一個(gè)流程，將用戶授權(quán)給第三方應(yīng)用程序訪問用戶的資源，而不需要第三方應(yīng)用程序獲得用戶的憑證信息。這樣做可以減少用戶數(shù)據(jù)泄露的風(fēng)險(xiǎn)。OAuth是一個(gè)開放的標(biāo)準(zhǔn)，由OAuth工作組維護(hù)，并得到許多組織的支持和使用。

oauth的發(fā)展

OAuth協(xié)議的發(fā)展歷史可以追溯到2004年，當(dāng)時(shí)美國國防部提出了一個(gè)名為“OpenID Connect”的開放式身份認(rèn)證和授權(quán)標(biāo)準(zhǔn)，旨在解決Web 2.0中的身份認(rèn)證和授權(quán)問題。OAuth1.0于2005年被RFC 5849正式標(biāo)準(zhǔn)化，OAuth2.0于2011年被RFC 6749正式標(biāo)準(zhǔn)化 。

OAuth1.0的主要特點(diǎn)是將用戶的認(rèn)證信息(如用戶名和密碼)與第三方應(yīng)用的請(qǐng)求分離開來，從而提高了安全性。
OAuth2.0則在OAuth1.0基礎(chǔ)上進(jìn)一步改進(jìn)，增加了更多的功能和靈活性，如授權(quán)碼模式、隱式模式、密碼模式等 。

效果
在個(gè)人站點(diǎn)實(shí)現(xiàn)三方qq登錄
鏈接直達(dá)：https://yongma16.xyz
喚起三方登錄url

獲取qq用戶賬號(hào)頭像和openid登入

?qq三方登錄流程

前提條件: 存在可訪問的網(wǎng)站，在qq互聯(lián)中心創(chuàng)建應(yīng)用審核
友情提示：網(wǎng)站不可使用外部cdn，可導(dǎo)致審核人員查看白屏而失敗

💖qq互聯(lián)中心創(chuàng)建網(wǎng)頁應(yīng)用

填寫域名資料，提交審核

💖配置回調(diào)地址redirect_uri

回調(diào)地址是用戶使用qq登錄之后調(diào)整的地址會(huì)攜帶code和state的參數(shù)

💖流程分析

1. 喚起qq授權(quán)登錄url
2. 登錄qq成功獲取code
3. 通過code去換取access_token
4. 通過access_token去換取openid
5. 通過access_token和openid去換取userinfo

?思路分解

1.登錄頁面新開窗口的auth授權(quán)qq頁面
2.自定義node服務(wù)去渲染回調(diào)redirect_uri，成功登錄時(shí)回傳url上的參數(shù)給父頁面，然后用定時(shí)器關(guān)閉頁面
3. 拿到code后去換取token
4. 拿到token去換取openid
5. 拿到openid去換取userinfo
6. 使用openid去注冊(cè)網(wǎng)站用戶，顯示nickname網(wǎng)名

?技術(shù)選型+實(shí)現(xiàn)

💖技術(shù)選型：

后端：
node
前端：
vue2
后端node封裝接口

💖實(shí)現(xiàn)

node封裝接口：
api.js

const request = require('request');const loginUrl='https://graph.qq.com/oauth2.0/authorize'
const codeToTokenUrl='https://graph.qq.com/oauth2.0/token'
const openIdUrl='https://graph.qq.com/oauth2.0/me'
const userInfoUrl='https://graph.qq.com/user/get_user_info'
const appid=自己的appid
const appKey=自己的appkey
const redirect_uri=自己的回調(diào)地址const getAuthUrl=(state)=>{return new Promise(resolve=>{const params={response_type:'code',client_id:appid,redirect_uri:encodeURI(redirect_uri),state:state?state:'myblog',};const path=Object.keys(params).forEach(key=>{return `${key}=${params[key]}`}).join('&')const url=loginUrl+'?'+pathresolve(url)})
};const getToken=(code)=>{return new Promise(async ( resolve ,reject)=> {request({method: 'GET', uri: codeToTokenUrl,qs: {grant_type: 'authorization_code',client_id: appid,client_secret: appKey,code: code,redirect_uri: encodeURI(redirect_uri),fmt: 'json'}}, function (error, response) {if (!error && response.statusCode === 200) {resolve(response)} else {console.log("error",error);reject(reject)}})})
};const getOpenId=(access_token)=>{return new Promise(async ( resolve ,reject)=> {request({method: 'GET', uri: openIdUrl,qs: {access_token:access_token,fmt: 'json'}}, function (error, response) {if (!error && response.statusCode === 200) {resolve(response)} else {reject(error)}})})
};const getUserInfo=(access_token,openId)=>{return new Promise(async ( resolve ,reject)=> {request({method: 'GET', uri: userInfoUrl,qs: {access_token:access_token,oauth_consumer_key:appid,openid:openId,fmt: 'json'}}, function (error, response) {if (!error && response.statusCode === 200) {resolve(response)} else {reject(error)}})})
}module.exports={getAuthUrl,getToken,getOpenId,getUserInfo
};

node開放接口：

const hostname = 'localhost';
const port = 6677;const express = require("express");const {getAuthUrl,getToken,getOpenId,getUserInfo}=require('./service/api.js');
const app = express();app.listen(port,hostname, () => {console.log(`Server running at http://${hostname}:${port}/`);
});
// server your css as static
app.use(express.static(__dirname));
// views
const thirdLoginDir='/views/thirdLogin/';
app.get("/getAuthUrl",async (req, res) => {try{const {query}=reqconst {state}=queryconst url=await getAuthUrl(state)res.json({code:authRes.statusCode,data:url,})}catch (e) {res.json({code:0,msg:e})}
});app.get("/getToken",async (req, res) => {try{const {query}=reqconst {code}=queryconsole.log('code',code)const tokenRsponse=await getToken(code)res.json({code:tokenRsponse.statusCode,data:JSON.parse(tokenRsponse.body),})}catch (e) {res.json({code:0,msg:e})}
});app.get("/getOpenId",async (req, res) => {try{const {query}=reqconst {access_token}=queryconsole.log('access_token',access_token)const openidRes=await getOpenId(access_token)res.json({code:openidRes.statusCode,data:JSON.parse(openidRes.body)})}catch (e) {res.json({code:0,msg:e})}
});app.get("/quickGetOpenId",async (req, res) => {try{const {query}=reqconst {code}=queryconsole.log('code',code)const tokenRsponse=await getToken(code)const tokenBody=JSON.parse(tokenRsponse.body)const {access_token}=tokenBodyconst openIdRsponse=await getOpenId(access_token)res.json({code:tokenRsponse.statusCode,data:JSON.parse(openIdRsponse.body)})}catch (e) {res.json({code:0,msg:e})}
});app.get("/getUserInfo",async (req, res) => {try{const {query}=reqconst {access_token,openId}=queryconsole.log('access_token openId',access_token,openId)const userInfoRes=await getUserInfo(access_token,openId)res.json({code:userInfoRes.statusCode,data:JSON.parse(userInfoRes.body)})}catch (e) {res.json({code:0,msg:e})}
});app.get("/qq_login_callback", (req, res) => {res.sendFile(__dirname + thirdLoginDir+"qqLoginCallback.html");
});
app.get("/azure_login_callback", (req, res) => {res.sendFile(__dirname + thirdLoginDir+"azureLoginCallback.html");
});

回調(diào)html

<!DOCTYPE html>
<html lang="en">
<head><meta charset="UTF-8"><title>qqLoginCallback</title>
</head>
<body>
qq login success!
<script type="application/javascript">function init() {console.log('qq success login')console.log('window.location.href',window.location.href)const href=window.location.hrefconst data={}const urlArray=href.split('?')const urlLength=urlArray.lengthif(urlLength>1){urlArray[urlLength-1].split('&').forEach(item=>{const itemArray=item.split('=')const key=itemArray[0]const value=itemArray[1]data[key]=value})}if(window.opener){//發(fā)送datawindow.opener.postMessage(data,'*')//關(guān)閉setTimeout(()=>{window.close()},1000)}}window.onload=init
</script>
</body>
</html>

vue前端qq登錄的調(diào)用：

		async qqLogin () {try {const that = this// qqconst res = await that.$axios.post('/third-login/getAuthUrl')console.log('res', res)if (res.data && res.data.data) {const resData = res.data.dataconsole.log('resData', resData)if (resData ) {let url = resData console.log('url', url)const openHandle = window.open(url, 'width:800px;height:700px', '_black')console.log('openHandle', openHandle)window.onmessage = async (res) => {const {origin, data} = resif (origin.includes('yongma16.xyz')) {const {code, state} = dataconsole.log('code state', code, state)that.thirdLoginConfig.qCode = codethat.thirdLoginConfig.qState = stateconst tokenRes = await that.getAccessToken(code)console.log('tokenRes', tokenRes)}}}}return new Promise(resolve => {resolve(true)})} catch (e) {return new Promise((resolve, reject) => {reject(e)})}},async getAccessToken (code) {try {const tokenUrl = '/third-login/getToken'const params = {code}const tokenRes = await this.$axios.get(tokenUrl, {params})console.log('tokenRes', tokenRes)if (tokenRes) {const {access_token, expires_in, refresh_token} = tokenRes.data.dataif (access_token) {this.thirdLoginConfig.qToken = access_tokenawait this.getOpenId(access_token)}}} catch (e) {console.log('token error', e)}},async getOpenId (token) {try {const tokenUrl = '/third-login/getOpenId'const params = {access_token: token}const openIdRes = await this.$axios.get(tokenUrl, {params})console.log('openIdRes', openIdRes)if (openIdRes) {const {openid} = openIdRes.data.dataif (openid) {this.thirdLoginConfig.qOpenid = openidawait this.getQUserinfo(this.thirdLoginConfig.qToken, openid)}}} catch (e) {console.log('token error', e)}},async getQUserinfo (token, openId) {try {const userInfoUrl = '/third-login/getUserInfo'const params = {access_token: token,openId: openId}const userRes = await this.$axios.get(userInfoUrl, {params})if (userRes) {this.thirdLoginConfig.qUserInfo = userRes.data.datathis.registerThirdLogin()}console.log('userRes', userRes)} catch (e) {console.log('token error', e)}}

效果：

?結(jié)束

本文分享到這結(jié)束，如有錯(cuò)誤或者不足之處歡迎指出！

👍 點(diǎn)贊，是我創(chuàng)作的動(dòng)力！
?? 收藏，是我努力的方向！
?? 評(píng)論，是我進(jìn)步的財(cái)富！
💖 感謝你的閱讀！