| public parseSignedRequest ( string $signed_request ) : array | ||
| $signed_request | string | 应用框架在加载iframe时会通过向Canvas URL post的参数signed_request |
| return | array | |
function parseSignedRequest($signed_request)
{
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
$sig = self::base64decode($encoded_sig);
$data = json_decode(self::base64decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
return '-1';
}
$expected_sig = hash_hmac('sha256', $payload, $this->client_secret, true);
return $sig !== $expected_sig ? '-2' : $data;
} /**
* 授权页
*/
public function actionCallback()
{
// weibo POST
//从POST过来的signed_request中提取oauth2信息
if (!empty($_REQUEST["signed_request"])) {
$o = new SaeTOAuthV2(Yii::app()->params['WB_AKEY'], Yii::app()->params['WB_SKEY']);
$data = $o->parseSignedRequest($_REQUEST["signed_request"]);
if ($data == '-2') {
die('签名错误!');
} else {
$_SESSION['oauth2'] = $data;
}
}
//print_r($_SESSION['oauth2']);
if (empty($_SESSION['oauth2']["user_id"])) {
//若没有获取到access token,则发起授权请求
$this->render('auth');
} else {
//若已获取到access token,则加载应用信息
//print_r($_SESSION['oauth2']);
$c = new SaeTClientV2(Yii::app()->params['WB_AKEY'], Yii::app()->params['WB_SKEY'], $_SESSION['oauth2']['oauth_token'], '');
Yii::app()->session['api'] = $c;
$this->redirect('/');
//setcookie( 'weibojs_'.$o->client_id, http_build_query($_SESSION['oauth2']) );
}
}
