internal RestRequest CreateTokenRequest(QQConnectConfig config, string code, string state = "")
{
var request = new RestRequest(Method.GET);
if (!string.IsNullOrEmpty(state))
{
request.Resource = "oauth2.0/token?grant_type=authorization_code&client_id={appkey}&client_secret={appsecret}&code={code}&state={state}&redirect_uri={callbackurl}";
request.AddParameter("state", state, ParameterType.UrlSegment);
}
else
{
request.Resource = "oauth2.0/token?grant_type=authorization_code&client_id={appkey}&client_secret={appsecret}&code={code}&redirect_uri={callbackurl}";
}
request.AddParameter("appkey", config.GetAppKey(), ParameterType.UrlSegment);
request.AddParameter("appsecret", config.GetAppSecret(), ParameterType.UrlSegment);
request.AddParameter("code", code, ParameterType.UrlSegment);
request.AddParameter("callbackurl", config.GetCallBackURI(), ParameterType.UrlSegment);
return(request);
}
/// <summary>
/// 获取Authorization Code的URL地址
/// </summary>
/// <param name="state">client端的状态值。用于第三方应用防止CSRF攻击,成功授权后回调时会原样带回。</param>
/// <param name="scope">请求用户授权时向用户显示的可进行授权的列表。可填写的值是【QQ登录】API文档中列出的接口,
/// 以及一些动作型的授权(目前仅有:do_like),如果要填写多个接口名称,请用逗号隔开。
/// 例如:scope=get_user_info,add_share,list_album,upload_pic,check_page_fans,add_t,add_pic_t,del_t,get_repost_list,get_info,get_other_info
/// get_fanslist,get_idolist,add_idol,del_idol
/// 不传则默认请求对接口get_user_info进行授权。
/// 建议控制授权项的数量,只传入必要的接口名称,因为授权项越多,用户越可能拒绝进行任何授权。</param>
/// <returns></returns>
public string GetAuthorizationUrl(string state, string scope = "")
{
string url = string.Empty;
if (string.IsNullOrEmpty(scope))
{
url = string.Format("{0}?response_type=code&client_id={1}&redirect_uri={2}&state={3}", config.GetAuthorizeURL(), config.GetAppKey(), config.GetCallBackURI().ToString(), state);
}
else
{
url = string.Format("{0}?response_type=code&client_id={1}&redirect_uri={2}&state={3}&scope={4}", config.GetAuthorizeURL(), config.GetAppKey(), config.GetCallBackURI().ToString(), state, scope);
}
return(url);
}
