public ActionResult Renren() { //应用的APPID string app_id = ConfigSetting.RenRenAPPKey; //应用的APPKEY string app_secret = ConfigSetting.RenRenSecretKey; //成功授权后的回调地址 string my_url = string.Format("http://www.{0}/login/renren", ConfigSetting.DomainUrl); //Step1:获取Authorization Code //session_start(); string code = Request.QueryString["code"]; if (string.IsNullOrEmpty(code)) { //state参数用于防止CSRF攻击,成功授权后回调时会原样带回 Session["state"] = Guid.NewGuid();//md5(uniqid(rand(), TRUE)); //拼接URL string dialog_url = "https://graph.renren.com/oauth/authorize?response_type=code&client_id=" + app_id + "&redirect_uri=" + Server.UrlEncode(my_url) + "&state=" + Session["state"]; return Content("<script>window.top.location.href='" + dialog_url + "'</script>"); } if (Request["state"].ToString().Equals(Session["state"].ToString())) { Session["state"] = null; //拼接URL string token_url = "https://graph.renren.com/oauth/token?grant_type=authorization_code&client_id=" + app_id + "&redirect_uri=" + Server.UrlEncode(my_url) + "&client_secret=" + app_secret + "&code=" + code; string response = HttpHelper.WebPageContentGet(token_url, System.Text.Encoding.UTF8); NameValueCollection user = ParseJson(response); if (!string.IsNullOrEmpty(user["error"])) { return View(new OpenLoginViewModel() { Success = false, Error = user["error"].ToString(), Message = user["error_description"].ToString() }); } OpenLoginViewModel OpenUser = new OpenLoginViewModel() { Success = true, OpenType = (int)OpenLoginType.Renren, NickName = user["name"].ToString(), OpenId = user["access_token"].ToString() }; if (MemberService.OpenUserLogin(OpenUser, OpenLoginType.Renren)) { return RedirectToAction("Index", "Home"); } else { Session["registerAuto"] = OpenUser; return RedirectToAction("RegAuto", "Reg"); } } else { return View(new OpenLoginViewModel() { Success = false, Error = "The state does not match. You may be a victim of CSRF", Message = "request=" + Request["state"] + ",session=" + Session["state"] }); } }
public ActionResult QQ() { //应用的APPID string app_id = ConfigSetting.QQAppID; //应用的APPKEY string app_secret = ConfigSetting.QQKey; //成功授权后的回调地址 string my_url = string.Format("http://www.{0}/login/qq", ConfigSetting.DomainUrl); //Step1:获取Authorization Code //session_start(); string code = Request.QueryString["code"]; if (string.IsNullOrEmpty(code)) { //state参数用于防止CSRF攻击,成功授权后回调时会原样带回 Session["state"] = Guid.NewGuid();//md5(uniqid(rand(), TRUE)); //拼接URL string dialog_url = "https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=" + app_id + "&redirect_uri=" + Server.UrlEncode(my_url) + "&state=" + Session["state"]; return Content("<script>window.top.location.href='" + dialog_url + "'</script>"); } //Step2:通过Authorization Code获取Access Token if (Request["state"].ToString().Equals(Session["state"].ToString())) { //拼接URL string token_url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&" + "client_id=" + app_id + "&redirect_uri=" + Server.UrlEncode(my_url) + "&client_secret=" + app_secret + "&code=" + code; string response = HttpHelper.WebPageContentGet(token_url, System.Text.Encoding.UTF8); NameValueCollection msg; if (response.IndexOf("callback") != -1) { int lpos = response.IndexOf("("); int rpos = response.IndexOf(")"); response = response.Substring(lpos + 1, rpos - lpos - 1); msg = ParseJson(response); if (!string.IsNullOrEmpty(msg["error"])) { return View(new OpenLoginViewModel() { Success = false, Error = msg["error"].ToString(), Message = msg["error_description"] }); } } NameValueCollection ps = ParseUrlParameters(response); string graph_url = "https://graph.qq.com/oauth2.0/me?access_token=" + ps["access_token"]; string str = HttpHelper.WebPageContentGet(graph_url, System.Text.Encoding.Default); if (str.IndexOf("callback") != -1) { int lpos = str.IndexOf("("); int rpos = str.IndexOf(")"); str = str.Substring(lpos + 1, rpos - lpos - 1); } NameValueCollection user = ParseJson(str); if (!string.IsNullOrEmpty(user["error"])) { return View(new OpenLoginViewModel() { Success = false, Error = user["error"].ToString(), Message = user["error_description"] }); } OpenLoginViewModel OpenUser = new OpenLoginViewModel() { Success = true, OpenType = (int)OpenLoginType.QQ, OpenId = user["openid"].ToString() }; if (MemberService.OpenUserLogin(OpenUser, OpenLoginType.QQ)) { return RedirectToAction("Index", "Home"); } else { string user_profile_url = "https://graph.qq.com/user/get_user_info?access_token=" + ps["access_token"] + "&oauth_consumer_key=" + app_id + "&openid=" + OpenUser.OpenId; string response_profile = HttpHelper.WebPageContentGet(user_profile_url, System.Text.Encoding.UTF8); NameValueCollection userProfile = ParseJson(response_profile); OpenUser.NickName = userProfile["nickname"].ToString(); Session["registerAuto"] = OpenUser; return RedirectToAction("RegAuto", "Reg"); } } else { return View(new OpenLoginViewModel() { Success = false, Error = "The state does not match. You may be a victim of CSRF.", Message = "request=" + Request["state"] + ",session=" + Session["state"] }); } }