关于人人网的 OAuth 认证

作者Piovano发表在实践 / Practice

研究了一下人人网的 OAuth 认证,同时也看了一下腾讯新浪和豆瓣的,感觉流程都差不多。整个流程就是不断的请求、获取、请求、获取……于是写了个 PHP 脚本,尝试了一下 OAuth 认证,使用人人网帐号登录 WordPress 。当然事先要在 WordPress 数据库做点手脚,多加一个表,用于存放用户的人人 ID 。

实际使用中,火狐浏览器有时会出现如下提示:

连接graph.renren.com时发生错误。

SSL 接收到一个超出最大准许长度的记录。
(错误码: ssl_error_rx_record_too_long)

初步判定貌似是代理服务器的关系。因为学校的限制,一般网页访问时都挂的搜狗浏览器的代理,如果关掉此代理,就能正常的登录。当然也可能是代码本身的问题,有人看出来的话欢迎指出一下。

下面是代码,考虑到安全问题抹掉了 client_id 和 client_secret 。

<?php

require_once( dirname(__FILE__).'/wp-load.php' );
require_once( dirname(__FILE__).'/wp-includes/pluggable.php' );
require_once( dirname(__FILE__).'/wp-includes/user.php' );

$auth_address = "https://graph.renren.com/oauth/authorize";
$token_address = "https://graph.renren.com/oauth/token";
$session_key_address = "https://graph.renren.com/renren_api/session_key";
$response_type = "code"; 
$grant_type = "authorization_code";
$client_id = "*****************************"; 
$client_secret = "*****************************";
$redirect_uri = "http://piovano.net/renren-login.php"; 
$auth_code = "";
$access_token = "";
$session_key = "";

if (isset($_GET[ "code" ])) {
    global $auth_code;
    global $access_token;
    global $session_key;
    
    $auth_code = get_auth_code();
    $access_token = get_access_token();
    if ( isset( $access_token -> error ) ) 
        wp_die( $access_token -> error.": ".$access_token -> error_description, "楠窗听雨" );
    else {
        $session_key = get_session_key();
        $user_info = get_user_info( $session_key->user->id );
        if ( $user_info["id"] == "" )
            wp_die( "登录失败。没有账号与您的人人账号关联。", "楠窗听雨" );
        else {
            renren_login( $user_info["id"], $user_info["name"] );
            Header("Location: http://piovano.net/");
        }
    }
}
elseif ( !is_user_logged_in() )
    apply_for_auth_code();
else
    wp_die( "您已经登录。", "楠窗听雨" );

function apply_for_auth_code() {
    global $auth_address;
    global $response_type; 
    global $client_id; 
    global $redirect_uri; 
    
    $url = $auth_address."?response_type=".urlencode($response_type)."&client_id=".urlencode($client_id)."&redirect_uri=".urlencode($redirect_uri);
    if (isset($url)) {
        Header("Location: ".$url);
    }
}

function get_auth_code() {
    return $_GET[ "code"];
}

function get_access_token() {
    global $token_address;
    global $grant_type;
    global $auth_code;
    global $client_id;
    global $client_secret;
    global $redirect_uri;
    
    $curlPost = "grant_type=".urlencode($grant_type)."&code=".urlencode($auth_code)."&client_id=".urlencode($client_id)."&client_secret=".urlencode($client_secret)."&redirect_uri=".urlencode($redirect_uri);
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $token_address); 
    curl_setopt($ch, CURLOPT_HEADER, 0); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
    curl_setopt($ch, CURLOPT_POST, 1); 
    curl_setopt($ch, CURLOPT_POSTFIELDS, $curlPost); 
    $jsonstr = curl_exec($ch); 
    curl_close($ch); 

    $jsonobj = json_decode( $jsonstr );
    $jsonobj -> renren_token = json_decode( $jsonobj -> renren_token );
    $jsonobj -> user = json_decode( $jsonobj -> user );
    return $jsonobj;
}

function get_session_key() {
    global $access_token;
    global $session_key_address;
    
    $curlPost = "oauth_token=".urlencode( $access_token -> access_token );
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $session_key_address); 
    curl_setopt($ch, CURLOPT_HEADER, 0); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
    curl_setopt($ch, CURLOPT_POST, 1); 
    curl_setopt($ch, CURLOPT_POSTFIELDS, $curlPost); 
    $jsonstr = curl_exec($ch); 
    curl_close($ch); 

    $jsonobj = json_decode( $jsonstr );
    return $jsonobj;
}

function get_user_info( $renren_id ) {
    $sql = mysql_connect( DB_HOST, DB_USER, DB_PASSWORD );
    mysql_select_db( DB_NAME, $sql);
    mysql_query("SET NAMES ".DB_CHARSET , $sql);
    $sqlresult = mysql_query("SELECT wp_users.ID,wp_users.user_login FROM wp_users,wp_social_connect WHERE wp_users.ID=wp_social_connect.ID and wp_social_connect.renren_id='".$renren_id."'", $sql);
    $resultarray = mysql_fetch_array( $sqlresult, MYSQL_ASSOC );
    $user_info = array( "id" => 0, "name" => "" );
    if ( !($resultarray == NULL) ) {
        $user_info["id"] = $resultarray["ID"];
        $user_info["name"] = $resultarray["user_login"];
        return $user_info;
    } else
        return $user_info;
}

function renren_login( $user_id, $user_name ) {
    $secure_cookie = is_ssl();
    global $auth_secure_cookie;
    $auth_secure_cookie = $secure_cookie;
    add_filter('authenticate', 'wp_authenticate_cookie', 30, 3);
    wp_set_auth_cookie($user_id, False, $secure_cookie);
    do_action('wp_login', $user_name);
}

?>