在 CodeIgniter 3.1 使用 WeChat 開放平台授權

登入:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
public function login()
{
// 簡易隨機字串
$random = md5(rand());

// 將簡易隨機字串存入 Session
$this->session->set_userdata([
'csrf_token' => $random,
]);

$url = 'https://open.weixin.qq.com/connect/qrconnect?' . http_build_query([
'appid' => $this->config['oauth']['wechat']['appid'],
'redirect_uri' => $this->config['oauth']['wechat']['redirect_uris'],
'response_type' => 'code',
'scope' => 'snsapi_login',
'state' => $random, // 防止 CSRF 攻擊
]) . '#wechat_redirect';

redirect($url); // 跳轉到微信方
}

回調:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
public function callback($provider)
{
$code = $_GET['code'] ?? null;
$state = $_GET['state'] ?? null;

// 檢查是否取得 code 以及 state 與 Session 中的是否一致
if ($code && $state == $this->session->userdata('csrf_token')) {
$this->session->unset_userdata('csrf_token');

$url = 'https://api.weixin.qq.com/sns/oauth2/access_token?' . http_build_query([
'appid' => $this->config['oauth']['wechat']['appid'],
'secret' => $this->config['oauth']['wechat']['secret'],
'code' => $code,
'grant_type' => 'authorization_code',
]);

$result = json_decode(file_get_contents($url), true);
$accessToken = $result['access_token'];
$openid = $result['openid'];
}
}