forked from golang/hotime
164 lines
5.0 KiB
Go
164 lines
5.0 KiB
Go
|
package oauth
|
||
|
|
||
|
import (
|
||
|
"encoding/json"
|
||
|
"fmt"
|
||
|
"net/http"
|
||
|
"net/url"
|
||
|
|
||
|
"github.com/silenceper/wechat/context"
|
||
|
"github.com/silenceper/wechat/util"
|
||
|
)
|
||
|
|
||
|
const (
|
||
|
redirectOauthURL = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=%s&redirect_uri=%s&response_type=code&scope=%s&state=%s#wechat_redirect"
|
||
|
webAppRedirectOauthURL = "https://open.weixin.qq.com/connect/qrconnect?appid=%s&redirect_uri=%s&response_type=code&scope=%s&state=%s#wechat_redirect"
|
||
|
accessTokenURL = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=%s&secret=%s&code=%s&grant_type=authorization_code"
|
||
|
refreshAccessTokenURL = "https://api.weixin.qq.com/sns/oauth2/refresh_token?appid=%s&grant_type=refresh_token&refresh_token=%s"
|
||
|
userInfoURL = "https://api.weixin.qq.com/sns/userinfo?access_token=%s&openid=%s&lang=zh_CN"
|
||
|
checkAccessTokenURL = "https://api.weixin.qq.com/sns/auth?access_token=%s&openid=%s"
|
||
|
)
|
||
|
|
||
|
//Oauth 保存用户授权信息
|
||
|
type Oauth struct {
|
||
|
*context.Context
|
||
|
}
|
||
|
|
||
|
//NewOauth 实例化授权信息
|
||
|
func NewOauth(context *context.Context) *Oauth {
|
||
|
auth := new(Oauth)
|
||
|
auth.Context = context
|
||
|
return auth
|
||
|
}
|
||
|
|
||
|
//GetRedirectURL 获取跳转的url地址
|
||
|
func (oauth *Oauth) GetRedirectURL(redirectURI, scope, state string) (string, error) {
|
||
|
//url encode
|
||
|
urlStr := url.QueryEscape(redirectURI)
|
||
|
return fmt.Sprintf(redirectOauthURL, oauth.AppID, urlStr, scope, state), nil
|
||
|
}
|
||
|
|
||
|
//GetWebAppRedirectURL 获取网页应用跳转的url地址
|
||
|
func (oauth *Oauth) GetWebAppRedirectURL(redirectURI, scope, state string) (string, error) {
|
||
|
urlStr := url.QueryEscape(redirectURI)
|
||
|
return fmt.Sprintf(webAppRedirectOauthURL, oauth.AppID, urlStr, scope, state), nil
|
||
|
}
|
||
|
|
||
|
//Redirect 跳转到网页授权
|
||
|
func (oauth *Oauth) Redirect(writer http.ResponseWriter, req *http.Request, redirectURI, scope, state string) error {
|
||
|
location, err := oauth.GetRedirectURL(redirectURI, scope, state)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
http.Redirect(writer, req, location, 302)
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// ResAccessToken 获取用户授权access_token的返回结果
|
||
|
type ResAccessToken struct {
|
||
|
util.CommonError
|
||
|
|
||
|
AccessToken string `json:"access_token"`
|
||
|
ExpiresIn int64 `json:"expires_in"`
|
||
|
RefreshToken string `json:"refresh_token"`
|
||
|
OpenID string `json:"openid"`
|
||
|
Scope string `json:"scope"`
|
||
|
|
||
|
// UnionID 只有在用户将公众号绑定到微信开放平台帐号后,才会出现该字段。
|
||
|
// 公众号文档 https://mp.weixin.qq.com/wiki?t=resource/res_main&id=mp1421140842
|
||
|
UnionID string `json:"unionid"`
|
||
|
}
|
||
|
|
||
|
// GetUserAccessToken 通过网页授权的code 换取access_token(区别于context中的access_token)
|
||
|
func (oauth *Oauth) GetUserAccessToken(code string) (result ResAccessToken, err error) {
|
||
|
urlStr := fmt.Sprintf(accessTokenURL, oauth.AppID, oauth.AppSecret, code)
|
||
|
var response []byte
|
||
|
response, err = util.HTTPGet(urlStr)
|
||
|
if err != nil {
|
||
|
return
|
||
|
}
|
||
|
err = json.Unmarshal(response, &result)
|
||
|
if err != nil {
|
||
|
return
|
||
|
}
|
||
|
if result.ErrCode != 0 {
|
||
|
err = fmt.Errorf("GetUserAccessToken error : errcode=%v , errmsg=%v", result.ErrCode, result.ErrMsg)
|
||
|
return
|
||
|
}
|
||
|
return
|
||
|
}
|
||
|
|
||
|
//RefreshAccessToken 刷新access_token
|
||
|
func (oauth *Oauth) RefreshAccessToken(refreshToken string) (result ResAccessToken, err error) {
|
||
|
urlStr := fmt.Sprintf(refreshAccessTokenURL, oauth.AppID, refreshToken)
|
||
|
var response []byte
|
||
|
response, err = util.HTTPGet(urlStr)
|
||
|
if err != nil {
|
||
|
return
|
||
|
}
|
||
|
err = json.Unmarshal(response, &result)
|
||
|
if err != nil {
|
||
|
return
|
||
|
}
|
||
|
if result.ErrCode != 0 {
|
||
|
err = fmt.Errorf("GetUserAccessToken error : errcode=%v , errmsg=%v", result.ErrCode, result.ErrMsg)
|
||
|
return
|
||
|
}
|
||
|
return
|
||
|
}
|
||
|
|
||
|
//CheckAccessToken 检验access_token是否有效
|
||
|
func (oauth *Oauth) CheckAccessToken(accessToken, openID string) (b bool, err error) {
|
||
|
urlStr := fmt.Sprintf(checkAccessTokenURL, accessToken, openID)
|
||
|
var response []byte
|
||
|
response, err = util.HTTPGet(urlStr)
|
||
|
if err != nil {
|
||
|
return
|
||
|
}
|
||
|
var result util.CommonError
|
||
|
err = json.Unmarshal(response, &result)
|
||
|
if err != nil {
|
||
|
return
|
||
|
}
|
||
|
if result.ErrCode != 0 {
|
||
|
b = false
|
||
|
return
|
||
|
}
|
||
|
b = true
|
||
|
return
|
||
|
}
|
||
|
|
||
|
//UserInfo 用户授权获取到用户信息
|
||
|
type UserInfo struct {
|
||
|
util.CommonError
|
||
|
|
||
|
OpenID string `json:"openid"`
|
||
|
Nickname string `json:"nickname"`
|
||
|
Sex int32 `json:"sex"`
|
||
|
Province string `json:"province"`
|
||
|
City string `json:"city"`
|
||
|
Country string `json:"country"`
|
||
|
HeadImgURL string `json:"headimgurl"`
|
||
|
Privilege []string `json:"privilege"`
|
||
|
Unionid string `json:"unionid"`
|
||
|
}
|
||
|
|
||
|
//GetUserInfo 如果scope为 snsapi_userinfo 则可以通过此方法获取到用户基本信息
|
||
|
func (oauth *Oauth) GetUserInfo(accessToken, openID string) (result UserInfo, err error) {
|
||
|
urlStr := fmt.Sprintf(userInfoURL, accessToken, openID)
|
||
|
var response []byte
|
||
|
response, err = util.HTTPGet(urlStr)
|
||
|
if err != nil {
|
||
|
return
|
||
|
}
|
||
|
err = json.Unmarshal(response, &result)
|
||
|
if err != nil {
|
||
|
return
|
||
|
}
|
||
|
if result.ErrCode != 0 {
|
||
|
err = fmt.Errorf("GetUserInfo error : errcode=%v , errmsg=%v", result.ErrCode, result.ErrMsg)
|
||
|
return
|
||
|
}
|
||
|
return
|
||
|
}
|