淘宝开放平台新的授权验证方式

 看来DEMO才懂,淘宝的文档也太那啥了...贴出来

 

 //取得回调地址返回的参数
 $top_session = $_REQUEST["top_session'];    
 $top_parameters = $_REQUEST['top_parameters'];
 $top_sign = $_REQUEST['top_sign'];
 
 //验证签名
 $parameter = urldecode($appkey.$top_parameters.$top_session);
 if(validateSign($top_sign,$parameter,$appsecret)){
 
	//解析top_parameters
	$top_parameters = base64_decode($top_parameters);
	$top_parameters = iconv('GBK','utf-8',$top_parameters);
	parse_str($top_parameters,$userInfo);
	
	//通过取得的sessionkey调用api
	include_once('TopSdk.php');
    $c = new TopClient;
    $c->appkey =  $appkey;
    $c->secretKey =  $appsecret;
    $req = new UserGetRequest;
    $req->setFields("user_id,nick,email");
    $tao_userinfo = $c->execute($req, $top_session);
	
	//打印参数
	echo "登录成功!</br>欢迎! ".$userInfo['visitor_nick'];
	echo "
top_parameters解析结果:
"; print_r($userInfo); echo "
返回的sessionkey:
"; print_r($top_session); echo "
API调用返回结果:
"; print_r($tao_userinfo); }else{ echo "签名验证失败!"; } //验证签名函数 function validateSign($sign,$parameter,$secret){ $checkSign = base64_encode(md5($parameter.$secret,true)); if($sign == $checkSign){ return true; }else { return false; } }

 



文章来自: 本站原创
Tags:
评论: 0 | 查看次数: 8482