我目前正在网站上工作。将有几种类型的授权,其中之一是"通过Twitter"。我正在使用亚伯拉罕·威廉姆斯的TwitterOAuth库。我将尝试解释下面的脚本是如何工作的:
- 当您点击index.php的"登录"按钮时,弹出窗口(login.php)打开并要求授权应用程序使用您的twitter帐户
- 当提交时,它被重定向到api.twitter.com与$_GET参数中的"访问令牌"。
- 然后twitter授权该"令牌",并返回回调URL,这是在twitter应用程序的设置中定义的。
它工作完美,除了opera有问题时,从api.twitter.com重定向到回调URL。似乎根本没有执行重定向。
来源:
index . php
<?php
session_start();
session_destroy();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script type="text/javascript">
function popup(url)
{
var addr = document.location.href.replace('index.php','');
popUpObj = window.open(addr + url, 'Twitter', 'width=700,height=600,menubar=yes,status=yes');
}
function transferdata(data)
{
if (data.screen_name)
{
(elem = document.getElementById('tw-login')).parentNode.removeChild(elem);
document.getElementById('menu').innerHTML = 'Hello, ' + data.screen_name;
}
else
document.getElementById('menu').innerHTML = 'Twitter didn''t authorize you :(';
}
</script>
<style type="text/css">
#tw-login
{
display: block;
background-color: #ccc;
text-align: center;
font-family: "Trebuchet MS", Vernanda, serif;
color: #fff;
margin: 5px;
padding: 4px 6px;
text-decoration: none;
width: 80px;
}
#tw-logout
{
display: block;
background-color: #ccc;
text-align: center;
font-family: "Trebuchet MS", Vernanda, serif;
color: #fff;
margin: 5px;
padding: 4px 6px;
text-decoration: none;
width: 80px;
}
</style>
</head>
<body>
<a id="tw-login" href="" onclick="popup('login.php');">Log in</a>
<a id="tw-logout" href="session_clear.php">Log out</a>
<div id="menu">
</div>
</body>
</html>
login。
<?php
session_start();
include 'twitteroauth/twitteroauth.php';
define('TWITTER_KEY', '*******');
define('TWITTER_KEY_SECRET', '*******');
$twitteroauth = new TwitterOAuth(TWITTER_KEY, TWITTER_KEY_SECRET);
$requestToken = $twitteroauth->getRequestToken();
$_SESSION['oauth_token'] = $requestToken['oauth_token'];
$_SESSION['oauth_token_secret'] = $requestToken['oauth_token_secret'];
if($twitteroauth->http_code == 200)
{
$url = $twitteroauth->getAuthorizeURL($requestToken['oauth_token']);
header('Location: ' . $url);
}
else
{
die('Something wrong happened.');
}
callback.php
<?php
session_start();
include 'twitteroauth/twitteroauth.php';
define('TWITTER_KEY', '*******');
define('TWITTER_KEY_SECRET', '*******');
if (!empty($_GET['oauth_verifier']) && !empty($_SESSION['oauth_token']) && !empty($_SESSION['oauth_token_secret']))
{
$twitteroauth = new TwitterOAuth(TWITTER_KEY, TWITTER_KEY_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
$accessToken = $twitteroauth->getAccessToken($_GET['oauth_verifier']);
$_SESSION['access_token'] = $accessToken;
$userinfo = $twitteroauth->get('account/verify_credentials');
}
else
header('Location: login.php');
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script type="text/javascript">
$(document).ready(SendToMain());
function SendToMain()
{
if(window.opener != null || !window.opener.closed)
{
window.opener.transferdata(<?php echo json_encode($userinfo); ?>);
window.close();
}
}
</script>
</head>
<body>
</body>
</html>
session_clear.php
<?php
session_start();
session_destroy();
header('Location: index.php');
您的重定向URI不使用ssl。要解决这个问题,请使用https。
在重定向之前,您必须向一些浏览器发送301或303之类的状态码。试试这样做:
header("Status: 303");
header("Location: /home.php");
exit;