background
OAUTH
development license agreement, provides a simple yet secure open standards as an authorized user of resources. You can use third-party account login another party application or service, without revealing the account information to another application
. Has now been widely used, for example, we can see a lot of services by third-party account login, this way to avoid the trouble of user registration, you can also use third-party resources on the Internet.
Development Process
One.
QQ login OAuth2.0 currently used standard protocol for user authentication and access to user authorization. The entire process is as follows, where A may use an application such as QQ login account.
1.
User access to client applications, stored in a user tries to operate the service provider's resources. For example, users with QQ account login
application
A
program, and can obtain the user information stored in the user nickname head and so Tencent server.
2.
After entering the QQ account, after applying the service provider A
(Tencent)
(Request Token). Requests a temporary token
3.
Service Provider
(Tencent)
after identity (application A), the granting of a temporary token. Verify that the client
4.
The client (application A) obtained temporary token, the user to the service provider (Tencent) authorized user authorization page request. Temporary token during this process and the client
callback
connection to send provider (Tencent) to the service.
5.
Enter your user name and password on a Web page to provide users with the service side (Tencent), and then authorize the client (application A) to access the requested resource.
6.
After the authorization is successful, the service provider (Tencent) guides the user is returned to the client (application A) provided callback page.
7.
The client (application A) from a service provider based on temporary token (Tencent) Obtain an access token (Access Token).
8.
The access token (Access Token) to obtain a corresponding user's identity openid,
9.
The client (application A) according to the access token (Access Token) with openid call OpenAPI, to request access or modify authorized users resources (such as a nickname information to authorized users User Avatar, etc.).
10.
After get the access token (Access Token), client (application A) can be saved, next time do not again service provider (Tencent) requesting authorization, you can use the account directly authorized resources, the equivalent saved user name and password, but the real user name and password for the client (application a) does not know.
Show a successful landing after such an information publishing site, you can use QQ account login, user input QQ account information via a secure page, and asks the user whether to allow the site to use some user information, such as information, photo albums, etc., after the user confirms the Web site can get information authorized by users. At the same time get the access token (Access Token), after which you can use this website to get access to these authorization information of the user, without the need to enter the account information again. The site also provides general delete this access token entrance. This can be very convenient to users willing to provide information to get this information release site use, and users do not need to register again entered.
two.
Providing QQ QQ Android mobile devices landing development kit, a package of the above-described process may be conveniently used for developers. To really develop a QQ account login using the App, you need to register in the Tencent community open platform applications,
apply the corresponding
appid
and AppKey
, this App developers
time to use.
1.
can open API site to download the latest QQ login API library files and Demo Tencent.
2.
Demo Project follows after downloading, into which a library tencent_openapi.jar as shown in FIG.
Demo
describes two ways landing, mobile browser and WebView, passing different parameters, into a different login, will return different results according to the user to select and enter the account information. Developers can refer to these functions corresponding code to complete the development of unauthorized access.
Conclusion
Here introduce third-party application if you use QQ account login, many domestic applications and sites offer a similar service, so when currently a more popular and practical direction, and did not elaborate here on every detail, if Tencent QQ issue can access the internet open platform.
Reproduced in: https: //my.oschina.net/weisenz/blog/200656