参考了《asp.net 集成QQ2.0 登陆代码示例》和《登陆整合实现-QQ互联认证(ASP.NET版本)》。
using System; using System.Net; using System.Text; using System.IO; using System.Collections.Specialized; using System.Data; using System.Configuration; using Newtonsoft.Json.Linq; using Scratchline.Database; using System.Web.Security; namespace Scratchline.CN { public partial class login_qq : System.Web.UI.Page { private static Random RndSeed = new Random(); public string GenerateRndNonce() { return (RndSeed.Next(1, 0xf423f).ToString("000000") + RndSeed.Next(1, 0xf423f).ToString("000000")); } public string file_get_contents(string url, Encoding encode) { HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url); WebResponse response = request.GetResponse(); using (MemoryStream ms = new MemoryStream()) { using (Stream stream = response.GetResponseStream()) { int readc; byte[] buffer = new byte[1024]; while ((readc = stream.Read(buffer, 0, buffer.Length)) > 0) { ms.Write(buffer, 0, readc); } } return encode.GetString(ms.ToArray()); } } NameValueCollection ParseUrlParameters(string str_params) { NameValueCollection nc = new NameValueCollection(); foreach (string p in str_params.Split('&')) { string[] p_s = p.Split('='); nc.Add(p_s[0], p_s[1]); } return nc; } protected void Page_Load(object sender, EventArgs e) { // 成功授权后的回调地址 string redirect_uri = ConfigurationManager.AppSettings["redirect_uri"]; // 分配给应用的appid string client_id = ConfigurationManager.AppSettings["client_id"]; // 分配给网站的appkey string client_secret = ConfigurationManager.AppSettings["client_secret"]; // 用户的OpenID string strOpenId = Request.QueryString["openid"] ?? string.Empty; if (strOpenId.Length <= 0) { //Step1:获取Authorization Code string code = Request.QueryString["code"]; if (string.IsNullOrEmpty(code)) { //state参数用于防止CSRF攻击,成功授权后回调时会原样带回 Session["state"] = GenerateRndNonce();//md5(uniqid(rand(), TRUE)); string authorize_uri = string.Format("https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id={0}&redirect_uri={1}&state={2}", client_id, Server.UrlEncode(redirect_uri), Session["state"]); Response.Redirect(authorize_uri); } //Step2:通过Authorization Code获取Access Token if (Request["state"].ToString().Equals(Session["state"].ToString())) { // 解析access_token返回包 string token_uri = string.Format("https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&client_id={0}&client_secret={1}&code={2}&redirect_uri={3}", client_id, client_secret, code, redirect_uri); string accesstoken = file_get_contents(token_uri, Encoding.UTF8); NameValueCollection ps = ParseUrlParameters(accesstoken); string access_token = ps["access_token"]; string expires_in = ps["expires_in"]; string refresh_token = ps["refresh_token"]; // 解析OpenID返回包 string me_uri = string.Format("https://graph.qq.com/oauth2.0/me?access_token={0}", access_token); string callback = file_get_contents(me_uri, Encoding.UTF8); if (callback.Contains("callback")) { int lpos = callback.IndexOf("("); int rpos = callback.IndexOf(")"); callback = callback.Substring(lpos + 1, rpos - lpos - 1); } JObject jobject = JObject.Parse(callback); string openid = jobject["openid"].ToString(); //Step4:通过access_token,appid,openid获得用户信息 string get_user_info_uri = string.Format("https://graph.qq.com/user/get_user_info?access_token={0}&oauth_consumer_key={1}&openid={2}", access_token, client_id, openid); string user_info = file_get_contents(get_user_info_uri, Encoding.UTF8); jobject = JObject.Parse(user_info); Session["nickname"] = jobject["nickname"].ToString(); Session["figureurl_qq_2"] = jobject["figureurl_qq_2"].ToString(); string SQL = string.Format("SELECT * FROM _Users WHERE openid='{0}'", openid); DataTable dt = SQLServer.Select(SQL); if (dt.Rows.Count <= 0) { SQL = string.Format("INSERT INTO _Users([nickname],[openid]) VALUES('{0}','{1}')", Session["nickname"], openid); SQLServer.Execute(SQL); } // 授权并跳转 FormsAuthentication.SetAuthCookie(openid, false); Response.Redirect("index.aspx"); } } } } }