| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235 |
- # -*- coding: utf-8 -*-
- """
- wechatpy.oauth
- ~~~~~~~~~~~~~~~
- This module provides OAuth2 library for WeChat
- :copyright: (c) 2014 by messense.
- :license: MIT, see LICENSE for more details.
- """
- from __future__ import absolute_import, unicode_literals
- import requests
- import six
- from six.moves.urllib.parse import quote
- from library import to_binary, to_text
- from library.wechatbase.exceptions import WeChatOAuthException
- from library.wechatpy.utils import json
- class WeChatOAuth(object):
- """ 微信公众平台 OAuth 网页授权
- 详情请参考
- https://open.weixin.qq.com/cgi-bin/showdocument?action=dir_list&t=resource/res_list&verify=1&id=open1419316505
- """
- API_BASE_URL = 'https://api.weixin.qq.com/'
- OAUTH_BASE_URL = 'https://open.weixin.qq.com/connect/'
- def __str__(self):
- _repr = '{kclass}(appid: {appid})'.format(
- kclass = self.__class__.__name__,
- appid = self.app_id)
- if six.PY2:
- return to_binary(_repr)
- else:
- return to_text(_repr)
- def __repr__(self):
- return str(self)
- def __init__(self, app_id, secret, scope = 'snsapi_base', state = ''):
- """
- :param app_id: 微信公众号 app_id
- :param secret: 微信公众号 secret
- :param scope: 可选,微信公众号 OAuth2 scope,默认为 ``snsapi_base``
- :param state: 可选,微信公众号 OAuth2 state
- """
- self.app_id = app_id
- self.secret = secret
- self.scope = scope
- self.state = state
- def _request(self, method, url_or_endpoint, **kwargs):
- if not url_or_endpoint.startswith(('http://', 'https://')):
- url = '{base}{endpoint}'.format(
- base = self.API_BASE_URL,
- endpoint = url_or_endpoint
- )
- else:
- url = url_or_endpoint
- if isinstance(kwargs.get('data', ''), dict):
- body = json.dumps(kwargs['data'], ensure_ascii = False)
- body = body.encode('utf-8')
- kwargs['data'] = body
- kwargs['timeout'] = kwargs.get('timeout', 15)
- with requests.sessions.Session() as session:
- res = session.request(
- method = method,
- url = url,
- **kwargs
- )
- try:
- res.raise_for_status()
- except requests.RequestException as reqe:
- raise WeChatOAuthException(
- errCode = 'HTTP{}'.format(res.status_code),
- errMsg = reqe.message,
- client = self,
- request = reqe.request,
- response = reqe.response
- )
- result = json.loads(res.content.decode('utf-8', 'ignore'), strict = False)
- if 'errcode' in result and result['errcode'] != 0:
- errcode = result['errcode']
- errmsg = result['errmsg']
- raise WeChatOAuthException(
- errCode = errcode,
- errMsg = errmsg,
- client = self,
- request = res.request,
- response = res
- )
- return result
- def _get(self, url, **kwargs):
- return self._request(
- method = 'get',
- url_or_endpoint = url,
- **kwargs
- )
- def authorize_url(self, redirect_uri):
- """获取授权跳转地址
- :return: URL 地址
- """
- redirect_uri = quote(redirect_uri, safe = b'')
- url_list = [
- self.OAUTH_BASE_URL,
- 'oauth2/authorize?appid=',
- self.app_id,
- '&redirect_uri=',
- redirect_uri,
- '&response_type=code&scope=',
- self.scope
- ]
- if self.state:
- url_list.extend(['&state=', self.state])
- else:
- url_list.extend(['&state=', ''])
- url_list.extend(['&connect_redirect=', '1'])
- url_list.append('#wechat_redirect')
- return ''.join(url_list)
- def qrconnect_url(self, redirect_uri):
- """生成扫码登录地址
- :return: URL 地址
- """
- redirect_uri = quote(redirect_uri, safe = b'')
- url_list = [
- self.OAUTH_BASE_URL,
- 'qrconnect?appid=',
- self.app_id,
- '&redirect_uri=',
- redirect_uri,
- '&response_type=code&scope=',
- 'snsapi_login' # scope
- ]
- if self.state:
- url_list.extend(['&state=', self.state])
- url_list.append('#wechat_redirect')
- return ''.join(url_list)
- def get_oauth_token(self, auth_code):
- """获取网页授权access token
- :param auth_code: 授权完成跳转回来后 URL 中的 code 参数
- :return: JSON 数据包
- """
- res = self._get(
- 'sns/oauth2/access_token',
- params = {
- 'appid': self.app_id,
- 'secret': self.secret,
- 'code': auth_code,
- 'grant_type': 'authorization_code'
- }
- )
- return res
- def refresh_access_token(self, refresh_token):
- """刷新 access token
- :param refresh_token: OAuth2 refresh token
- :return: JSON 数据包
- """
- res = self._get(
- 'sns/oauth2/refresh_token',
- params = {
- 'appid': self.app_id,
- 'grant_type': 'refresh_token',
- 'refresh_token': refresh_token
- }
- )
- return res
- def get_user_info(self, openid, access_token, lang = 'zh_CN'):
- """获取用户信息
- :param openid: 微信 openid,默认获取当前授权用户信息
- :param access_token: 网页授权access token
- :param lang: 可选,语言偏好, 默认为 ``zh_CN``
- :return: JSON 数据包
- """
- return self._get(
- 'sns/userinfo',
- params = {
- 'access_token': access_token,
- 'openid': openid,
- 'lang': lang
- }
- )
- def check_access_token(self, openid, access_token):
- """检查 access_token 有效性
- :param openid: 微信 openid,默认获取当前授权用户信息
- :param access_token: 网页授权access token
- :return: 有效返回 True,否则 False
- """
- res = self._get(
- 'sns/auth',
- params = {
- 'access_token': access_token,
- 'openid': openid
- }
- )
- if res['errcode'] == 0:
- return True
- return False
- def jscode2session(self, js_code):
- """
- 小程序获取 session_key 和 openid
- """
- url = "https://api.weixin.qq.com/sns/jscode2session"
- args = dict()
- args.setdefault("appid", self.app_id)
- args.setdefault("secret", self.secret)
- args.setdefault("js_code", js_code)
- args.setdefault("grant_type", "authorization_code")
- return self._get('sns/jscode2session', params = args)
|
