微信OAuth认证:
知乎利用微信OAuth 认证登录 URL
1.
用户点击微信请求code
GET
https://open.weixin.qq.com/connect/qrconnect?scope=snsapi_login&redirect_uri=http%3A%2F%2Fwww.zhihu.com%2Foauth%2Fcallback%2Flogin%2Fwechat&response_type=code&appid=wx268fcfe924dcb171#wechat&state=96d7166044944f047126db603cdc532c
scope:snsapi_login
redirect_uri:回调登录URL
response_type:code
appid:wx268fcfe924dcb171#wechat
state:这个是状态 用来预防CSRF
2.
循环调用此URL 等待用户确认登录
GET
https://long.open.weixin.qq.com/connect/l/qrconnect?uuid=041WZ2j-tMY-Aaeo&last=404&_=1437535303996
微信返回code
http://www.zhihu.com/oauth/callback/login/wechat?code=011a67ca36407ec524b3f8415369389p&state=
3. 知乎利用返回的code 请求access_token
POST
https://api.weixin.qq.com/sns/oauth2/access_token
client_id:$app_id
client_secret:$app_secret
code:$code
grant_type:authorization_code
redirect_uri:callback_url
微信返回 access_token
4. GET
https://api.weixin.qq.com/sns/userinfo/openid=28983933656&access_token=$access_token
从微信得到资源得到资源