为了账号安全,请及时绑定邮箱和手机立即绑定

Google API PHP 客户端授权

首页 猿问 Google API PHP 客户端授权

Google API PHP 客户端授权

PHP
素胚勾勒不出你 2023-04-28 15:50:28
我在授权某些请求时遇到问题,并且收到 401“无效凭据”错误。申请流程如下。用户使用 Google 登录按钮登录我的网站。我正在使用离线访问参数,并且正在会话中保存刷新令牌。用户登录后,我试图从他们的 YouTube 帐户中检索他们所有的播放列表(公共和私人)。$client->setScopes('https://www.googleapis.com/auth/youtube.readonly');if (isset($_SESSION['googletoken']['refresh_token'])){$client->setAccessToken($_SESSION['googletoken']['refresh_token']);}$tokenSessionKey = $client->prepareScopes();$params = ['maxResults' => 1,'mine' => true];try{  $queryParams = [  'maxResults' => 1,  'mine' => true];  $listResponse = $youtube->playlists->listPlaylists('snippet', $queryParams);
查看完整描述

1 回答

?
莫回无

TA贡献1865条经验 获得超7个赞

您正在使用刷新令牌设置访问令牌您应该使用

$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());

Oauthcallback.php

require_once __DIR__ . '/vendor/autoload.php';

require_once __DIR__ . '/Oauth2Authentication.php';


// Start a session to persist credentials.

session_start();

Oauth2Authncation.php

require_once __DIR__ . '/vendor/autoload.php';

/**

 * Gets the Google client refreshing auth if needed.

 * Documentation: https://developers.google.com/identity/protocols/OAuth2

 * Initializes a client object.

 * @return A google client object.

 */

function getGoogleClient() {

    $client = getOauth2Client();


    // Refresh the token if it's expired.

    if ($client->isAccessTokenExpired()) {

        $client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());

        file_put_contents($credentialsPath, json_encode($client->getAccessToken()));

    }

return $client;

}


/**

 * Builds the Google client object.

 * Documentation: https://developers.google.com/identity/protocols/OAuth2

 * Scopes will need to be changed depending upon the API's being accessed.

 * Example:  array(Google_Service_Analytics::ANALYTICS_READONLY, Google_Service_Analytics::ANALYTICS)

 * List of Google Scopes: https://developers.google.com/identity/protocols/googlescopes

 * @return A google client object.

 */

function buildClient(){


    $client = new Google_Client();

    $client->setAccessType("offline");        // offline access.  Will result in a refresh token

    $client->setIncludeGrantedScopes(true);   // incremental auth

    $client->setAuthConfig(__DIR__ . '/client_secrets.json');

    $client->addScope([YOUR SCOPES HERE]);

    $client->setRedirectUri(getRedirectUri());  

    return $client;

}


/**

 * Builds the redirect uri.

 * Documentation: https://developers.google.com/api-client-library/python/auth/installed-app#choosingredirecturi

 * Hostname and current server path are needed to redirect to oauth2callback.php

 * @return A redirect uri.

 */

function getRedirectUri(){


    //Building Redirect URI

    $url = $_SERVER['REQUEST_URI'];                    //returns the current URL

    if(strrpos($url, '?') > 0)

        $url = substr($url, 0, strrpos($url, '?') );  // Removing any parameters.

    $folder = substr($url, 0, strrpos($url, '/') );   // Removeing current file.

    return (isset($_SERVER['HTTPS']) ? "https" : "http") . '://' . $_SERVER['HTTP_HOST'] . $folder. '/oauth2callback.php';

}



/**

 * Authenticating to Google using Oauth2

 * Documentation:  https://developers.google.com/identity/protocols/OAuth2

 * Returns a Google client with refresh token and access tokens set. 

 *  If not authencated then we will redirect to request authencation.

 * @return A google client object.

 */

function getOauth2Client() {

    try {


        $client = buildClient();


        // Set the refresh token on the client. 

        if (isset($_SESSION['refresh_token']) && $_SESSION['refresh_token']) {

            $client->refreshToken($_SESSION['refresh_token']);

        }


        // If the user has already authorized this app then get an access token

        // else redirect to ask the user to authorize access to Google Analytics.

        if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {


            // Set the access token on the client.

            $client->setAccessToken($_SESSION['access_token']);                 


            // Refresh the access token if it's expired.

            if ($client->isAccessTokenExpired()) {              

                $client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());

                $client->setAccessToken($client->getAccessToken()); 

                $_SESSION['access_token'] = $client->getAccessToken();              

            }           

            return $client; 

        } else {

            // We do not have access request access.

            header('Location: ' . filter_var( $client->getRedirectUri(), FILTER_SANITIZE_URL));

        }

    } catch (Exception $e) {

        print "An error occurred: " . $e->getMessage();

    }

}


// Handle authorization flow from the server.

if (! isset($_GET['code'])) {

    $client = buildClient();

    $auth_url = $client->createAuthUrl();

    header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));

} else {

    $client = buildClient();

    $client->authenticate($_GET['code']); // Exchange the authencation code for a refresh token and access token.

    // Add access token and refresh token to seession.

    $_SESSION['access_token'] = $client->getAccessToken();

    $_SESSION['refresh_token'] = $client->getRefreshToken();    

    //Redirect back to main script

    $redirect_uri = str_replace("oauth2callback.php",$_SESSION['mainScript'],$client->getRedirectUri());    

    header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));

}


查看完整回答
反对 回复 2023-04-28
  • 1 回答
  • 0 关注
  • 156 浏览

添加回答

了解更多

举报

0/150
提交
取消
意见反馈 帮助中心 APP下载
官方微信