我正在编写以下代码来获取授权令牌。
为代码变量
分配授权$code = $this->request->query['code'];
我删除了我的客户密码以发布问题。
$clientSecret = "";
初始化卷曲
$ch = curl_init();
$header[] = "Content-Type: application/x-www-form-urlencoded";
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, urlencode("code=".$code."&
client_id=289710071999.apps.googleusercontent.com&
client_secret=".$clientSecret."&
redirect_uri=http://budzzflorist.localhost.com/users/google&
grant_type=authorization_code"));
curl_setopt($ch, CURLOPT_URL, "https://accounts.google.com/o/oauth2/token");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$request_result = curl_exec($ch);
print_r(curl_getinfo($ch));
echo "\n\ncURL error number:" .curl_errno($ch); // print error info
echo "\n\ncURL error:" . curl_error($ch);
var_dump( json_decode($request_result,true));
答案 0 :(得分:0)
您对urlencode的来电是错误的。事实上它实际上是编码整个post参数字符串,只有值(而不是键)应该是URL编码。
此外,您应该考虑使用以下行代替您的行,因为cURL将自动为您编码所有内容:
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'code' => $code,
'client_id' => $clientId,
'client_secret' => $clientSecret,
'redirect_uri' => 'http://example.org',
'grant_type' => 'authorization_code'
));
更新:这对我有用:
申请令牌
curl_setopt_array($ch, array(
CURLOPT_POST => false,
CURLOPT_POSTFIELDS => array(
'response_type' => 'code',
'client_id' => $clientId,
'redirect_uri' => 'http://example.org/auth/google/callback',
'scope' => 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile'
),
CURLOPT_URL => 'https://accounts.google.com/o/oauth2/auth',
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_RETURNTRANSFER => true
));
$request_result = curl_exec($ch);
<强>回调
curl_setopt_array($ch, array(
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => array(
'code' => $code,
'client_id' => $clientId,
'client_secret' => $clientSecret,
'redirect_uri' => 'http://example.org',
'grant_type' => 'authorization_code'
),
CURLOPT_URL => 'https://accounts.google.com/o/oauth2/token',
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_RETURNTRANSFER => true
));
$request_result = curl_exec($ch);
答案 1 :(得分:0)
Google似乎希望表单为application/x-www-urlencoded。
试试这个:
$ch = curl_init();
$code = '123';
$clientSecret = '45686';
$postFields = array('code' => $code,
'client_id' => '289710071999.apps.googleusercontent.com',
'client_secret' => $clientSecret,
'redirect_uri' => 'http://budzzflorist.localhost.com/users/google',
'grant_type' => 'authorization_code');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postFields));
curl_setopt($ch, CURLOPT_URL, "https://accounts.google.com/o/oauth2/token");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$request_result = curl_exec($ch);
var_dump( json_decode($request_result,true));
结果:invalid_client因为我的令牌不正确,但不是invalid_request。
如果将数组传递给CURLOPT_POSTFIELDS,则cURL将强制内容类型为multipart/form-data,这是导致无效请求的原因。而是使用http_build_query从基于键值对的数组创建URL编码的查询字符串。然后将结果传递给CURLOPT_POSTFIELDS。