在我的网站上查看Dwolla's API documentation并尝试oauth.php example code (code shown below),我不清楚是否可以在不重定向到Dwolla页面的情况下生成访问令牌。
从UI / UX角度来看,从我的网站重定向到他们的网站回到我的网站是非常糟糕的,并不比Paypal提供的糟糕界面更好。
有谁知道如何使用AJAX生成Dwolla访问令牌?
<?php
// Include the Dwolla REST Client
require '../lib/dwolla.php';
// Include any required keys
require '_keys.php';
// OAuth parameters
$redirectUri = 'http://localhost:8888/oauth.php'; // Point back to this file/URL
$permissions = array("Send", "Transactions", "Balance", "Request", "Contacts", "AccountInfoFull", "Funding");
// Instantiate a new Dwolla REST Client
$Dwolla = new DwollaRestClient($apiKey, $apiSecret, $redirectUri, $permissions);
/**
* STEP 1:
* Create an authentication URL
* that the user will be redirected to
**/
if(!isset($_GET['code']) && !isset($_GET['error'])) {
$authUrl = $Dwolla->getAuthUrl();
header("Location: {$authUrl}");
}
/**
* STEP 2:
* Exchange the temporary code given
* to us in the querystring, for
* a never-expiring OAuth access token
**/
if(isset($_GET['error'])) {
echo "There was an error. Dwolla said: {$_GET['error_description']}";
}
else if(isset($_GET['code'])) {
$code = $_GET['code'];
$token = $Dwolla->requestToken($code);
if(!$token) { $Dwolla->getError(); } // Check for errors
else {
session_start();
$_SESSION['token'] = $token;
echo "Your access token is: {$token}";
} // Print the access token
}
答案 0 :(得分:2)
TL; DR - 不,这不是OAuth的工作原理
OAuth方案的重点在于您要使用的服务的网站上的身份验证,在本例中为Dwolla。通过强制用户转到他们的页面,它确保了一些事情: