来自Google+ Sign-In for server-side apps
的示例代码 // Create a state token to prevent request forgery.
// Store it in the session for later validation.
$state = md5(rand());
$app['session']->set('state', $state);
// Set the client ID, token state, and application name in the HTML while
// serving it.
return $app['twig']->render('index.html', array(
'CLIENT_ID' => CLIENT_ID,
'STATE' => $state,
'APPLICATION_NAME' => APPLICATION_NAME
));
问题:如何在没有silex / twig的情况下进行服务器端工作?
答案 0 :(得分:3)
有两个答案,因为有两个你想要没有的库。
对于第一个(Silex):
// Create a state token to prevent request forgery.
// Store it in the session for later validation.
$state = md5(rand());
$app['session']->set('state', $state);
这只是存储一个会话变量供以后使用。这可以在PHP中轻松完成:
<?php
session_start();
$state = md5(rand());
$_SESSION['state'] = $state;
?>
稍后,您将通过比较客户端发送给$_SESSION['state']
的内容来验证客户端的正确状态值。
第二部分(Twig):
// Set the client ID, token state, and application name in the HTML while
// serving it.
return $app['twig']->render('index.html', array(
'CLIENT_ID' => CLIENT_ID,
'STATE' => $state,
'APPLICATION_NAME' => APPLICATION_NAME
));
这只是用已知值替换渲染HTML中的值。您可以通过使用PHP变量替换示例index.html中的 {{ VARIABLE_NAME }}
的每个实例(例如将{{ CLIENT_ID }}
更改为<?php echo $CLIENT_ID; ?>
)来执行此操作,然后,当然,在代码中设置该变量。
然后,您将调用您的PHP脚本,并读入您的脚本并返回index.html
文件。
修改强> 对于Step 7: Confirm the anti-request forgery state token on the server
// Ensure that this is no request forgery going on, and that the user
// sending us this connect request is the user that was supposed to.
if ($request->get('state') != ($app['session']->get('state'))) {
return new Response('Invalid state parameter', 401);
}
改为使用:
if ($_REQUEST['state'] != $_SESSION['state'])) {
header("HTTP/1.1 401 Unauthorized");
echo "Invalid state parameter";
exit;
}
Step 8: Initialize the Google API client library and start the Google+ service:
对于return new Response('{Message}', {HTTP status code});
的每一行,将其替换为
header("HTTP/1.1 {HTTP status code});
echo "{Message}";
exit;
然后代替
// Store the token in the session for later use.
$app['session']->set('token', json_encode($token));
$response = 'Succesfully connected with token: ' . print_r($token, true);
把
// Store the token in the session for later use.
$_SESSION['token'] = json_encode($token));
$response = 'Succesfully connected with token: ' . print_r($token, true);
答案 1 :(得分:3)
我使用此Client Library(PHP)
请测试此代码它是否正常工作
的index.php
<?php
session_start();
$data['state'] = md5(uniqid(rand(), true));
$_SESSION['state'] = $data['state'];
?>
<html itemscope itemtype="http://schema.org/Article">
<head>
<!-- BEGIN Pre-requisites -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js">
</script>
<meta name="google-signin-scope" content="https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.moments.write https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/plus.profile.agerange.read https://www.googleapis.com/auth/plus.profile.language.read https://www.googleapis.com/auth/plus.circles.members.read https://www.googleapis.com/auth/drive.file https://www.googleapis.com/auth/userinfo.email" />
<script type="text/javascript">
(function () {
var po = document.createElement('script');
po.type = 'text/javascript';
po.async = true;
po.src = 'https://plus.google.com/js/client:plusone.js';
var s = document.getElementsByTagName('script')[0];
s.parentNode.insertBefore(po, s);
})();
</script>
<!-- END Pre-requisites -->
</head>
<body>
<!-- Add where you want your sign-in button to render -->
<div id="signinButton">
<span class="g-signin"
data-scope="https://www.googleapis.com/auth/plus.login"
data-clientid="Your clientid"
data-redirecturi="postmessage"
data-accesstype="offline"
data-cookiepolicy="single_host_origin"
data-callback="signInCallback">
</span>
</div>
<button id="signoutButton" style="display:none" onclick="signout()">signout</button>
<div id="result"></div>
<script type="text/javascript">
function signInCallback(authResult) {
if (authResult['code']) {
// Hide the sign-in button now that the user is authorized, for example:
$('#signinButton').attr('style', 'display: none');
$('#signoutButton').attr('style', 'display: block');
var state = '<?php echo $_SESSION['state']; ?>';
var param = new Array();
var param = [authResult['code'],state];
// Send the code to the server
$.ajax({
type: 'POST',
url: 'plus.php?storeToken&state',
contentType: 'application/octet-stream; charset=utf-8',
success: function(result) {
// Handle or verify the server response if necessary.
console.log(result);
alert('connected');
},
processData: false,
data: param
});
} else if (authResult['error']) {
alert('Could not automatially log in the user');
console.log('There was an error: ' + authResult['error']);
}
}
function signout(){
gapi.auth.signOut();
$('#signoutButton').attr('style', 'display: none');
$('#signinButton').attr('style', 'display: block');
console.log('sign out');
}
</script>
</body>
</html>
plus.php
<?php
session_start();
require_once 'src/Google_Client.php';
require_once 'src/contrib/Google_PlusService.php';
$client = new Google_Client();
$CLIENT_ID = 'CLIENT ID';
$client->setClientId($CLIENT_ID);
$client->setClientSecret('Client Secret');
$client->setRedirectUri('postmessage');
$code = explode(",",file_get_contents('php://input'));
if (isset($code[1]) && $code[1] === $_SESSION['state'])
{
$plus = new Google_PlusService($client);
$client->authenticate($code[0]);
$token = json_decode($client->getAccessToken());
// Verify the token
$reqUrl = 'https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=' .
$token->access_token;
$req = new Google_HttpRequest($reqUrl);
$tokenInfo = json_decode(
$client::getIo()->authenticatedRequest($req)->getResponseBody());
$userId = $tokenInfo->user_id;
$userEmail = $tokenInfo->email;
// If there was an error in the token info, abort.
if (isset($tokenInfo->error)) {
print $tokenInfo->error;
}
// Make sure the token we got is for our app.
if ($tokenInfo->audience != $CLIENT_ID) {
print "Token's client ID does not match app's.";
}
print 'Token from result: ' . print_r($token, true);
print '<<<<<<<<<<< tokenInfo >>>>>>> ' . print_r($tokenInfo, true);
}
else
{
echo "Invalid state parameter";
}
请勿忘记添加CLIENT ID
和Client Secret
退出不在localhost中工作。