我正在尝试构建一个访问Google AnalyticsAPI并提取数据的网络应用。但是,我在OAuth 2.0授权方面遇到了一些问题。
它允许成功的初始访问,但它很快就会把我踢出去并抛出一个Google_Auth_Exception并显示消息'错误提取OAuth2访问令牌,消息:' invalid_grant''当我点击刷新页面的提交按钮时。
据我了解OAuth 2.0,验证有4个步骤:
据我了解,$ client-> setAccessToken();自动刷新令牌。
我似乎无法找到谷歌的任何文件,因为他们搬到了Github,我大部分都遵循了他们的示例结构。
当它尝试执行$ client-> authenticate时,会从第一个try块抛出错误($ _ GET [' code']);
我目前的解决方法是取消设置会话令牌,并让用户重新授权。但是,这非常麻烦和干扰,因为与页面的任何交互都会要求重新授权。
非常感谢任何帮助!
这是我的代码:
<?php
/**********************
OAUTH 2.0 AUTHORIZATION
***********************/
//required libraries
set_include_path("../src/" . PATH_SEPARATOR . get_include_path());
require_once 'Google/Client.php';
require_once 'Google/Service/Analytics.php';
//variables
$client_id = 'redacted';
$client_secret = 'redacted';
$redirect_uri = 'http://'.$_SERVER["HTTP_HOST"].$_SERVER['PHP_SELF'];
$dev_key = 'redacted';
//create a Google client
$client = new Google_Client();
$client->setApplicationName('App');
//sets client's API information
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->setDeveloperKey($dev_key);
$client->setScopes(array('https://www.googleapis.com/auth/analytics.readonly'));
//if log out is requested, revoke the access
if (isset($_REQUEST['logout'])) {
unset($_SESSION['token']);
}
//check if authorization code is in the URL
try{
if (isset($_GET['code'])) {
$client->authenticate($_GET['code']); //does authorization work
$_SESSION['access_token'] = $client->getAccessToken(); //gets valid access token
$redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; //set into session storage
header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL)); //cleans up the URL
}
}
//if the authorization code is now invalid
catch (Google_Auth_Exception $e) {
unset($_SESSION['token']); //unset the session token
echo "Token now invalid, please revalidate. <br>";
}
//if there is an access token in the session storage
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']); //set the client's access token
//try creating an analytics object
try {
$analytics = new Google_Service_Analytics($client);
echo 'Created Google Analytics Client successfully! <br><br>';
}
catch (Google_Auth_Exception $e) {
echo 'Need authorization!';
}
} else {
$authUrl = $client->createAuthUrl(); //create one
echo "<a class='login' href='$authUrl'><button>Authorize Google Access</button></a>"; //print button
}
答案 0 :(得分:7)
我解决了这个问题。我试图两次授权相同的身份验证代码,因此它返回了invalid_grant错误。
我的解决方案是重写大部分代码并修复OAuth2逻辑。
我在下面创建了OAuth2身份验证流程的小型教程:
<?php
session_start(); // Create a session
/**************************
* Google Client Configuration
*
* You may want to consider a modular approach,
* and do the following in a separate PHP file.
***************************/
/* Required Google libraries */
require_once 'Google/Client.php';
require_once 'Google/Service/Analytics.php';
/* API client information */
$clientId = 'YOUR-CLIENT-ID-HERE';
$clientSecret = 'YOUR-CLIENT-SECRET-HERE';
$redirectUri = 'http://www.example.com/';
$devKey = 'YOUR-DEVELOPER-KEY-HERE';
// Create a Google Client.
$client = new Google_Client();
$client->setApplicationName('App'); // Set your app name here
/* Configure the Google Client with your API information */
// Set Client ID and Secret.
$client->setClientId($clientId);
$client->setClientSecret($clientSecret);
// Set Redirect URL here - this should match the one you supplied.
$client->setRedirectUri($redirectUri);
// Set Developer Key and your Application Scopes.
$client->setDeveloperKey($devKey);
$client->setScopes(
array('https://www.googleapis.com/auth/analytics.readonly')
);
/**************************
* OAuth2 Authentication Flow
*
* You may want to consider a modular approach,
* and do the following in a separate PHP file.
***************************/
// Create a Google Analytics Service using the configured Google Client.
$analytics = new Google_Service_Analytics($client);
// Check if there is a logout request in the URL.
if (isset($_REQUEST['logout'])) {
// Clear the access token from the session storage.
unset($_SESSION['access_token']);
}
// Check if there is an authentication code in the URL.
// The authentication code is appended to the URL after
// the user is successfully redirected from authentication.
if (isset($_GET['code'])) {
// Exchange the authentication code with the Google Client.
$client->authenticate($_GET['code']);
// Retrieve the access token from the Google Client.
// In this example, we are storing the access token in
// the session storage - you may want to use a database instead.
$_SESSION['access_token'] = $client->getAccessToken();
// Once the access token is retrieved, you no longer need the
// authorization code in the URL. Redirect the user to a clean URL.
header('Location: '.filter_var($redirectUri, FILTER_SANITIZE_URL));
}
// If an access token exists in the session storage, you may use it
// to authenticate the Google Client for authorized usage.
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
}
// If the Google Client does not have an authenticated access token,
// have the user go through the OAuth2 authentication flow.
if (!$client->getAccessToken()) {
// Get the OAuth2 authentication URL.
$authUrl = $client->createAuthUrl();
/* Have the user access the URL and authenticate here */
// Display the authentication URL here.
}
/**************************
* OAuth2 Authentication Complete
*
* Insert your API calls here
***************************/
希望这有助于将来陷入困境!
答案 1 :(得分:0)
在我的情况下,这是重新认证的问题。我正在测试api并获得了代码。要获取访问令牌,我必须撤消帐户部分 - &gt; security-&gt;应用连接的访问权限。现在选择您的应用名称并将其删除。现在尝试一下,你就会得到令牌响应。
错误是:未捕获的异常'Google_Auth_Exception',显示消息'获取OAuth2访问令牌时出错,消息:'invalid_grant:代码已被兑换
答案 2 :(得分:-2)
添加后
header('Location: '.filter_var($redirectUri, FILTER_SANITIZE_URL));
我收到错误消息Invalid Request Parameter。怎么解决?