这是我使用google plus api获取用户信息的php代码。我已取消设置访问令牌,以防用户点击注销但仍然注销不起作用。一旦我获得任何用户的信息,然后在注销并再次连接后,我仍然获得相同的用户信息,并且无法使用不同的电子邮件ID登录。
<?php
error_reporting(E_ERROR | E_PARSE);
include_once "templates/base.php";
session_start();
set_include_path("google-api-php-client-master/src/" . PATH_SEPARATOR . get_include_path());
require_once 'Google/Client.php';
require_once 'Google/Service/Plus.php';
require_once 'Google/Service/Oauth2.php';
$client_id = '554944507188-jvl2lg6l70dfmee1qad8rguircdfesba.apps.googleusercontent.com';
$client_secret = '-kcfgfqWdhk9sDNOO8LC9N6A';
$redirect_uri = 'http://localhost:81/googleplus/redirect.php';
$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->setDeveloperKey('AIzaSyCWdr3JGvgOZ0lPX9R6hJP4Y00J-R2Ksgg');
$plus = new Google_Service_Plus($client);
$google_oauthV2 = new Google_Service_Oauth2($client);
$client->setScopes('https://www.googleapis.com/auth/plus.login');
$client->setScopes('email');
/************************************************
If we're logging out we just need to clear our
local access token in this case
************************************************/
if (isset($_REQUEST['logout'])) {
unset($_SESSION['access_token']);
}
/************************************************
If we have a code back from the OAuth 2.0 flow,
we need to exchange that with the authenticate()
function. We store the resultant access token
bundle in the session, and redirect to ourself.
************************************************/
if (isset($_GET['code'])) {
$client->authenticate($_GET['code']);
$_SESSION['access_token'] = $client->getAccessToken();
$redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
}
/************************************************
If we have an access token, we can make
requests, else we generate an authentication URL.
************************************************/
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
} else {
$authUrl = $client->createAuthUrl();
}
/************************************************
If we're signed in we can go ahead and retrieve
the ID token, which is part of the bundle of
data that is exchange in the authenticate step
- we only need to do a network call if we have
to retrieve the Google certificate to verify it,
and that can be cached.
************************************************/
if ($client->getAccessToken()) {
$_SESSION['access_token'] = $client->getAccessToken();
$token_data = $client->verifyIdToken()->getAttributes();
$user = $google_oauthV2->userinfo->get();
$me = $plus->people->get('me');
}
echo pageHeader("GOOGLE+ API for Information Retrival");
if (
$client_id == ' '
|| $client_secret == ' '
|| $redirect_uri == ' ') {
echo missingClientSecretsWarning();
}
?>
<div class="box">
<div class="request">
<?php if (isset($authUrl)): ?>
<a class='login' href='<?php echo $authUrl; ?>'>Connect Me!</a>
<?php else: ?>
<a class='logout' href='index.php?logout'>Logout</a>
<?php endif ?>
</div>
</div>
答案 0 :(得分:4)
这个怎么样?
if (isset($_REQUEST['logout'])) {
unset($_SESSION['access_token']);
header('Location: https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']);
}