没有在php中使用google + api注销

时间:2014-06-23 06:04:23

标签: php google-api google-api-php-client google-api-client

这是我使用google plus api获取用户信息的php代码。我已取消设置访问令牌,以防用户点击注销但仍然注销不起作用。一旦我获得任何用户的信息,然后在注销并再次连接后,我仍然获得相同的用户信息,并且无法使用不同的电子邮件ID登录。

<?php
error_reporting(E_ERROR | E_PARSE);
include_once "templates/base.php";
session_start();

set_include_path("google-api-php-client-master/src/" . PATH_SEPARATOR .     get_include_path());
require_once 'Google/Client.php';
require_once 'Google/Service/Plus.php';
require_once 'Google/Service/Oauth2.php';
$client_id = '554944507188-jvl2lg6l70dfmee1qad8rguircdfesba.apps.googleusercontent.com';
$client_secret = '-kcfgfqWdhk9sDNOO8LC9N6A';
$redirect_uri = 'http://localhost:81/googleplus/redirect.php';
$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->setDeveloperKey('AIzaSyCWdr3JGvgOZ0lPX9R6hJP4Y00J-R2Ksgg');
$plus = new Google_Service_Plus($client);
$google_oauthV2 = new Google_Service_Oauth2($client);

$client->setScopes('https://www.googleapis.com/auth/plus.login');
$client->setScopes('email');

/************************************************
  If we're logging out we just need to clear our
  local access token in this case
 ************************************************/
if (isset($_REQUEST['logout'])) {
  unset($_SESSION['access_token']); 

}

/************************************************
  If we have a code back from the OAuth 2.0 flow,
  we need to exchange that with the authenticate()
  function. We store the resultant access token
  bundle in the session, and redirect to ourself.
 ************************************************/
if (isset($_GET['code'])) {
  $client->authenticate($_GET['code']);
  $_SESSION['access_token'] = $client->getAccessToken();
  $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
  header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
}

/************************************************
  If we have an access token, we can make
  requests, else we generate an authentication URL.
 ************************************************/
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
  $client->setAccessToken($_SESSION['access_token']);
} else {
  $authUrl = $client->createAuthUrl();
}

/************************************************
  If we're signed in we can go ahead and retrieve
  the ID token, which is part of the bundle of
  data that is exchange in the authenticate step
  - we only need to do a network call if we have
  to retrieve the Google certificate to verify it,
  and that can be cached.
 ************************************************/
if ($client->getAccessToken()) {
  $_SESSION['access_token'] = $client->getAccessToken();
  $token_data = $client->verifyIdToken()->getAttributes();
  $user = $google_oauthV2->userinfo->get();
  $me = $plus->people->get('me');
}

echo pageHeader("GOOGLE+ API for Information Retrival");
if (
    $client_id == ' '
    || $client_secret == ' '
    || $redirect_uri == ' ') {
  echo missingClientSecretsWarning();
}
?>
<div class="box">
  <div class="request">
    <?php if (isset($authUrl)): ?>
      <a class='login' href='<?php echo $authUrl; ?>'>Connect Me!</a>
    <?php else: ?>
      <a class='logout' href='index.php?logout'>Logout</a>
    <?php endif ?>
  </div>
 </div>

1 个答案:

答案 0 :(得分:4)

这个怎么样?

if (isset($_REQUEST['logout'])) {
    unset($_SESSION['access_token']);
    header('Location: https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']);
}