使用curl在php中的OAuth 2.0

时间:2014-08-21 10:24:35

标签: php curl oauth-2.0 google-api http-post

我需要让我的access_token和refresh_token for OAuth 2.0来访问Google API,下面的php脚本应该返回一个带有access_token的json,refresh_token就像这样:

{
  "access_token" : "####",
  "token_type" : "Bearer",
  "expires_in" : 3600,
  "refresh_token" : "####"
}

但是,php脚本只返回此错误消息:

{
"error" : "invalid_request",
"error_description" : "Client must specify either client_id or client_assertion, not both"
}

我尝试删除client_secret / client_id并仅使用client_id / client_secret,但仍然会收到相同的错误。

PHP脚本

$client_id = '###.apps.googleusercontent.com';
$redirect_uri = 'http://localhost/phpConnectToDB/csv/refreshFusionTable.php';
$client_secret = '###';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://accounts.google.com/o/oauth2/token");

$code = $_REQUEST['code'];

curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);


curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'code' => $code,
'client_id' => $clientID,
'client_secret' => $clientSecret,
'redirect_uri' => $redirect_uri,
'grant_type' => 'authorization_code'
));

$data = curl_exec($ch);

var_dump($data);

尽管cmd中的curl有效并且返回我的访问权限并刷新令牌而没有任何错误。

curl --data "code=###&client_id=###.apps.googleusercontent.com&client_secret=###&redirect_uri=http://localhost/phpConnectToDB/csv/refreshFusionTable.php&grant_type=authorization_code" https://accounts.google.com/o/oauth2/token

虽然.php脚本存在并且它位于给定路径上,但我不明白为什么我会得到丢失的方案错误。你能帮帮我吗?

编辑

问题" redirect_uri的参数值无效:缺少方案"解决了,我刚刚更换了' redirect_uri' => urlencode($ redirect_uri),这个' redirect_uri' => $ redirect_uri,CURLOPT_POSTFIELDS。

1 个答案:

答案 0 :(得分:4)

哇,愚蠢的错误,我应该休息一下。

变量名称不匹配。 我定义了:

$client_id = '###.apps.googleusercontent.com';
$client_secret = '###';

但是我在这里使用了一个不存在的clientID,clientSecret 

curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'code' => $code,
'client_id' => $clientID,
'client_secret' => $clientSecret,
'redirect_uri' => $redirect_uri,
'grant_type' => 'authorization_code'
));

修复并运行PHP脚本

$client_id = '###.apps.googleusercontent.com';
$redirect_uri = 'http://localhost/phpConnectToDB/csv/refreshFusionTable.php';
$client_secret = '###';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://accounts.google.com/o/oauth2/token");

curl_setopt($ch, CURLOPT_POST, TRUE);

$code = $_REQUEST['code'];

// This option is set to TRUE so that the response
// doesnot get printed and is stored directly in
// the variable
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'code' => $code,
'client_id' => $client_id,
'client_secret' => $client_secret,
'redirect_uri' => $redirect_uri,
'grant_type' => 'authorization_code'
));

$data = curl_exec($ch);

var_dump($data);

但我不得不说,谷歌在这里提供了一些误导性的错误信息,因为我既没有定义client_id也没有定义client_secret,错误信息是:

{
"error" : "invalid_request",
"error_description" : "Client must specify either client_id or client_assertion, not both"
}
相关问题
最新问题