我正在尝试对基本代码进行一些自定义以对dropbox进行身份验证。我希望我的应用程序直接对用户进行dropbox身份验证,不涉及第三次身份验证。所以基本上我想要的唯一身份验证是针对Dropbox的。目前我遇到两个问题:
我收到以下与$_SESSION相关的php错误:
[Mon May 25 12:45:40.651325 2015] [:error] [pid 6568] [client 127.0.0.1:48900] PHP Fatal error: Uncaught exception 'Dropbox\\WebAuthException_Csrf' with message 'Expected '0_2rtH-FFcAqzX4JLKPVKw==', got 'zdmJEkNgto3lA7qAgGW2SQ=='.' in /var/www/php/oauth/vendor/dropbox/dropbox-sdk/lib/Dropbox/WebAuth.php:242\nStack trace:\n#0 /var/www/php/oauth/web/dropbox_finish.php(11): Dropbox\\WebAuth->finish(Array)\n#1 {main}\n thrown in /var/www/php/oauth/vendor/dropbox/dropbox-sdk/lib/Dropbox/WebAuth.php on line 242
这是我的代码start.php:
session_start();
require_once __DIR__.'/../vendor/autoload.php';
$key = "fttwagu78r37ped";
$secret = "9s10lkjhrwpujbl";
$GLOBALS['app_name'] = "oauth-php/1.0";
$GLOBALS['redirectURI'] = "https://oauth.dev/dropbox_finish.php";
$GLOBALS['HomeURI'] = "https://oauth.dev";
$appInfo = new Dropbox\AppInfo($key, $secret);
$csrfTokenStore = new Dropbox\ArrayEntryStore($_SESSION, 'dropbox-auth-csrf-token');
$webAuth = new Dropbox\WebAuth($appInfo, $GLOBALS['app_name'], $GLOBALS['redirectURI'], $csrfTokenStore);
$authURL = $webAuth->start();
header("Location: $authURL");
和dropbox_finish.php:
require_once "../app/start.php";
try {
list($accessToken, $userId, $urlState) = $webAuth->finish($_GET);
assert($urlState === null); // Since we didn't pass anything in start()
}
catch (dbx\WebAuthException_BadRequest $ex) {
error_log("/dropbox-auth-finish: bad request: " . $ex->getMessage());
// Respond with an HTTP 400 and display error page...
}
任何人都可以帮我这个吗?
答案 0 :(得分:1)
您似乎在start.php中加入dropbox_finish.php,但start.php调用$webAuth->start(),然后重定向用户。
确保dropbox_finish.php中包含的部分没有该电话,并且未设置Location标题。