我只是想在我的网站上实现一个简单的Google登录功能。
但到目前为止,我所遵循的所有教程都没有奏效。
Google tutorial我已经按照这个到最后,下载了api,不完全了解如何使用它。我一直试图解决它,但是,以前工作的代码现在不能正常工作(给我500服务器错误)。也许我超出了每日限制或什么?
Youtube tutorial 1平局无效,php文件出现500服务器错误。
Youtube tutorial 2没有用。没花太多时间在这个上面,因为它可能由于年龄而不兼容。
我做了什么并设置了
POST['idtoken']发送到后端(PHP)并在控制台中显示结果我需要做什么
我已阅读了许多文章here,但它似乎越来越远离我正在尝试做的事情。只是试图安全地签署用户。
信息,链接,提示,非常感谢。
这是我的代码。我还从here下载了一个zip文件夹,并将其放入我的htdocs文件夹中,该文件夹由localhost访问。我删除了ClientID和ClientSecret for Security。
SignFrontEnd.php
<html>
<head>
<meta name="google-signin-client_id" content="<MYClientID>">
<title></title>
</head>
<body>
<script src="https://apis.google.com/js/platform.js" async defer></script>
<script type="text/javascript">
function onSignIn(googleUser) {
var profile = googleUser.getBasicProfile();
console.log('ID: ' + profile.getId()); // Do not send to your backend! Use an ID token instead.
console.log('Name: ' + profile.getName());
console.log('Image URL: ' + profile.getImageUrl());
console.log('Email: ' + profile.getEmail());
var id_token = googleUser.getAuthResponse().id_token;
var xhr = new XMLHttpRequest();
// xhr.open('POST', 'https://yourbackend.example.com/tokensignin');
xhr.open('POST', '/google-api-php-client-1-master/Dreolo/SignBackEnd.php');
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
xhr.onload = function() {
// console.log('Signed in as: ' + xhr.responseText);
console.log('ResponseFromServer: ' + xhr.responseText);
};
xhr.send('idtoken=' + id_token);
}
</script>
<div class="g-signin2" data-onsuccess="onSignIn"></div>
<a href="#" onclick="signOut();">Sign out</a>
<script>
function signOut() {
var auth2 = gapi.auth2.getAuthInstance();
auth2.signOut().then(function () {
console.log('User signed out.');
});
}
</script>
<br><br><br>
</body>
</html>
SignBackEnd.php
<?php
require_once realpath(dirname(__FILE__) . '/../src/Google/autoload.php');
session_start();
$client_id = '<MYClientID>';
$client_secret = '<MYClientSecret>';
$redirect_uri = 'http://http://localhost:8888/google-api-php-client-1-master/Dreolo/SignFrontEnd.php';
$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->setScopes('email');
// $client->setScopes('profile');
// $client->setIncludeGrantedScopes(true);
/************************************************
If we're logging out we just need to clear our
local access token in this case
************************************************/
if (isset($_REQUEST['logout'])) {
unset($_SESSION['access_token']);
}
/************************************************
If we have a code back from the OAuth 2.0 flow,
we need to exchange that with the authenticate()
function. We store the resultant access token
bundle in the session, and redirect to ourself.
************************************************/
if (isset($_GET['code'])) {
$client->authenticate($_GET['code']);
$_SESSION['access_token'] = $client->getAccessToken();
$redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
}
/************************************************
If we have an access token, we can make
requests, else we generate an authentication URL.
************************************************/
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
} else {
$authUrl = $client->createAuthUrl();
}
/************************************************
If we're signed in we can go ahead and retrieve
the ID token, which is part of the bundle of
data that is exchange in the authenticate step
- we only need to do a network call if we have
to retrieve the Google certificate to verify it,
and that can be cached.
************************************************/
if($client->getAccessToken()){
$_SESSION['access_token'] = $client->getAccessToken();
$token_data = $client->verifyIdToken()->getAttributes();
}
if (isset($token_data)) {
echo print_r($token_data);
}
echo 'working';
?>