使用PHP的Google OAuth2刷新令牌

时间:2017-10-15 22:36:42

标签: php google-oauth2 refresh-token

我正在尝试创建并保存一个访问令牌,当我组织中的其他用户(没有API访问权限)登录时,我可以引用该访问令牌。例如,我需要调用Google Admin API来获取他们的orgUnit。当我获得access_token时,我可以将其与其他用户一起使用,但它会在一小时后过期,我必须重新登录我的帐户才能获得新令牌。

简而言之,我不知道在何处或如何创建刷新令牌,因此我可以将其保存在我的数据库中。

//Create Client Request to access Google API
$client = new Google_Client();
$client->setApplicationName(APPLICATION_NAME);
$client->setClientId(CLIENT_ID);
$client->setClientSecret(CLIENT_SECRET);
$client->setRedirectUri(REDIRECT_URL);
$client->setDeveloperKey(API_KEY);
$client->setAccessType('offline'); 

$client->addScope("https://www.googleapis.com/auth/userinfo.email");
$client->addScope("https://www.googleapis.com/auth/admin.directory.user.readonly");

//Send Client Request
if($client->isAccessTokenExpired()){
    //not doing anything here at the moment
}

$objOAuthService = new Google_Service_Oauth2($client);

//Logout
if (isset($_REQUEST['logout'])) {
    unset($_SESSION['access_token']);
    unset($_SESSION['code']);
    $client->revokeToken();
    header('Location: ' . filter_var(REDIRECT_URL, FILTER_SANITIZE_URL)); //redirect user back to page
}else if (isset($_GET['code'])) {
    //Authenticate code from Google OAuth Flow
    //Add Access Token to Session
    $client->authenticate($_GET['code']);
    $_SESSION['code'] = $_GET['code'];
    $_SESSION['access_token'] = $client->getAccessToken();
    header('Location: ' . filter_var(REDIRECT_URL, FILTER_SANITIZE_URL));
}

//Set Access Token to make Request
if (isset($_SESSION['access_token'])) {
    $client->setAccessToken($_SESSION['access_token']);
}

0 个答案:

没有答案
相关问题
最新问题