我已经使用GET['code']方法在1个php页面上验证了我的应用程序,我收到了刷新令牌代码并保存了它。
现在我想在同一个域的其他页面上进行身份验证。所以我做的是我创建了其他php页面,检查我是否使用is_authenticated()函数进行了身份验证,如果不是我使用CURL到API端点"https://podio.com/oauth/token"请求新的访问令牌。我收到了访问代码,并尝试使用authenticate_with_authorization_code($code, REDIRECT_URI)对其进行身份验证,但我收到错误未捕获的PodioInvalidGrantError:"抱歉,您的OAuth代码无效。" 。请告诉我我错过的步骤。
<?php
require ('podio/podio_lib/PodioAPI.php');
include ('sessionpodio.php');
define("REDIRECT_URI", 'http://domainname.com/pagename.php');
$refreshtoken = "my_refresh_token";
$client_id = "xxxxx";
$client_secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
$param = "grant_type=refresh_token&client_id={$client_id}&client_secret=
{$client_secret}&refresh_token={$refreshtoken}";
Podio::setup($client_id, $client_secret, array(
"session_manager" => "PodioBrowserSession"
));
if (!Podio::is_authenticated()) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"https://podio.com/oauth/token");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-
form-urlencoded'));
// receive server response ...
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$server_output = curl_exec ($ch);
curl_close ($ch);
$decoded_r = json_decode($server_output,true);
$code = $decoded_r["access_token"];
echo "<pre>".print_r($decoded_r, true)."</pre><br/>";
var_dump($code);
if ($code !== "") {
Podio::authenticate_with_authorization_code($code, REDIRECT_URI);
}
}
elseif (Podio::is_authenticated()) {
// User already has an active session. You can make API calls here:
print "You were already authenticated and no authentication is needed.
<br/>";
var_dump($_SESSION);
}
?>
答案 0 :(得分:0)
使用Podio Session Manager解决了问题,不需要使用过期访问令牌和刷新令牌进行手动身份验证,因为库会自动处理它,有关详细信息,请参阅Podio会话管理器。