Question

我使用了“ league / oauth2-client”库，并试图从提供商那里获取访问令牌。我的第一步是使授权代码正常工作。当我向提供商请求访问令牌时，出现了类似“ cURL错误51：SSL：没有其他证书主题名称与目标主机名'XXX.XXX.com'相匹配”的异常。

我使用Postman在给定适当参数的情况下手动获取访问令牌。工作正常，提供商将访问令牌返回给邮递员。

https://github.com/thephpleague/oauth2-client

$provider = new \League\OAuth2\Client\Provider\GenericProvider([
    'clientId' => 'XXX',
    'clientSecret' => 'YYY',
    'redirectUri' => 'https://exampleclient.com/oauth',
    'urlAuthorize' => 'https://example.com/OAuth2AuthorizationServer/AuthorizationController',
    'urlAccessToken' => 'https://example.com/oauth/AccessTokenController',
    'urlResourceOwnerDetails' => 'https://example.com/oauth/ResourceController',
    'scopes' => array('BLABLA'),
    'verify' => false,
]);

try {
    $accessToken = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code']
    ]);

    echo 'Access Token: ' . $accessToken->getToken() . "<br>";
    echo 'Refresh Token: ' . $accessToken->getRefreshToken() . "<br>";
    echo 'Expired in: ' . $accessToken->getExpires() . "<br>";
    echo 'Already expired? ' . ($accessToken->hasExpired() ? 'expired' : 'not expired') . "<br>";

    $resourceOwner = $provider->getResourceOwner($accessToken);
    var_export($resourceOwner->toArray());
    die;

    } catch (Exception $e) {

        // Failed to get the access token or user details.
        exit($e->getMessage());
    }

Answer 1

league / oauth2-client 库使用 GuzzleHttp \ Client ，因此我们需要设置

GuzzleHttp\RequestOptions::VERIFY => false

最简单的方法是创建一个新的GuzzleHttp \ Client并将其VERIFY选项设置为false。

$guzzyClient = new GuzzleHttp\Client([
    'defaults' => [
        \GuzzleHttp\RequestOptions::CONNECT_TIMEOUT => 5,
        \GuzzleHttp\RequestOptions::ALLOW_REDIRECTS => true],
     \GuzzleHttp\RequestOptions::VERIFY => false,
]);

$provider->setHttpClient($guzzyClient);

League \ OAuth2 \ Client \ Provider \ GenericProvider SSL错误

1 个答案: