gpt4 book ai didi

php - 为什么我一直为 invalid_grant 捕获 Google_Auth_Exception?

转载 作者:可可西里 更新时间:2023-11-01 00:44:32 25 4
gpt4 key购买 nike

我正在尝试构建一个访问 Google Analytics API 并提取数据的网络应用程序。但是,我在 OAuth 2.0 授权方面遇到了一些问题。

它允许成功的初始访问,但它很快将我踢出并在我点击刷新页面的提交按钮时抛出带有消息“获取 OAuth2 访问 token 时出错,消息:‘invalid_grant’”的 Google_Auth_Exception。

据我了解 OAuth 2.0,身份验证有 4 个步骤:

  1. 从 Google Dev Console 获取 OAuth 2.0 凭据
  2. 从 Google 授权服务器获取访问 token
  3. 将访问 token 发送到 Google Analytics API
  4. 如有必要,刷新访问 token

据我了解,$client->setAccessToken();自动刷新 token 。

自从他们转移到 Github 后,我似乎无法从 Google 找到任何文档,而且我大部分时间都遵循了他们的示例结构。

错误从第一个 try block 中抛出,当它尝试执行 $client->authenticate($_GET['code']);

我当前的解决方法是取消设置 session token ,并让用户重新授权。然而,这确实很麻烦且具有侵入性,因为与该页面的任何交互都将要求重新授权。

如有任何帮助,我们将不胜感激!

这是我的代码:

<?php

/**********************
OAUTH 2.0 AUTHORIZATION
***********************/

//required libraries
set_include_path("../src/" . PATH_SEPARATOR . get_include_path());
require_once 'Google/Client.php';
require_once 'Google/Service/Analytics.php';


//variables
$client_id = 'redacted';
$client_secret = 'redacted';
$redirect_uri = 'http://'.$_SERVER["HTTP_HOST"].$_SERVER['PHP_SELF'];
$dev_key = 'redacted';

//create a Google client
$client = new Google_Client();
$client->setApplicationName('App');

//sets client's API information
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->setDeveloperKey($dev_key);
$client->setScopes(array('https://www.googleapis.com/auth/analytics.readonly'));

//if log out is requested, revoke the access
if (isset($_REQUEST['logout'])) {
unset($_SESSION['token']);
}

//check if authorization code is in the URL
try{
if (isset($_GET['code'])) {
$client->authenticate($_GET['code']); //does authorization work
$_SESSION['access_token'] = $client->getAccessToken(); //gets valid access token
$redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; //set into session storage
header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL)); //cleans up the URL
}
}
//if the authorization code is now invalid
catch (Google_Auth_Exception $e) {
unset($_SESSION['token']); //unset the session token
echo "Token now invalid, please revalidate. <br>";
}

//if there is an access token in the session storage
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']); //set the client's access token

//try creating an analytics object
try {
$analytics = new Google_Service_Analytics($client);
echo 'Created Google Analytics Client successfully! <br><br>';
}
catch (Google_Auth_Exception $e) {
echo 'Need authorization!';
}
} else {
$authUrl = $client->createAuthUrl(); //create one
echo "<a class='login' href='$authUrl'><button>Authorize Google Access</button></a>"; //print button
}

最佳答案

我解决了这个问题。我试图授权相同的身份验证代码两次,因此它返回了一个 invalid_grant 错误。

我的解决方案是重写大部分代码并修复 OAuth2 逻辑。

我在下面创建了一个 OAuth2 身份验证流程的迷你教程:

<?php
session_start(); // Create a session

/**************************
* Google Client Configuration
*
* You may want to consider a modular approach,
* and do the following in a separate PHP file.
***************************/

/* Required Google libraries */
require_once 'Google/Client.php';
require_once 'Google/Service/Analytics.php';

/* API client information */
$clientId = 'YOUR-CLIENT-ID-HERE';
$clientSecret = 'YOUR-CLIENT-SECRET-HERE';
$redirectUri = 'http://www.example.com/';
$devKey = 'YOUR-DEVELOPER-KEY-HERE';

// Create a Google Client.
$client = new Google_Client();
$client->setApplicationName('App'); // Set your app name here

/* Configure the Google Client with your API information */

// Set Client ID and Secret.
$client->setClientId($clientId);
$client->setClientSecret($clientSecret);

// Set Redirect URL here - this should match the one you supplied.
$client->setRedirectUri($redirectUri);

// Set Developer Key and your Application Scopes.
$client->setDeveloperKey($devKey);
$client->setScopes(
array('https://www.googleapis.com/auth/analytics.readonly')
);

/**************************
* OAuth2 Authentication Flow
*
* You may want to consider a modular approach,
* and do the following in a separate PHP file.
***************************/

// Create a Google Analytics Service using the configured Google Client.
$analytics = new Google_Service_Analytics($client);

// Check if there is a logout request in the URL.
if (isset($_REQUEST['logout'])) {
// Clear the access token from the session storage.
unset($_SESSION['access_token']);
}

// Check if there is an authentication code in the URL.
// The authentication code is appended to the URL after
// the user is successfully redirected from authentication.
if (isset($_GET['code'])) {
// Exchange the authentication code with the Google Client.
$client->authenticate($_GET['code']);

// Retrieve the access token from the Google Client.
// In this example, we are storing the access token in
// the session storage - you may want to use a database instead.
$_SESSION['access_token'] = $client->getAccessToken();

// Once the access token is retrieved, you no longer need the
// authorization code in the URL. Redirect the user to a clean URL.
header('Location: '.filter_var($redirectUri, FILTER_SANITIZE_URL));
}

// If an access token exists in the session storage, you may use it
// to authenticate the Google Client for authorized usage.
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
}

// If the Google Client does not have an authenticated access token,
// have the user go through the OAuth2 authentication flow.
if (!$client->getAccessToken()) {
// Get the OAuth2 authentication URL.
$authUrl = $client->createAuthUrl();

/* Have the user access the URL and authenticate here */

// Display the authentication URL here.
}

/**************************
* OAuth2 Authentication Complete
*
* Insert your API calls here
***************************/

关于php - 为什么我一直为 invalid_grant 捕获 Google_Auth_Exception?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23498104/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com