在google中使用javascript和php对用户进行身份验证
我想使用谷歌登录来验证我的PHP帖子。在网页上有一个谷歌登录按钮(可以使用),然后各种功能将从谷歌获得的在google中使用javascript和php对用户进行身份验证,javascript,php,oauth-2.0,google-oauth,Javascript,Php,Oauth 2.0,Google Oauth,我想使用谷歌登录来验证我的PHP帖子。在网页上有一个谷歌登录按钮(可以使用),然后各种功能将从谷歌获得的id\u令牌发布到我的PHP: function getAuth() { var id_token = theUser.getAuthResponse().id_token; var oReq = new XMLHttpRequest(); oReq.onload = function() {
id\u令牌
发布到我的PHP:
function getAuth() {
var id_token = theUser.getAuthResponse().id_token;
var oReq = new XMLHttpRequest();
oReq.onload = function() {
console.log(this.responseText);
}
oReq.open("POST", "databaseAccess.php", true);
oReq.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
oReq.send("oc="+id_token);
}
在服务器端:
<?php
if (isset($_POST["oc"])) {
$code = $_POST["oc"];
$client_id = "xxxxxxxxxxx.apps.googleusercontent.com";
$redirect_uri = "http://myDomain/responder.html";
$client_secret = "xxxxxxxx";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://accounts.google.com/o/oauth2/v2/auth");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FAILONERROR, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'response_type' => 'code',
'scope' => 'profile',
'client_id' => $client_id,
'redirect_uri' => $redirect_uri
));
$data = curl_exec($ch);
}
echo($data);
?>
但这并没有带来任何回报:来自谷歌的沉默不语。根据这个我也可以做一个比较简单的
https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=XYZ123
因此,在PHP文件中,我尝试:
$data = http_build_query(array(
'id_token' => $code
));
echo("DATA: ".$data);
$context = stream_context_create(array(
'https' => array(
'method' => 'GET',
'header' => 'Content-Type: application/x-www-form-urlencoded',
'content' => $data
)
));
// Make POST request
$response = file_get_contents('https://www.googleapis.com/oauth2/v2/tokeninfo', false, $context);
echo("PHP OUT: ".$response);
有了这个,我得到了一个错误:
either access_token, id_token, or token_handle required
在web浏览器中键入:
https://www.googleapis.com/oauth2/v2/tokeninfo?id_token=xxx0Cc6
通过从网页的javascript接收的有效令牌,我得到了一个适当的结果:
{
"issued_to": "8jijijijijijihb.apps.googleusercontent.com",
"audience": "8jijijijijijij20hb.apps.googleusercontent.com",
"user_id": "1128jijijijijij38756",
"expires_in": 2412,
"email": "me@googlemail.com",
"verified_email": true
}
希望有人能告诉我,在我的PHP中,我是如何收到这样的结果的。在我的低级服务器上使用PHP beta api也证明是徒劳的。试试以下方法:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.googleapis.com/oauth2/v3/tokeninfo?id_token={$oc}");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$data = curl_exec($ch);
echo($data)
谢谢,但是我不确定你用
$oc
指的是什么;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.googleapis.com/oauth2/v3/tokeninfo?id_token={$oc}");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$data = curl_exec($ch);
echo($data)