Google服务帐户身份验证PHP
我正在尝试对服务帐户进行身份验证,以便在客户端JSON_API库中使用访问令牌 我看过这些文章:Google服务帐户身份验证PHP,php,google-oauth,google-cloud-storage,google-authentication,Php,Google Oauth,Google Cloud Storage,Google Authentication,我正在尝试对服务帐户进行身份验证,以便在客户端JSON_API库中使用访问令牌 我看过这些文章: 这是我的PHP代码 <?php require_once 'google-api-php-client/src/Google_Client.php'; const CLIENT_ID = ""; const SERVICE_ACCOUNT_NAME = ""; const KEY_FILE = "super secret path of course ;)"; $client =
这是我的PHP代码
<?php
require_once 'google-api-php-client/src/Google_Client.php';
const CLIENT_ID = "";
const SERVICE_ACCOUNT_NAME = "";
const KEY_FILE = "super secret path of course ;)";
$client = new Google_Client();
// Loads the key into PKCS 12 format
$key = file_get_contents(KEY_FILE);
$client->setAssertionCredentials(new Google_AssertionCredentials(
SERVICE_ACCOUNT_NAME,
array('https://www.googleapis.com/auth/prediction'),
$key
)
);
$client->setClientId(CLIENT_ID);
$auth = $client->authenticate();
print $auth ? "Returned true" : "Returned false";
print "<br>";
print is_null($client->getAccessToken()) ? "It's null" : "Works";
?>
需要检查的几件事:
- 首先,我假设
CLIENT\u ID
和SERVICE\u ACCOUNT\u NAME
被设置为您的实际客户ID和SERVICE ACCOUNT NAME,而不仅仅是空字符串,对吗
- 其次,您正在使用OAuth范围
https://www.googleapis.com/auth/prediction
但尝试使用它访问地面军事系统。您可能希望使用只读、读写或完全控制作用域,您可以找到它们。例如,如果您想要读写访问,您可以使用作用域https://www.googleapis.com/auth/devstorage.read_write
在混合使用不同的资源之后,我终于找到了如何使用PHP API库进行身份验证的方法
下面是我为google php api库提供的身份验证类
<?php
require_once 'google-api-php-client/src/Google_Client.php';
require_once 'google-api-php-client/src/contrib/Google_StorageService.php';
class Model_Storage_Auth
{
const CLIENT_ID = "someuniquenumber.apps.googleusercontent.com";
const SERVICE_ACCOUNT_NAME = "myserviceaccountname@developer.gserviceaccount.com";
const KEY_FILE = "/supersecretpath/key.p12";
const ACCESS_TOKEN = 'access_token';
const APP_NAME = 'My App Name';
private $google_client;
function __construct()
{
$this->google_client = new Google_Client();
$this->google_client->setApplicationName(self::APP_NAME);
}
public function getToken()
{
if(!is_null($this->google_client->getAccessToken())){}
elseif(!is_null(Session::get(self::ACCESS_TOKEN, null)))
{
$this->google_client->setAccessToken(Session::get(self::ACCESS_TOKEN, null));
}
else
{
$scope = array();
$scope[] = 'https://www.googleapis.com/auth/devstorage.full_control';
$key = file_get_contents(self::KEY_FILE);
$this->google_client->setAssertionCredentials(new Google_AssertionCredentials(
self::SERVICE_ACCOUNT_NAME,
$scope,
$key)
);
$this->google_client->setClientId(self::CLIENT_ID);
Google_Client::$auth->refreshTokenWithAssertion();
$token = $this->google_client->getAccessToken();
Session::set(self::ACCESS_TOKEN, $token);
}
return $this->google_client->getAccessToken();
}
}
是的,我的客户ID和服务帐户名称设置为正确的值,我在作用域中设置了该URL。仍然获得相同的输出:\