Fatal编程技术网
  • php/
  • Php 使用Zend_Oauth_Consumer而不使用cookies和会话的最佳方法

Php 使用Zend_Oauth_Consumer而不使用cookies和会话的最佳方法

php zend-framework oauth

Php 使用Zend_Oauth_Consumer而不使用cookies和会话的最佳方法,php,zend-framework,oauth,Php,Zend Framework,Oauth,我正在开发一个符合技术要求的小玩意:没有饼干,没有会话。 我有以下代码: <?php class LinkedIn { private $options; private $consumer; private $client; private $token; public function __construct($params) { // set Zend_Oauth_Consumer options $this->options = array(

我正在开发一个符合技术要求的小玩意:没有饼干,没有会话。 我有以下代码:

<?php

class LinkedIn
{

 private $options;
 private $consumer;
 private $client;
 private $token;


 public function __construct($params)
 {
  // set Zend_Oauth_Consumer options
  $this->options = array(
   'version' => '1.0',
   'localUrl' => $params['localUrl'],
   'callbackUrl' => $params['callbackUrl'],
   'requestTokenUrl' => 'https://api.linkedin.com/uas/oauth/requestToken',
   'userAuthorizationUrl' => 'https://api.linkedin.com/uas/oauth/authorize',
   'accessTokenUrl' => 'https://api.linkedin.com/uas/oauth/accessToken',
   'consumerKey' => $params['apiKey'],
   'consumerSecret' => $params['secretKey']
  );

  // instanciate Zend_Oauth_Consumer class
  require_once 'Zend/Loader.php';
  Zend_Loader::loadClass('Zend_Oauth_Consumer');
  $this->consumer = new Zend_Oauth_Consumer($this->options);
 }


 public function connect()
 {
  // Start Session to be able to store Request Token &amp; Access Token
  session_start ();

  if (!isset ($_SESSION ['ACCESS_TOKEN'])) {
   // We do not have any Access token Yet
   if (! empty ($_GET)) {
 // SECTION_IF
    // But We have some parameters passed throw the URL

    // Get the LinkedIn Access Token
    $this->token = $this->consumer->getAccessToken ($_GET, unserialize($_SESSION ['REQUEST_TOKEN']));

    // Store the LinkedIn Access Token
    $_SESSION ['ACCESS_TOKEN'] = serialize ($this->token);
   } else {
 // SECTION_ELSE
    // We have Nothing

    // Start Requesting a LinkedIn Request Token
    $this->token = $this->consumer->getRequestToken ();

    // Store the LinkedIn Request Token
    $_SESSION ['REQUEST_TOKEN'] = serialize ($this->token);

    // Redirect the Web User to LinkedIn Authentication Page
    $this->consumer->redirect ();
   }
  } else {
   // We've already Got a LinkedIn Access Token

   // Restore The LinkedIn Access Token
   $this->token = unserialize ($_SESSION ['ACCESS_TOKEN']);

  }

  // Use HTTP Client with built-in OAuth request handling
  $this->client = $this->token->getHttpClient($this->options);

 }
}
它工作得很好。但请求存储在会话中的\u令牌。如何将其放入第\u ELSE节中的查询字符串中,并在第\u ELSE节中获取它?谢谢您的建议。

关键是您的系统需要:

1. persist the OAuth tokens between user requests to your server, and
2. tie them to a specific user.
使用会话(其id来自cookie或查询字符串)是一种方法

但是如果会话不在表中,那么您需要其他方法来识别当前用户并存储其OAuth令牌

如果你真的在一个没有会话的环境中工作,那么你怎么知道用户是谁呢?基本授权?在没有用户身份验证的情况下,我看不出如何将OAuth令牌与特定用户关联