Php 使用Zend_Oauth_Consumer而不使用cookies和会话的最佳方法
我正在开发一个符合技术要求的小玩意:没有饼干,没有会话。 我有以下代码:Php 使用Zend_Oauth_Consumer而不使用cookies和会话的最佳方法,php,zend-framework,oauth,Php,Zend Framework,Oauth,我正在开发一个符合技术要求的小玩意:没有饼干,没有会话。 我有以下代码: <?php class LinkedIn { private $options; private $consumer; private $client; private $token; public function __construct($params) { // set Zend_Oauth_Consumer options $this->options = array(
<?php
class LinkedIn
{
private $options;
private $consumer;
private $client;
private $token;
public function __construct($params)
{
// set Zend_Oauth_Consumer options
$this->options = array(
'version' => '1.0',
'localUrl' => $params['localUrl'],
'callbackUrl' => $params['callbackUrl'],
'requestTokenUrl' => 'https://api.linkedin.com/uas/oauth/requestToken',
'userAuthorizationUrl' => 'https://api.linkedin.com/uas/oauth/authorize',
'accessTokenUrl' => 'https://api.linkedin.com/uas/oauth/accessToken',
'consumerKey' => $params['apiKey'],
'consumerSecret' => $params['secretKey']
);
// instanciate Zend_Oauth_Consumer class
require_once 'Zend/Loader.php';
Zend_Loader::loadClass('Zend_Oauth_Consumer');
$this->consumer = new Zend_Oauth_Consumer($this->options);
}
public function connect()
{
// Start Session to be able to store Request Token & Access Token
session_start ();
if (!isset ($_SESSION ['ACCESS_TOKEN'])) {
// We do not have any Access token Yet
if (! empty ($_GET)) {
// SECTION_IF
// But We have some parameters passed throw the URL
// Get the LinkedIn Access Token
$this->token = $this->consumer->getAccessToken ($_GET, unserialize($_SESSION ['REQUEST_TOKEN']));
// Store the LinkedIn Access Token
$_SESSION ['ACCESS_TOKEN'] = serialize ($this->token);
} else {
// SECTION_ELSE
// We have Nothing
// Start Requesting a LinkedIn Request Token
$this->token = $this->consumer->getRequestToken ();
// Store the LinkedIn Request Token
$_SESSION ['REQUEST_TOKEN'] = serialize ($this->token);
// Redirect the Web User to LinkedIn Authentication Page
$this->consumer->redirect ();
}
} else {
// We've already Got a LinkedIn Access Token
// Restore The LinkedIn Access Token
$this->token = unserialize ($_SESSION ['ACCESS_TOKEN']);
}
// Use HTTP Client with built-in OAuth request handling
$this->client = $this->token->getHttpClient($this->options);
}
}
它工作得很好。但请求存储在会话中的\u令牌。如何将其放入第\u ELSE节中的查询字符串中,并在第\u ELSE节中获取它?谢谢您的建议。关键是您的系统需要:
1. persist the OAuth tokens between user requests to your server, and
2. tie them to a specific user.
使用会话(其id来自cookie或查询字符串)是一种方法
但是如果会话不在表中,那么您需要其他方法来识别当前用户并存储其OAuth令牌
如果你真的在一个没有会话的环境中工作,那么你怎么知道用户是谁呢?基本授权?在没有用户身份验证的情况下,我看不出如何将OAuth令牌与特定用户关联