Google API PHP离线访问，“invalid_grant：代码已被兑换” [英] Google API PHP offline access, "invalid_grant: Code was already redeemed"

问题描述

如何授权Google客户端，直到用户撤销授权为止 我正在尝试制作连接到Google日历的应用。它必须在PHP中运行，因此我使用的是由Google提供的Google API PHP客户端。

应用程序需要具有脱机访问权限，因此当用户不在会议中。该应用程序的目的是让用户在网站上公开管理和显示他的日历。

我在Google控制台中创建了凭据，使用服务方法（使用客户端ID和客户端密码）。我还使用Google API客户端向用户请求授权。我打开一个新的浏览器窗口，用户授权，授权代码由Google返回。我将这段代码存储起来，并使用它来授权客户端，该客户端成功连接到Google日历并交换数据。

现在，我明白这是一个令牌即将到期。除非使用我设置的离线访问。然而，在几分钟或更少的时间后，我总是会得到一个错误： 获取OAuth2访问令牌时出错，message：'invalid_grant：代码已被兑现。

这是我用来连接客户端的代码：

  $ client = new \Google_Client（）; 
 $ client-> setApplicationName（'My App'）; 
 $ client-> setScopes（array（\Google_Service_Calendar :: CALENDAR））; 
 $ client-> setClientId（$ this-> google_client_id）; 
 $ client-> setClientSecret（$ this-> google_client_secret）; 
 $ client-> setRedirectUri（$ this-> google_client_redirect）; 
 $ client-> setAccessType（'offline'）; 
 
 if（$ code = $ this-> google_client_auth）{
 
 try {
 
 $ client-> authenticate（$ code）; 
 $ b $ catch（\Exception $ e）{
 var_dump（$ e）; 
} 
 
} 
 
返回新\Google_Service_Calendar（$ client）; 
  

这是一个类中的方法。

客户端ID和客户端密钥存储在应用程序设置中。

我还将用户返回的代码存储在一个设置中，但我认为这是我做错了的地方？我将链接放到谷歌OAuth窗口在一个单独的方法（它也使用相同的客户端ID和密码，并设置脱机方法以及），并获得授权正在工作。我可以到日历，它只是不会持续很长时间...

解决方案

有三种类型的代码或令牌Google认证服务器返回。

1. 验证码


2. 访问令牌


3. 刷新令牌。 >
   
   

   认证码

   
   
   

   当用户点击认证表单并授予您的应用程序访问权限时。 Google会向您返回一个验证码，您应该使用此代码并交换它以获取Access令牌和刷新令牌。如果您再次尝试使用该代码，则只会使用一次，您将收到错误消息。 p>
   
   

   
   

   invalid_grant：代码已被兑换。
   

   存取令牌
   
   

   用于访问API，这个令牌应该与您发出的每个请求一起发送。访问令牌是短暂的，他们工作了一个小时，然后他们停止工作。
   $ b

   刷新令牌

   
   
   

   刷新令牌应该保存在服务器的某个地方。一旦访问令牌过期，您可以使用刷新令牌来获取新的访问令牌。

   
   
   

   您的问题是您要保存对您无用的验证代码。你需要找到刷新令牌并保存。
   

   How to authorize a Google Client permanently until the user revokes authorization?

   I am trying to make an app that connects to Google Calendar. It has to run in PHP and therefore I am using the Google API PHP client provided by google.

   The app needs to have offline access so it works when the user is not in the session. The app is intended to let the user to manage and display his calendars publicly on websites and such.

   I have created credentials in Google Console, using service method (with a client ID and client secret). Using the Google API client I also requested authorization from the user. I open a new browser window, the user authorizes, an authorization code is returned by Google. I take this code, store it and use it to authorize the client, which successfully connects to Google Calendar and exchange data.

   Now, I understood this is a token that is going to expire. Unless one uses offline access, which I set. However, after a few minutes or less I will always get an error: Error fetching OAuth2 access token, message: 'invalid_grant: Code was already redeemed.

   This is the code I use to connect the client:

   $client = new \Google_Client();
   $client->setApplicationName( 'My App' );
   $client->setScopes( array( \Google_Service_Calendar::CALENDAR ) );
   $client->setClientId( $this->google_client_id );
   $client->setClientSecret( $this->google_client_secret );
   $client->setRedirectUri( $this->google_client_redirect );
   $client->setAccessType( 'offline' );
   
   if ( $code = $this->google_client_auth ) {
   
       try {
   
           $client->authenticate( $code );
   
       } catch( \Exception $e ) {
               var_dump( $e );
       }    
   
   }
   
   return new \Google_Service_Calendar( $client );
   

   This is a method inside a class.

   The client ID and the client secret are stored in the app settings.

   I'm also storing the code returned by the user in a setting, but I think this is where I"m doing it wrong? I am putting the link to a Google OAuth window in a separate method (which also uses the same client id and secret and sets offline method as well). And to get the authorization is working. I can get to the calendars. It just doesn't last long...

   解决方案

   There are three types of codes or tokens Googles Authentcation server returns.

   1. Authentication code
   2. Access token
   3. Refresh token.

   Authentication code

   When a user clicks on the Authentcation form and grants your application access. Google returns to you an Authentcation code. You should take this code and exchange it for an Access token and a refresh token. This code is only used once if you try and use it again you will get an error message.

   invalid_grant: Code was already redeemed.

   Access token

   Access tokens are used to access the APIs this token should be sent along with every request you make. Access tokens are short lived they work for an hour and then they stop working

   Refresh token

   Refresh tokens should be saved on your server some place. Once the access token expires you can use the refresh token to get a new access token.

   Your problem is that you are saving the authentication code which is of no use to you. You need to find the refresh token and save that.

   这篇关于Google API PHP离线访问，“invalid_grant：代码已被兑换”的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！