Google API的社交名流laravel身份验证错误 [英] socialite laravel authantication error with google API

问题描述

我一直在使用Socilte软件包进行用户登录，即使用 facebook ， google ， twiter 和 github API.所有其他API都可以正常使用， google API期望，从Google返回时显示错误.

I have been using Socilte package for users login, i m using facebook, google, twiter and github API. All other API's are working fine expect google API, it is showing an error while returning from google.

HTTP错误403-禁止

HTTP Error 403 - Forbidden

Web服务器被配置为不列出此目录的内容，或者您​​没有足够的权限来访问资源.

The Web server is configured to not list the contents of this directory or you do not have enough permissions to access the resource.

这是我的回调函数，实际上它没有达到此回调函数:

This is my callback function, in fact it is not reaching this callback function:

public function handleGoogleCallback()
{
     $user = Socialite::driver('google')->stateless()->user();        
}

推荐答案

几天前，我也面临着同样的问题.甚至谷歌搜索都不能解决我的问题. 因此，我决定深入研究它，并猜测是什么，我找到了此问题的适当原因.

I was facing the same problem couple of days back. Even googling it didn't solve my problem. So i decided to go indepth of it and guess what, i found the appropriate reason of this issue.

就我而言，原因是Google回调URL中的 .profile 一词.

In my case the reason was the word .profile in google callback URL.

"https％3A％2F％2Fwww.googleapis.com％2Fauth％2Fuserinfo.profile"(我的回调网址的一部分)

'https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile' (part of my callback url)

我与托管服务提供商(Hostgator)对此进行了交谈，最初，他们说这个问题不在代码中，而是在他们的身边.但是我有足够的证据(我确实通过将.profile更改为.abc和huaa ...来解决问题.)向他们显示了此问题来自服务器端.然后他们向我推销VPS托管(我已经共享了托管)，但我拒绝接受，然后最终他们接受了他们有一个mod_security规则，该规则阻止了.profile一词出于安全原因.

I had a conversation with my hosting provider(Hostgator) regarding this and initially they were saying that this issue is in the code not by their side. But i had enough evidence(i did show them by changing .profile to .abc and huaa... issue gone..) to show them that this issue is from server end. Then they were pitching me for VPS hosting(i have shared hosting) but i denied to take it then finally they accepted that they have a mod_security rule that is preventing the word .profile from security reason.

他们当然有一个奇怪的mod_security规则.

They have a weired mod_security rule of course.

当我得知他们不会为我更改mod_security规则时，我更改了 socialite核心软件包

When i got that they are not going to change mod_security rule for me then i altered socialite core package

core/vendor/laravel/socialite/src/Two/GoogleProvider.php

core/vendor/laravel/socialite/src/Two/GoogleProvider.php

并在此处评论了个人资料

and commented profile here

protected $scopes = [
    'openid',
    //'profile',
    'email',
];

然后一切都很好，除了我因为评论个人资料而无法获得用户名，但对我来说很好.因此，这可能是摆脱不良服务器规则的技巧.

then everything was good except i couldn't get username because of commenting profile but for me it was good to go. So this could be a trick to get rid of bad server rules.

这篇关于Google API的社交名流laravel身份验证错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！