Google OAuth访问令牌未刷新令牌NULL [英] Google OAuth access token not refresh token NULL

问题描述

我正在尝试在服务器上获取访问令牌以使用PHP客户端库中的GMail API，并且在我通过var_drump变量通过getAccessToken();方法将访问令牌存储在其中之后，得到的所有内容均为NULL.

I'm trying to get my access token on my server to use the GMail API from the PHP client library and all I get is NULL after I var_drump the variable I have store the access token in through the getAccessToken(); method.

知道我在做什么错，以便如何获得访问令牌吗?

Any idea what I am doing wrong so that how I can an access token?

我在URL中具有带code参数的有效身份验证代码，并且我不知道为什么在尝试获取访问令牌时会为空.有什么想法吗?

I have a valid auth code in the URL with the code parameter and I don't know why I am getting null when I try to fetch the access token. Any ideas?

这是我的代码:

require_once 'vendor/autoload.php';
$redirect_uri = 'https://website.com/m/?mail=tokened';
$client = new Google_Client();
$client->setAuthConfig('client_secrets.json');
$client->setRedirectUri($redirect_uri);
$client->setAccessType('offline');
$client->setApprovalPrompt('force');
$client->authenticate($_GET['code']);
$access_token = $client->getAccessToken();
var_dump($access_token);

我进一步的Google搜索发现了以下内容: Google API -来自Oauth2的令牌请求返回空令牌

My further google searching discovered this: Google API - request for token from Oauth2 returns null token

然后我基于该代码尝试了以下操作，因为这将正确运行，而不是答案中的确切内容，并且我仍然会得到NULL

And I tried the following based on that code because this is what would run without errors, not what was exactly in the answer, and I still am getting NULL

这一次，我尝试在服务器端执行授权代码并从中获取访问令牌，唯一的区别是这一次它确实请求访问gmail数据的权限.

This time I tried doing authorization code and fetching access token from it all on the server side, the only difference is that this time it does ask for permission to access gmail data.

require_once 'vendor/autoload.php';
$client = new Google_Client();
$client->setAuthConfig('client_secrets.json');
$client->setScopes('https://mail.google.com');
if($_GET['mail']=='approved'){
    $client->setRedirectUri('https://website.com/m/php/googleTokens.php?mail=tokened');
    return header('Location: ' . $client->createAuthUrl());
}
else{
    $client->authenticate($_GET['code']);
    $tokens = $client->getAccessToken();
    var_dump($tokens);
}

推荐答案

让我们确保正确遵循身份验证流程.首先，客户端向Google的OAuth系统发送身份验证请求，然后Google返回访问代码，之后您就可以交换访问令牌.该过程的逻辑应该是这样的:

Let's make sure we are following the authentication flow properly. First, the client sends an authentication request to Google's OAuth system and then Google returns an access code which later on you can exchange for an access token. The logic of the process should be like this:

require_once 'vendor/autoload.php'; //Include PHP Client Library

//Create client object and set its configuration
$client = new Google_Client();
$client->setAuthConfig('client_secrets.json');
$client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . '/index.php');
$client->setAccessType('offline');
$client->setApprovalPrompt('force');
$client->addScope(array("email", "profile"));

//Check if the access token is already set and if it is, var dump access token
if(isset($_SESSION["access_token"]) && $_SESSION["access_token"] ) {

    $client->setAccessToken($_SESSION['access_token']);

    var_dump($_SESSION['access_token']);

} else { // if access token is not set, authenticate client

  if( !isset($_GET["code"]) ) { // if there is no access code

    $auth_url = $client->createAuthUrl();
    header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));

  } else { //if there is an access code

    $client->authenticate($_GET['code']); //authenticate client
    $_SESSION['access_token'] = $client->getAccessToken(); //save access token to session
    $redirect_uri = "http://".$_SERVER['HTTP_HOST']."/index.php";
    header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));

  }
}

在运行逻辑之前，请转到 myaccount.google.com/permissions 并删除该应用程序，然后运行上面的代码.最后，请不要忘记阅读官方文档以获得更详细的说明.在stackoverflow上也有一些这样的示例，因此我建议也检查它们.我希望这会有所帮助！

Before running the logic, please go to myaccount.google.com/permissions and delete the application, then run the above code. Finally, please lets not forget to review the official documentation for a more detailed explanation. There are also several examples of this here on stackoverflow so I would recommend checking them too. I hope this helps!

这篇关于Google OAuth访问令牌未刷新令牌NULL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！