Google Apps SSO-使用OAuth 2的名字和姓氏，而无需使用Google+ [英] Google Apps SSO - First and Last Name with OAuth 2 without using Google+

问题描述

我正在尝试使用OAuth 2实施Google Apps SSO.我正在使用 Google PHP客户端库.在身份验证期间，我将范围设置为'email'和'profile':

I'm trying to implement Google Apps SSO using OAuth 2. I'm using the Google PHP Client Library for this purpose. I set the scope to 'email' and 'profile' during the authentication:

$this->client->setScopes('email', 'profile');

我可以使用verifyIdToken获取电子邮件地址，并使用Google Plus获得名字和姓氏.

I'm able to get the email address with verifyIdToken, and the first name and the last name using Google Plus.

if ($this->client->getAccessToken()) {
    $tokenData = $this->client->verifyIdToken()->getAttributes();
    // Email: $tokenData['payload']['email']

    $plus = new \Google_Service_Plus($this->client);
    $me = $plus->people->get('me');
    // First name: $me['modelData']['name']['givenName']
    // Last name: $me['modelData']['name']['familyName']
}

我面临的问题是，许多用户在没有Google+个人资料的情况下使用Google Apps.我的问题是:如何在没有使用Google Plus服务的情况下不获得经过身份验证的用户的名字和姓氏?

The problem I'm facing is that many users use Google Apps without having a profile on Google+. My question is: How do I get the first and last name of the authenticated user without using Google Plus Service?

注意:我已经尝试过发布到 https://www.googleapis.com/oauth2/v1/userinfo 具有正确的访问令牌，但是此令牌将很快被弃用，此外，它还会为没有Google+个人资料的用户返回空的名字和姓氏.

Note: I've tried posting to https://www.googleapis.com/oauth2/v1/userinfo with the correct access token, but this is soon to be deprecated and moreover, it also returns empty first name and last name for users who do not have Google+ profiles.

推荐答案

我最终使用了库中包含的OAuth 2.0服务.

I ended up using the OAuth 2.0 Service included in the library.

require_once 'Google/Service/Oauth2.php';

$oAuth2 = new \Google_Service_Oauth2($this->client);
$oAttr = $oAuth2->userinfo->get();

名字是$oAttr['givenName']，名字是$oAttr['familyName']

我还必须将范围更改为"openid电子邮件个人资料":

I also had to change the scope to "openid email profile":

$this->client->setScopes('openid email profile');

这篇关于Google Apps SSO-使用OAuth 2的名字和姓氏，而无需使用Google+的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！