OAuth 2.0 访问令牌已过期，刷新令牌不可用 [英] OAuth 2.0 access token has expired, and a refresh token is not available

问题描述

我有一个基于 Web 的应用程序，它使用 Google OAuth2.0 作为登录框架.直到昨天，它以前运行良好.访问令牌过期后，应用程序无法获取刷新令牌.除此之外，请求权限"页面已更改为具有离线访问权限"，而不是了解您在 Google 上的身份"和查看您的电子邮件"

I have a web based application which use Google OAuth2.0 as the login framework. It works nicely previously until yesterday. The applcation couldn't get the refresh token after the access token expired. Besides that, the "Request for permission" page had change to "Have offline access" instead of "Know who you are on Google" and "View you email"

最初，请求权限"页面将请求访问了解您在 Google 上的身份"和查看您的电子邮件".用户注销并尝试二次登录后，请求权限"页面也一样.

Originally, the "Request for permission" page will request the access to "Know who you are on Google" and "View you email". After user logout and attempts second login, the "Request for permission" page will be the same too.

然而，直到昨天，请求权限"页面变成了可以离线访问".访问令牌过期后，我收到以下错误消息:

However, until yesterday, the "Request for permission" page changed to "Have offline access". After the access token is expired, I got the error messsage below:

PHP 致命错误:未捕获的异常Google_AuthException"，消息为OAuth 2.0 访问令牌已过期，刷新令牌不可用".对于自动批准的响应，不会返回刷新令牌.在/home2/xxxx/public_html/test/google-api-php-client/src/auth/Google_OAuth2.php:221

PHP Fatal error: Uncaught exception 'Google_AuthException' with message 'The OAuth 2.0 access token has expired, and a refresh token is not available. Refresh tokens are not returned for responses that were auto-approved.' in /home2/xxxx/public_html/test/google-api-php-client/src/auth/Google_OAuth2.php:221

我试过 $client->setAccessType('online'); .但是，我仍然遇到了这个致命错误.以下是我获取访问令牌的代码:

I tried $client->setAccessType('online'); . However, I still got this fatal error with me. Below is my code to get the access token :

    if ($client->getAccessToken()) {
      $token = $client->getAccessToken();
      $authObj = json_decode($token);
      $refreshToken = $authObj->refresh_token;
      $user = $oauth2->userinfo->get();
      $me = $plus->people->get('me');
      $email = filter_var($user['email'], FILTER_SANITIZE_EMAIL); // get the USER EMAIL ADDRESS using OAuth2

      $optParams = array('maxResults' => 100);
      $activities = $plus->activities->listActivities('me', 'public', $optParams);


      $_SESSION['access_token'] = $client->getAccessToken();
    } else {
      $authUrl = $client->createAuthUrl();
    }

我试图搜索与我类似的问题，但找不到.这是从昨天开始发生的.在此之前，我从未对代码进行过任何更改.

I tried to search for similar problem like me but I couldn't find one. This happened since yesterday. Before this, I never made any change on the codes.

推荐答案

Fabian Parzefall 通过他的评论帮助我解决了这个问题.

With his comments, Fabian Parzefall helped me getting this fixed.

这是我的脚本:

if($client->isAccessTokenExpired()) {

    $authUrl = $client->createAuthUrl();
    header('Location: ' . filter_var($authUrl, FILTER_SANITIZE_URL));

}

其实很简单.我没有让他单击连接我"按钮(由 GA API 团队提供的演示脚本放置)，而是直接重定向他.不确定这是否是正确/更安全的方法，但这是现在对我有用的方法！

It's actually pretty simple. Instead of asking him to click the "connect me" button (as put by the demo script provided by the GA API team), I redirect him directly. Not sure if it's the proper/safer way, but that's the one working for me right now!

这篇关于OAuth 2.0 访问令牌已过期，刷新令牌不可用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！