Google API认证服务器 [英] Google API Authentication for server

问题描述

我一直在尝试 Google日历API 在PHP网站中工作应用程序，但我很难进行身份验证。

我想要做的是允许用户与服务器已知的单个帐户的日历进行交互。

OAuth中涵盖的每种类型的场景2.0文档讨论了涉及登录表单和个人用户登录的用户同意，但我希望服务器自身直接进行身份验证并获得访问令牌。

有没有OAuth的某些部分或者我可以使用的一些替代机制来做到这一点？

解决方案

要做到这一点，您必须完成用户同意的步骤，然后将它提供给您的访问令牌复制到PHP代码中。

OAuth是这样的：
$ b

1. 发送用户到认证页面。


2. 用户返回$ _GET ['code']


3. 向OAuth服务器发送$ _GET ['code']以获取令牌


4. 在数据库中为用户存储令牌（或会话，如果它很短暂）

但是，如果使用这样的单个日历进行操作，则可以修改步骤4。将令牌转储为屏幕并将其作为变量复制到您的PHP文件中，而不是将其放入数据库中。然后，当您将访问令牌传递给服务器时，您只需传递已知的静态令牌，而不是数据库/会话中的动态令牌。

I've been trying to get Google's Calendar API working in a PHP web application, but I'm having a hard time getting authenticated.

What I want to do is to allow users to interact with calendars of a single account known by the server.

Each type of scenario covered in the OAuth 2.0 docs talks about "user consent" which involves a login form and the individual user logging in, but I want the server itself to authenticate directly and obtain an access token for itself.

Is there some part of OAuth or some alternative mechanism I can use to do this?

解决方案

In order to do this, you must go through the steps for user consent and then copy the access tokens it gives you into the PHP code.

The usual procedure for OAuth is like this:

1. Send user to authentication page.
2. User comes back with $_GET['code']
3. Send $_GET['code'] to OAuth server for a token
4. Store token in database for the user (or session, if it's very short lived)

But when doing it with a single calendar like this, you modify step 4. Instead, you dump the token to screen and copy it into your PHP file as variables, instead of putting it in the database. Then when you go to pass the access token to the server, you just pass the known, static token rather than a dynamic token from the database / session.

这篇关于Google API认证服务器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！