不工作谷歌API客户端PHP访问令牌

问题描述 投票:0回答:2

我使用“谷歌API客户端PHP”来获得访问令牌使用服务帐户JSON基本密钥文件。但我正在逐渐访问令牌无效。我的示例代码

$client = new \Google_Client();
$client->setApplicationName('My App');
putenv('GOOGLE_APPLICATION_CREDENTIALS=path-to-the-key.json');
$client->useApplicationDefaultCredentials();
$client->setScopes(['https://www.googleapis.com/auth/analytics.readonly']);
$client->authorize();
$token = $client->getAccessToken();
echo $token; // null
php api google-api-client
2个回答
0
投票

笔者从谷歌文档开发自己的PHP代码解决我的问题。我用用狂饮HTTP客户端获得访问令牌签署JWT有效载荷。 Here is the doc

我的实现:

 public static function base64url_encode($data) {
    return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
}

public static function getJwtAssertion($private_key_file)
{

    $json_file = file_get_contents($private_key_file);
    $info = json_decode($json_file);
    $private_key = $info->{'private_key'};

    //{Base64url encoded JSON header}
    $jwtHeader = self::base64url_encode(json_encode(array(
        "alg" => "RS256",
        "typ" => "JWT"
    )));

    //{Base64url encoded JSON claim set}
    $now = time();
    $jwtClaim = self::base64url_encode(json_encode(array(
        "iss" => $info->{'client_email'},
        "scope" => "https://www.googleapis.com/auth/analytics.readonly",
        "aud" => "https://www.googleapis.com/oauth2/v4/token",
        "exp" => $now + 3600,
        "iat" => $now
    )));

    $data = $jwtHeader.".".$jwtClaim;

    // Signature
    $Sig = '';
    openssl_sign($data,$Sig,$private_key,'SHA256');
    $jwtSign = self::base64url_encode($Sig);

    //{Base64url encoded JSON header}.{Base64url encoded JSON claim set}.{Base64url encoded signature}
    $jwtAssertion = $data.".".$jwtSign;
    return $jwtAssertion;
}

public static function getGoogleAccessToken($private_key_file)
{

    $result = [
        'success' => false,
        'message' => '',
        'token' => null
    ];

    if (Cache::has('google_token')) {
        $result['token'] = Cache::get('google_token');
        $result['success'] = true;
        return $result;
    }

    if(!file_exists($private_key_file)){
        $result['message'] = 'Google json key file missing!';
        return $result;

    }

    $jwtAssertion = self::getJwtAssertion($private_key_file);

    try {

        $client = new Client([
            'base_uri' => 'https://www.googleapis.com',
        ]);
        $payload = [
            'grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
            'assertion' => $jwtAssertion
        ];

        $response = $client->request('POST', 'oauth2/v4/token', [
            'form_params' => $payload
        ]);

        $data = json_decode($response->getBody());
        $result['token'] = $data->access_token;
        $result['success'] = true;

        $expiresAt = now()->addMinutes(58);
        Cache::put('google_token', $result['token'], $expiresAt);

    } catch (RequestException $e) {
          $result['message'] = $e->getMessage();
    }


    return $result;

}

现在叫它:

$googleToken = getGoogleAccessToken($KEY_FILE_LOCATION);
-1
投票

我用类似类型的客户端获得访问令牌,但是这是对谷歌床单。这将是相同的像。所以我在这里分享我的谷歌床单代码段。

<?php
if (!function_exists('curl_reset'))
{
    function curl_reset(&$ch)
    {
        $ch = curl_init();
    }
}

require_once __DIR__ . '/goog/vendor/autoload.php';

define('APPLICATION_NAME', 'Google Sheets API PHP Quickstart');
define('CREDENTIALS_PATH', __DIR__ . '/sheets.googleapis.com-php-quickstart.json');
define('CLIENT_SECRET_PATH', __DIR__ . '/client_secret.json');

// If modifying these scopes, delete your previously saved credentials
// at ~/.credentials/sheets.googleapis.com-php-quickstart.json
define('SCOPES', implode(' ', array(
  Google_Service_Sheets::SPREADSHEETS)
));

if (php_sapi_name() != 'cli') {
  throw new Exception('This application must be run on the command line.');
}

/**
 * Returns an authorized API client.
 * @return Google_Client the authorized client object
 */
function getClient() {
  $client = new Google_Client();
  $client->setApplicationName(APPLICATION_NAME);
  $client->setScopes(SCOPES);
  $client->setAuthConfig(CLIENT_SECRET_PATH);
  $client->setAccessType('offline');

  // Load previously authorized credentials from a file.
  $credentialsPath = CREDENTIALS_PATH;
  if (file_exists($credentialsPath)) {
    $accessToken = json_decode(file_get_contents($credentialsPath), true);
  } else {
    // Request authorization from the user.
    $authUrl = $client->createAuthUrl();
    printf("Open the following link in your browser:\n%s\n", $authUrl);
    print 'Enter verification code: ';
    $authCode = trim(fgets(STDIN));

    // Exchange authorization code for an access token.
    $accessToken = $client->fetchAccessTokenWithAuthCode($authCode);

    // Store the credentials to disk.
    if(!file_exists(dirname($credentialsPath))) {
      mkdir(dirname($credentialsPath), 0700, true);
    }
    file_put_contents($credentialsPath, json_encode($accessToken));
    printf("Credentials saved to %s\n", $credentialsPath);
  }
  $client->setAccessToken($accessToken);

  // Refresh the token if it's expired.
  if ($client->isAccessTokenExpired()) {
    $client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
    file_put_contents($credentialsPath, json_encode($client->getAccessToken()));
  }
  return $client;
}

所以,当你调用getClient功能在命令行PHP脚本它会生成一个链接以验证用户在浏览器之后,它会提供你在命令行中放置一个代码。然后,它会产生以后可以重复使用的访问令牌。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.