2012-09-25 381 views
1

我目前使用OAuth 2.0訪問Google的reader reader API。我已經成功地獲得了URL中返回的「代碼」和「狀態」。現在我使用post方法來傳遞所需的參數以接收訪問令牌。我一直在擺弄它在相當一段時間,我的一切是:Google API OAuth 2.0

{ "error": "invalid_request" } 

我的代碼如下:提前

<?php 

session_start(); 

$code = $_GET['code']; 
$state = $_GET['state']; 

if ((!is_numeric($state)) || ($state != $_SESSION['state'])) { 
    throw new Exception('Error validating state.'); 
} 

$accessTokenExchangeUrl = 'https://accounts.google.com/o/oauth2/token'; 
$redirectUriPath = '/authentication.php'; 

$accessTokenExchangeParams = array(
    'code' => $code, 
    'client_id' => 'xxxxx', 
    'client_secret' => 'xxxxx', 
    'redirect_uri' => (isset($_SERVER['HTTPS'])?'https://':'http://') . $_SERVER['HTTP_HOST'] . $redirectUriPath, 
    'grant_type' => 'authorization_code' 
    ); 


$goToUrl = $accessTokenExchangeUrl . '?' . http_build_query($accessTokenExchangeParams); 

?> 

<!DOCTYPE HTML> 
<html> 
<head> 
    <title></title> 
</head> 

<body> 

    <form action=<?php echo $goToUrl; ?> method="post"> 
     <input type="submit" value="Click Me!"> 
    </form> 

</body> 

</html> 

謝謝!

回答

0

你試圖把(在POST請求體)的代碼,CLIENT_ID等變量作爲輸入參數,而不是在查詢字符串?谷歌示例demonstrate it that way

有安全原因,他們不應該在查詢字符串,如果你following the OAuth 2 spec

+0

謝謝,我創建了一個自定義的PHP CURL函數來傳遞我的參數,現在一切正常工作:) – onlydrinktea