問題描述

我一直在嘗試讓 Google 的日歷 API 在 PHP 網絡中運行申請，但我很難通過身份驗證.

I've been trying to get Google's Calendar API working in a PHP web application, but I'm having a hard time getting authenticated.

我想要做的是允許用戶與服務器已知的單個帳戶的日歷進行交互.

What I want to do is to allow users to interact with calendars of a single account known by the server.

OAuth 2.0 文檔 中涵蓋的每種類型的場景都談論用戶同意"這涉及登錄表單和個人用戶登錄，但我希望服務器本身直接進行身份驗證并為自己獲取訪問令牌.

Each type of scenario covered in the OAuth 2.0 docs talks about "user consent" which involves a login form and the individual user logging in, but I want the server itself to authenticate directly and obtain an access token for itself.

是否有 OAuth 的某些部分或我可以使用的替代機制來執行此操作?

Is there some part of OAuth or some alternative mechanism I can use to do this?

推薦答案

為此，您必須完成用戶同意的步驟，然后將其提供給您的訪問令牌復制到 PHP 代碼中.

In order to do this, you must go through the steps for user consent and then copy the access tokens it gives you into the PHP code.

OAuth 通常的流程是這樣的:

The usual procedure for OAuth is like this:

1. 將用戶發送到身份驗證頁面.
2. 用戶返回 $_GET['code']
3. 將 $_GET['code'] 發送到 OAuth 服務器以獲取令牌
4. 在數據庫中為用戶存儲令牌(或會話，如果它非常短暫)

但是當使用這樣的單個日歷進行操作時，您需要修改步驟 4.相反，您將令牌轉儲到屏幕并將其作為變量復制到您的 PHP 文件中，而不是將其放入數據庫中.然后，當您將訪問令牌傳遞給服務器時，您只需傳遞已知的靜態令牌，而不是來自數據庫/會話的動態令牌.

But when doing it with a single calendar like this, you modify step 4. Instead, you dump the token to screen and copy it into your PHP file as variables, instead of putting it in the database. Then when you go to pass the access token to the server, you just pass the known, static token rather than a dynamic token from the database / session.

這篇關于服務器的 Google API 身份驗證的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！