php 谷歌身份验证:OAuth2 不断返回“invalid_grant”
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/10025698/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Authentication on google: OAuth2 keeps returning 'invalid_grant'
提问by Michiel
I started to configure google calendar on my new application. I almost made an exact copy of the authentication code displayed at google developers ( https://developers.google.com/google-apps/calendar/instantiate), but i keep getting the following error:
我开始在我的新应用程序上配置谷歌日历。我几乎制作了谷歌开发者(https://developers.google.com/google-apps/calendar/instantiate)显示的身份验证代码的精确副本,但我不断收到以下错误:
Error fetching OAuth2 access token, message: 'invalid_grant'
获取 OAuth2 访问令牌时出错,消息:“invalid_grant”
I'm currently using Fork-CMS ( http://www.fork-cms.com), a young lightweigth CMS. I correctly configured the config.php file of the google-api-php-client. (client-id, client-secret, redirect-uri, development key,...) and the redirect uri is correctly set on the google api's console. My code looks as follows:
我目前正在使用 Fork-CMS ( http://www.fork-cms.com),一个年轻的轻量级 CMS。我正确配置了 google-api-php-client 的 config.php 文件。(client-id, client-secret, redirect-uri, development key,...) 并且在 google api 的控制台上正确设置了重定向 uri。我的代码如下所示:
<?php
/**
* This is a widget with a calendar implementation.
*
* @package frontend
* @subpackage events
*
* @author Michiel Vlaminck <[email protected]>
*/
class FrontendEventsWidgetCalendar extends FrontendBaseWidget
{
private $events = array();
private $authUrl = array();
/**
* Execute the extra
*
* @return void
*/
public function execute()
{
// call parent
parent::execute();
// load template
$this->loadTemplate();
// get data
$this->getData();
// parse
$this->parse();
}
/**
* Get the data from Google Calendar
* This method is only executed if the template isn't cached
*
* @return void
*/
private function getData()
{
require_once PATH_LIBRARY . '/external/google-api-php-client/src/apiClient.php';
require_once PATH_LIBRARY . '/external/google-api-php-client/src/contrib/apiCalendarService.php';
$client = new apiClient();
$service = new apiCalendarService($client);
if (isset($_SESSION['oauth_access_token'])) {
$client->setAccessToken($_SESSION['oauth_access_token']);
} else {
$token = $client->authenticate();
$_SESSION['oauth_access_token'] = $token;
}
if ($client->getAccessToken()) {
$calId = FrontendEventsModel::getCalendarId((int) $this->data['id']);
$calId = $calId[0]['calendar_id'];
$events = $service->events->listEvents($calId);
$this->events = $events['items'];
$_SESSION['oauth_access_token'] = $client->getAccessToken();
} else {
$this->authUrl = $client->createAuthUrl();
}
}
/**
* Parse
*
* @return void
*/
private function parse()
{
$this->tpl->assign('events', $this->events);
$this->tpl->assign('authUrl', $this->authUrl);
}
}
?>
When I open this widget-page for the first time, I get directed to google to authenticate the application. When I agree, I get redirected to my application and that's the point where I'm getting:
当我第一次打开这个小部件页面时,我被定向到谷歌来验证应用程序。当我同意时,我被重定向到我的应用程序,这就是我得到的点:
apiAuthException ? Main
Message Error fetching OAuth2 access token, message: 'invalid_grant'
File C:\wamp\www\Officevibes\library/external\google-api-php-client\src\auth\apiOAuth2.php
Line 105
Date Thu, 05 Apr 2012 08:34:47 +0000
URL http://localhost/calendar?code=4/YPUpFklKvhEeTcMm4moRth3x49oe
Referring URL (Unknown)
Request Method GET
User-agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.142 Safari/535.19
回答by janmoesen
You should reuse the access token you get after the first successful authentication. You will get an invalid_granterror if your previous token has not expired yet. Cache it somewhere so you can reuse it.
您应该重用第一次成功认证后获得的访问令牌。invalid_grant如果您之前的令牌尚未过期,您将收到错误消息。将它缓存在某个地方,以便您可以重用它。
回答by Sio
I was having a similar problem caused by the time on my server being incorrect. Make sure your system clock is synchronised.
由于服务器上的时间不正确,我遇到了类似的问题。确保您的系统时钟同步。
回答by Zach M.
Go to your Google API Console ( https://code.google.com/apis/console/) and revoke your Client Secret under Client ID for installed applications.
转到您的 Google API 控制台 ( https://code.google.com/apis/console/) 并在已安装应用程序的客户端 ID下撤销您的客户端密钥。
Be sure to also update your code with the new Client Secret
请务必使用新的客户端密钥更新您的代码
回答by Sebastiaan Hilbers
- Go to security.google.com
- Revoke access
- visit the authentication url again
- you will now get a new refreshtoken
- 转到 security.google.com
- 撤销访问
- 再次访问身份验证网址
- 您现在将获得一个新的刷新令牌
回答by Matt
You'll also receive this error if you mistakenly try to authenticate your ID Token, rather than your Access Token.
如果您错误地尝试验证您的ID Token而不是您的Access Token,您也会收到此错误。
So don't be like me - Make sure you pass the correct token into your code!
所以不要像我一样 - 确保您将正确的令牌传递到您的代码中!
