10

我试图为 wordpress 网站添加 Google+ 身份验证。我想要什么:如果用户未在网站上注册,则在 Google+ 中进行身份验证后 - 我将他重定向到他输入用户名的页面;如果用户已经注册 - 它将登录。这里是我的 js 代码:

function doGooglePlusLogin(authResult) {
    if (authResult['code']) {
        jQuery('#signinButton').attr('style', 'display: none');
        jQuery.ajax({
            url: '<?php echo site_url(); ?>/wp-admin/admin-ajax.php',
            type: 'get',
            dataType: 'json',
            data: {
                action: 'login_gplus',
                code: authResult['code']
            },
            success: function(result) {
            },
        });
    } else if (authResult['error']) {
    }
}

这是我的php代码:

function login_gplus() {
$response = array();

if (isset($_GET['code']) && !empty($_GET['code'])) {
    @session_start();
    $client = new Google_Client();
    $client->setApplicationName('Test');
    $client->setAccessType('offline');
    $client->setClientId(get_option(SOCIAL_GPLUS_CLIENT_ID));
    $client->setClientSecret(get_option(SOCIAL_GPLUS_CLIENT_SECRET));
    $client->setDeveloperKey(get_option(SOCIAL_GPLUS_API_KEY));
    $client->setRedirectUri(get_option(SOCIAL_GPLUS_REDIRECT_URIS));
    $client->setApprovalPrompt('auto');

    $code = $_GET['code'];
    $client->authenticate($code);

    $token = json_decode($client->getAccessToken());
    $reqUrl = 'https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=' . $token->access_token;
    $req = new Google_HttpRequest($reqUrl);

    $tokenInfo = json_decode(
            $client->getIo()
                    ->authenticatedRequest($req)
                    ->getResponseBody());

    if ($tokenInfo->error) {
        $response['test'] = $tokenInfo->error;
        send_json_response($response);
        die();
    }
    if ($tokenInfo->audience != get_option(SOCIAL_GPLUS_CLIENT_ID)) {
        $response['test'] = "Token's client ID does not match app's.";
        send_json_response($response);
        die();
    }
    $response['test'] = 'Succesfully connected with token: ' . print_r($token, true);
}
send_json_response($response);
die();
}

用户在 Google+ 中成功授权,但在 php 中我得到了这个:

致命错误:在 /var/www/html/v4/wp-content/plugins/social/google-plus/google-api/auth 中带有消息“获取 OAuth2 访问令牌时出错,消息:'redirect_uri_mismatch'”的未捕获异常“Google_AuthException” /Google_OAuth2.php:113堆栈跟踪:#0 /var/www/html/v4/wp-content/plugins/social/google-plus/google-api/Google_Client.php(131): Google_OAuth2->authenticate(Array, ' 4/ScmpTqEIWt0SJ...')#1 /var/www/html/v4/wp-content/plugins/social/google-plus/functions.php(35): Google_Client->authenticate('4/ScmpTqEIWt0SJ... ')#2 [内部函数]: login_gplus('')#3 /var/www/html/v4/wp-includes/plugin.php(406): call_user_func_array('login_gplus', Array)#4 /var/www /html/v4/wp-admin/admin-ajax.php(74): do_action('wp_ajax_nopriv_...')#5 {main} 在第 113 行抛出 /var/www/html/v4/wp-content/plugins/social/google-plus/google-api/auth/Google_OAuth2.php

在应用程序设置重定向 URI 中指定为http://example.com/wp-admin/admin-ajax.php。我做错了什么?

编辑

Google+ 登录按钮定义:

<span id="signinButton">
  <span class="g-signin"
   data-callback="doGooglePlusLogin"
   data-clientid="<?php echo $this->gplus_client_id; ?>"
   data-cookiepolicy="single_host_origin" data-accesstype="offline"
   data-requestvisibleactions="http://schemas.google.com/AddActivity"
   data-scope="https://www.googleapis.com/auth/plus.login">
  </span>
</span>

SOCIAL_GPLUS_REDIRECT_URIS 是example.com/wp-admin/admin-ajax.php?action=login_gplus

4

1 回答 1

22

您的代码基本上是正确的,但是有一个小怪癖,我可以看到没有很好的记录!您必须将 redirectURI 设置为 postmessage 而不是您使用的 URL。

$client->setRedirectUri('postmessage');

因此,它与按钮在 Javascript 交换期间为令牌设置的 URI 匹配。查看以下示例代码:https ://github.com/googleplus/gplus-quickstart-php/blob/master/signin.php以查看它的实际效果。我会确保我们在文档中添加注释。

于 2013-03-28T13:46:38.737 回答