0

我尝试使用谷歌联合登录功能来检索用户信息,以便为我的网站实现一键注册功能。

我已检索到客户端的所有信息。我使用了几个隐藏的输入字段来存储名称、电子邮件等参数的值。但是,当我从后面的代码中访问这些字段时,我得到了空值

以下是我检查问题所采取的步骤: 1. 我确保每个输入字段都有 [runat="server"] 标记,并确保所有值都从 google 正确返回。2. 我已确保所有输入字段都在表单内

我想知道是不是因为我点击google+登录按钮后没有提交表单,按钮如下:

<div id="signin-button" class="slidingDiv">
 <div class="g-signin" data-callback="loginFinishedCallback"
  data-approvalprompt="force"
  data-clientid="....."
  data-scope="  https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/plus.me "
  data-height="short"
  data-cookiepolicy="single_host_origin"
  >
</div>
</div>

此按钮将引导我进入其他功能,以验证我的凭据并返回我请求的参数。我想知道如何修改它,以便在单击此按钮后提交表单?

如果不是由这个问题引起的,谁能想到我无法从后面的代码中获取隐藏输入值的其他可能原因?

这是我的回调函数

 function loginFinishedCallback(authResult) {
      if (authResult) {
          if (authResult['error'] == undefined) {
              gapi.auth.setToken(authResult); 
              toggleElement('signin-button'); /
              getInfo();

              document.getElementById('Button').click();
          } else {
              console.log('An error occurred');
          }
      } else {
          console.log('Empty authResult');  
      }
  }

getInfo 将获取所有 google plus 信息,并且 button.click() 应该从客户端检索信息到服务器端

4

1 回答 1

2

The Google+ Sign-In button currently does not POST form data but instead passes the authorization code and access token back to the page in the callback function configured in the button. You might be able to do something clever like use JavaScript to update a hidden field with the content (which you might already be doing?) and then use the data from that hidden field for OAuth 2 code exchange on your server side.

An alternate approach is used in the Google+ C# Quick Start sample. What that sample does is use an API endpoint to POST the authorization code that later is exchanged server-side for the OAuth 2 credentials.

I have thrown together some code that will pass the authorization code for authorizing your backend. It consists of the form frontend:

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="fedLogin.aspx.cs"     Inherits="GPlusQuickstartCsharp.fedLogin" %>

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <script type="text/javascript">
        var confirms = 0;
        function loginFinishedCallback(result) {
            console.log(result);
            if (result.access_token != null) {
              gapi.client.load('plus', 'v1', function(){
                gapi.client.load('oauth2', 'v2', function () {
                  gapi.client.plus.people.get({ userId: 'me' }).execute(
                    function (resp) {
                        document.getElementById('name').value = resp.displayName;
                        confirms += 1;
                        if (confirms > 1) {
                            document.getElementById('form1').submit();
                        }
                    });
              });
              gapi.client.load('oauth2', 'v2', function () {
                gapi.client.oauth2.userinfo.get().execute(
                    function (resp) {
                        document.getElementById('email').value = resp.email;
                        confirms += 1;
                        if (confirms > 1) {
                            document.getElementById('form1').submit();
                    }
                    });
                  });
                });
                document.getElementById('code').value = result.code;
            }
        }
    </script>
    <div id="signin-button" class="slidingDiv">
        <div class="g-signin" data-callback="loginFinishedCallback"
            data-clientid="....apps.googleusercontent.com"
            data-scope="https://www.googleapis.com/auth/userinfo.email"
            data-height="short"
            data-cookiepolicy="single_host_origin"
        >
    </div>
    </div>

    <form id="form1" runat="server" method="post">
    <div>
        <input type="hidden" name="code" id="code" />
        <input type="hidden" name="email" id="email" />
        <input type="hidden" name="name" id="name" />
    </div>
    </form>
</body>
<script type="text/javascript">
  (function () {
    var po = document.createElement('script');
    po.type = 'text/javascript'; po.async = true;
    po.src = 'https://plus.google.com/js/client:plusone.js';
    var s = document.getElementsByTagName('script')[0];
    s.parentNode.insertBefore(po, s);
  })();
</script>
</html>

And the code behind [C#]:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace GPlusQuickstartCsharp
{
    public partial class fedLogin : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (Request["code"] != null)
            {
                // Perform code exchange here
                var result = ManualCodeExchanger.ExchangeCode(Request["code"]);
            }

        }
    }
}

If you put a breakpoint at the var result = ... line, you can see the request variables in your immediate window, e.g.:

Request["code"]
"4/xUgz-_zWFAgpq4Kbfas66pV0oWJ8........."
Request["email"]
"gguuss@gmail.com"
Request["name"]
"Gus Class (Gus)"

Hope this helps!

Note: Although you need the client ID and client secret to exchange the one-time-code as demonstrated in the code, it's a best practice to protect it as best you can. I'm using a POST in an effort to protect the code in the form to help but you should also use https whenever you are passing around credentials.

于 2013-08-13T00:43:17.807 回答