2

我正在尝试对基本代码进行一些自定义以向 Dropbox 进行身份验证。我希望我的应用程序直接对用户进行身份验证,而不涉及第三次身份验证。所以基本上我想要的唯一身份验证是针对 Dropbox。目前我有两个问题:

  1. 我附带的代码进入无限重定向循环。

  2. 我收到以下我认为与以下有关的 php 错误$_SESSION

    [Mon May 25 12:45:40.651325 2015] [:error] [pid 6568] [client 127.0.0.1:48900] PHP Fatal error:  Uncaught exception 'Dropbox\\WebAuthException_Csrf' with message 'Expected '0_2rtH-FFcAqzX4JLKPVKw==', got 'zdmJEkNgto3lA7qAgGW2SQ=='.' in /var/www/php/oauth/vendor/dropbox/dropbox-sdk/lib/Dropbox/WebAuth.php:242\nStack trace:\n#0 /var/www/php/oauth/web/dropbox_finish.php(11): Dropbox\\WebAuth->finish(Array)\n#1 {main}\n  thrown in /var/www/php/oauth/vendor/dropbox/dropbox-sdk/lib/Dropbox/WebAuth.php on line 242

这是我的代码start.php

session_start();
require_once __DIR__.'/../vendor/autoload.php';
$key = "fttwagu78r37ped";
$secret = "9s10lkjhrwpujbl";
$GLOBALS['app_name'] = "oauth-php/1.0";
$GLOBALS['redirectURI'] = "https://oauth.dev/dropbox_finish.php";
$GLOBALS['HomeURI'] = "https://oauth.dev";

$appInfo = new Dropbox\AppInfo($key, $secret);
$csrfTokenStore = new Dropbox\ArrayEntryStore($_SESSION, 'dropbox-auth-csrf-token');
$webAuth = new Dropbox\WebAuth($appInfo, $GLOBALS['app_name'], $GLOBALS['redirectURI'], $csrfTokenStore);

$authURL = $webAuth->start();
header("Location: $authURL");

dropbox_finish.php

require_once "../app/start.php";
try {
   list($accessToken, $userId, $urlState) = $webAuth->finish($_GET);
   assert($urlState === null);  // Since we didn't pass anything in start()
}
catch (dbx\WebAuthException_BadRequest $ex) {
   error_log("/dropbox-auth-finish: bad request: " . $ex->getMessage());
   // Respond with an HTTP 400 and display error page...
}

谁能帮我解决这个问题?

4

1 回答 1

1

看起来您正在包括start.phpin dropbox_finish.php,但会start.php调用$webAuth->start()然后重定向用户。

确保您包含的部分dropbox_finish.php没有该调用并且没有设置Location标题。

于 2015-05-25T11:29:54.873 回答