>我正在尝试撤销来自 Web 应用程序的访问权限。这是我的代码:
当用户登录时:
$scriptUri = "http:...";
$client = new Google_Client();
$client->setAccessType('online');
$client->setApplicationName('xxx');
$client->setClientId('xxx');
$client->setClientSecret('xxx');
$client->setRedirectUri($scriptUri);
$client->setDeveloperKey('xxx'); // API key
$client->setScopes(array('https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile'));
$oauth2 = new Google_Service_Oauth2($client);
if (isset($_GET['code']) && isset($_GET["google"])){
$client->authenticate($_GET['code']);
$token = $client->getAccessToken();
$client->setAccessToken($token);
$_SESSION['google_token'] = $token;
}
这是我想撤销应用程序时的代码:
$ch = curl_init("https://accounts.google.com/o/oauth2/revoke?token=".$_SESSION['google_token'].";");
curl_exec($ch);
curl_close($ch)
结果是一个未找到的页面,上面写着The requested URL /v2/{ "error" : "invalid_token"} was not found on this server.
我不确定这是否是撤销访问权限的正确方法。谢谢。
我尝试了您的代码并遇到了相同的错误。看看你是如何连接字符串的:
$ch = curl_init("https://accounts.google.com/o/oauth2/revoke?token=".$_SESSION['google_token'].";");
PHP 很容易允许在串联字符串上提交语法错误。对我有用的修复是:
$RevokeTokenURL="https://accounts.google.com/o/oauth2/revoke?token=".$_SESSION['google_token'];
$ch = curl_init($RevokeTokenURL);
如果你需要它,我的完整代码是:
if(isset($_GET['action']) && $_GET['action'] == 'logout') {
session_destroy();
header('Location:'.$RedirectURL);
$RevokeTokenURL="https://accounts.google.com/o/oauth2/revoke?token=".$_SESSION['google_token'];
$ch = curl_init($RevokeTokenURL);
curl_exec($ch);
curl_close($ch);
}
我认为这应该有效..
$revokeURL = "https://accounts.google.com/o/oauth2/revoke?token=".$access_token;
$ch = curl_init();
$options = array(
CURLOPT_URL => $revokeURL,
CURLOPT_HEADER => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => true, //verify HTTPS
CURLOPT_SSL_CIPHER_LIST => 'TLSv1'); //remove this line if curl SSL error
curl_setopt_array($ch, $options); //setup
$response = curl_exec($ch); //run
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); //get HTTP code
if ($httpCode == 200)
{
echo "Success"; // .$response;
}
else
{
echo "Error : ".$httpCode."__".curl_error($ch);
}
curl_close($ch);```
基于 https://developers.google.com/accounts/docs/OAuth2WebServer#tokenrevoke