使用Google进行身份验证而不使用重定向
I've been implementing an OAuth login via the Google Identity toolkit in php. I've got as far as getting an authenticated session, the userdata, id, photo etc, which seems to be working more or less ok.
However, I'd like to be able to login using methods that don't rely on redirection on the user's browser (thinking of remote APIs for an application), but bit lost on how to achieve this.
Imagine a request which is something like:
$details = new stdClass();
$details->secret = $config->secret;
$details->client_id = $config->client_id;
$details->app_name = 'my awesome oauth app';
$details->login = array();
$details->login['email'] = 'some google account email @ example.com';
$details->login['password'] = '1234';
$token = $this->do_auth($details);
if($token) {
// do stuff, setup cookies, insert token in session table etc
}
I'm using CodeIgniter. Are there any libraries that can do this..? I've seen android apps doing similar things, using custom login forms, so I'm guessing it's achievable in php.
我一直在通过php中的Google Identity工具包实现OAuth登录。 我已经获得了一个经过身份验证的会话,用户数据,身份证,照片等,这似乎或多或少都有效。 p>
但是,我希望能够 使用不依赖于用户浏览器上的重定向的方法进行登录(考虑应用程序的远程API),但是如何实现这一点却有点丢失。 p>
想象一下这样的请求: p>
$ details = new stdClass();
$ details-> secret = $ config-> secret;
$ details-> client_id = $ config-> client_id;
$ details-> app_name ='my awesome oauth app';
$ details-> login = array();
$ details-> login ['email'] ='some google account email @ example.com';
$ details-> login ['password'] ='1234';
$ token = $ this-> do_auth($ details);
if($ token){
//做东西,设置cookie,在会话表中插入令牌等
}
code> pre>
我正在使用CodeIgniter。 有没有可以做到这一点的图书馆..? 我已经看到Android应用程序在做类似的事情,使用自定义登录表单,所以我猜它可以在php中实现。 p>
div>
You HAVE to redirect, it's a core essential of the way OAuth works, there is no way around this. That's why there is a redirect_uri parameter.
You only have to do this once though: when the user is logging in and you are requesting an access token. After that, you simply use curl for example to request your data.