OAuth2，令牌密钥不保留会话

Question

因此，当我刷新会话到期时，我正在尝试保持会话的活力，这给了我以下内容：

接收错误:400个原始响应：{“错误”：“SESSION_EXPIRED”，“error_description”：“会话过期”}

下面是我基于雅虎双子座文档上的例子编写的代码，我已经读过了，但是没有任何关于停止会话到期的内容。

<?php
/* Example code to access Gemini API: Fetch advertiser information, create a new campaign and read specific campaign data

Prerequisites:
  1. Sign up for an account on https://admanager.yahoo.com
  2. Download YahooOAuth2.class.php file from here: https://github.com/saurabhsahni/php-yahoo-oauth2/blob/master/YahooOAuth2.class.php
  3. PHP modules for json_decode & curl
  4. A webserver running this code on port 80/443. Yahoo OAuth callback is only supported on these ports
*/
require "YahooOAuth2.class.php";
session_start();
#Your Yahoo API consumer key & secret with access to Gemini data

define("CONSUMER_KEY","<your consumer key>");
define("CONSUMER_SECRET","<your consumer secret>");
$redirect_uri="http://".$_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'];//Or your other redirect URL - must match the callback domain

$gemini_api_endpoint="https://api.admanager.yahoo.com/v1/rest";

$oauth2client=new YahooOAuth2();

if (isset($_GET['code'])){
    $code=$_GET['code'];
    $_SESSION['code'] = $_GET['code'];
}
else {
    $code=0;
}

if($code){
     #oAuth 3-legged authorization is successful, fetch access token
     $_SESSION['token'] = $oauth2client->get_access_token(CONSUMER_KEY,CONSUMER_SECRET,$redirect_uri,$_SESSION['code']);

     #Access token is available. Do API calls.

     $headers = array('Authorization: Bearer '. $_SESSION['token'],'Accept: application/json','Content-Type: application/json');

     #Fetch Advertiser Name and Advertiser ID
     $url=$gemini_api_endpoint."/advertiser/";

     $resp=$oauth2client->fetch($url,$postdata="",$auth="",$headers);
     $jsonResponse = json_decode( $resp);
     $advertiserName = $jsonResponse->response[0]->advertiserName;
     $advertiserId = $jsonResponse->response[0]->id;
     echo "Welcome ".$advertiserName;
}
else {
    # no valid access token available, go to authorization server
    header("HTTP/1.1 302 Found");
    header("Location: " . $oauth2client->getAuthorizationURL(CONSUMER_KEY,$redirect_uri));
    exit;
}

?>

如您所见，我尝试了session_start();，将$_GET‘’code‘和$_GET’‘token’保存到会话中，但这是行不通的。

我说得对吗?这是存钱的问题吗？我花了一天时间在这上面，感觉好像在绕圈。

Answer 1

下面的代码适用于我。如果这对我有帮助，请告诉我。

对于第一个查询，请尝试如下：

require "YahooOAuth2.class.php"; 

#Your Yahoo API consumer key & secret with access to Gemini data 
define("CONSUMER_KEY","");
define("CONSUMER_SECRET","");
$redirect_uri="http://".$_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'];//Or your other redirect URL - must match the callback domain 

$gemini_api_endpoint="https://api.admanager.yahoo.com/v1/rest";
$oauth2client=new YahooOAuth2();

if (isset($_GET['code'])){
$code=$_GET['code'];  
} 
else {
$code=0;
}

if($code){
#oAuth 3-legged authorization is successful, fetch access token  
$tokens=$oauth2client->get_access_token(CONSUMER_KEY,CONSUMER_SECRET,$redirect_uri,$code);

#Access token is available. Do API calls.   
$headers= array('Authorization: Bearer '.$tokens['a'],'Accept: application/json','Content-Type: application/json');
#Fetch Advertiser Name and Advertiser ID
$url=$gemini_api_endpoint."/reports/custom";
$resp=$oauth2client->fetch($url,$postdata=$json,$auth="",$headers);
$jsonResponse = json_decode( $resp );
}

else {
# no valid access token available, go to authorization server 
header("HTTP/1.1 302 Found");
header("Location: " . $oauth2client->getAuthorizationURL(CONSUMER_KEY,$redirect_uri));
exit;
}

然后，对于下一个查询(如果需要，可以通过循环重用该查询)：

$refreshThis = $tokens['r'];

$gemini_api_endpoint="https://api.admanager.yahoo.com/v1/rest";
$oauth2client=new YahooOAuth2();


if($code){
#oAuth 3-legged authorization is successful, fetch access token  
$tokens=$oauth2client->get_new_access_token(CONSUMER_KEY,CONSUMER_SECRET,$redirect_uri,$refreshThis);

#Access token is available. Do API calls.   
$headers= array('Authorization: Bearer '.$tokens['a'],'Accept: application/json','Content-Type: application/json');
#Fetch Advertiser Name and Advertiser ID
// $url=$gemini_api_endpoint."/campaign/347026014";
$url=$gemini_api_endpoint."/reports/custom";
$resp=$oauth2client->fetch($url,$postdata=$json,$auth="",$headers);
$jsonResponse = json_decode( $resp );
// $advertiserName = $jsonResponse->response[0]->advertiserName; 
// $advertiserId = $jsonResponse->response[0]->id; 
// echo "Welcome ".$advertiserName;
}
else {
# no valid access token available, go to authorization server 
header("HTTP/1.1 302 Found");
header("Location: " . $oauth2client->getAuthorizationURL(CONSUMER_KEY,$redirect_uri));
exit;
}

来自YahooOAuth2.class.php文件：

public function get_new_access_token($clientId, $clientSecret,$redirect_uri,$refreshThis) {
    $url=self::TOKEN_ENDPOINT;

    $postdata=array("redirect_uri"=>$redirect_uri,"refresh_token"=>$refreshThis,"grant_type"=>"refresh_token");
$auth=$clientId . ":" . $clientSecret;
    $response=self::fetch($url,$postdata,$auth); 
 // Convert the result from JSON format to a PHP array 
$jsonResponse = json_decode( $response );

$token['a'] = $jsonResponse->access_token;
$token['r'] = $jsonResponse->refresh_token;

var_dump($token['a']);
var_dump($token['r']);

    return $token;

}