drt96856
drt96856
2014-10-21 18:44

YouTube OAuth 2.0 - GET请求从var_dump()获取NULL;

已采纳

I've been working with YouTube OAuth 2.0 and i'm having some problems. I've been using the example and I've got up to the stage where the Google channel is being authenticated and redirecting back with a code.

When trying to send a GET request to grab some channel data from the OAuth scopes i'm getting a "NULL" response and i'm unsure why.

(Validate contains a working request)

echo "<a href='$validate'>Login with Google for advanced analytics</a>";


$channel_data = file_get_contents('https://www.googleapis.com/youtube/analytics/v1/reports?ids=channel%3D%3DMINE&start-date=2014-08-01&end-date=2014-09-01&metrics=views&key={api_key}');
$channel_data = json_decode($channel_data, true);

echo "<br />";
var_dump($channel_data);

It seems to work in the example request found https://developers.google.com/youtube/analytics/v1/

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

1条回答

  • doushou1298 doushou1298 7年前

    This seems to be a misunderstanding of how to implement OAuth 2.0.

    This step-by-step instruction is a summary of the site I've linked:

    1. create a client id for web application in the developer console
    2. make your user go to the auth url
    3. when he/she completed the process, the user will be redirected to the redirect uri you specified.
    4. on this page, your php script has to grab the code-query ($_GET['code'])
    5. next, you have to make a request (containing the code) to a page which provides you with an access token and a refresh token. An access token expires after 1h, then you have to get a new one with your refresh token
    6. once you have the access token, you can start making api requests

    On the website linked at the top, you'll find detailed instructions. Hope this helps :)


    UPDATE

    In order to exchange the code for the tokens, you have to perform a post request. I don't think that'l work with file_get_contents. I recommend using curl here.

    This code should work for you, but it's not tested:

    $url = 'https://accounts.google.com/o/oauth2/token';
    
    $postfields = [
        'code'=>'YOUR_CODE',
        'client_id'=>'YOUR_CLIENT_ID',
        'client_secret'=>'YOUR_CLIENT_SECRET',
        'redirect_uri'=>'YOUR_REDIRECT_URI',
        'grant_type'=>'authorization_code'
    ];
    
    
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
    
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
    
    curl_setopt($curl, CURLOPT_POST, count($postfields));
    curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postfields));
    
    $response = curl_exec($curl);
    curl_close($curl);
    
    $response = json_decode($response);
    

    $response now is an associative array with the keys access_token, token_type, expires_in, refresh_token. token_type is always Bearer and expires_in is always 3600. The other two are the important ones and you should store them safely!

    You can find your client id and client secret in the developer console.

    But please note that in this example, the ssl verification is disabled. That means your connection is not safe.

    点赞 评论 复制链接分享