creatorshub/oauth2-youtube

The PHP League OAuth2-Client 的 YouTube OAuth 2.0 客户端提供程序

维护者

详细信息

gitlab.com/creatorshub/oauth2-youtube

源代码

问题

安装: 80

依赖项: 0

建议者: 0

安全性: 0

星标: 0

分支: 1

v1.0.1 2017-07-24 00:19 UTC

Requires

Requires (Dev)

MIT 414c22d2b98650f0b111ee794f9e7e721567d628

authorizationAuthenticationclientoauthoauth2googleyoutube

This package is auto-updated.

Last update: 2024-08-29 04:47:58 UTC

README

本软件包为 PHP League 的 OAuth 2.0 客户端 提供YouTube OAuth 2.0 支持。

本软件包符合 PSR-1PSR-2PSR-4 规范。如果您发现任何不符合规范的地方,请通过拉取请求发送补丁。

需求

以下版本的PHP受支持:

  • PHP 5.6
  • PHP 7.0
  • PHP 7.1
  • HHVM

安装

要安装,请使用composer

composer require creatorshub/oauth2-youtube

使用方法

授权码流

$provider = new CreatorsHub\OAuth2\Client\Provider\YouTube([
    'clientId'     => '{google-client-id}',
    'clientSecret' => '{google-client-secret}',
    'redirectUri'  => 'https://example.com/callback-url'
]);

// If we don't have an authorization code then get one
if (!isset($_GET['code'])) {

    // Fetch the authorization URL from the provider; this returns the
    // urlAuthorize option and generates and applies any necessary parameters
    // (e.g. state).
    $authorizationUrl = $provider->getAuthorizationUrl();

    // Get the state generated for you and store it to the session.
    $_SESSION['oauth2state'] = $provider->getState();

    // Redirect the user to the authorization URL.
    header('Location: ' . $authorizationUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || (isset($_SESSION['oauth2state']) && $_GET['state'] !== $_SESSION['oauth2state'])) {

    if (isset($_SESSION['oauth2state'])) {
        unset($_SESSION['oauth2state']);
    }
    
    exit('Invalid state');

} else {

    try {

        // Try to get an access token using the authorization code grant.
        $accessToken = $provider->getAccessToken('authorization_code', [
            'code' => $_GET['code']
        ]);

        // We have an access token, which we may use in authenticated
        // requests against the service provider's API.
        echo 'Access Token: ' . $accessToken->getToken() . "<br>";
        echo 'Refresh Token: ' . $accessToken->getRefreshToken() . "<br>";
        echo 'Expired in: ' . $accessToken->getExpires() . "<br>";
        echo 'Already expired? ' . ($accessToken->hasExpired() ? 'expired' : 'not expired') . "<br>";

        // Using the access token, we may look up details about the
        // resource owner.
        $resourceOwner = $provider->getResourceOwner($accessToken);

        var_export($resourceOwner->toArray());

        // You can also use these functions:
        $channelId = $resourceOwner->getId();
        $channelName = $resourceOwner->getName(); // or $resourceOwner->getTitle();
        $channelAvatar = $resourceOwner->getAvatarUrl($size = 'default');
        $channelDescription = $resourceOwner->getDescription();

    } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {

        // Failed to get the access token or user details.
        exit($e->getMessage());

    }

}

刷新令牌

刷新令牌仅提供给请求离线访问的应用程序。您可以通过在提供程序中设置 accessType 选项来指定离线访问

$provider = new CreatorsHub\OAuth2\Client\Provider\YouTube([
    'clientId'     => '{google-client-id}',
    'clientSecret' => '{google-client-secret}',
    'redirectUri'  => 'https://example.com/callback-url',
    'accessType'   => 'offline',
]);

请注意,刷新令牌仅在第一次请求时返回,之后它将是 null。您应在返回时安全地存储刷新令牌

$token = $provider->getAccessToken('authorization_code', [
    'code' => $code
]);

// persist the token in a database
$refreshToken = $token->getRefreshToken();

如果您需要获取新的刷新令牌,可以通过强制审批提示来请求一个

$authUrl = $provider->getAuthorizationUrl(['approval_prompt' => 'force']);

现在您已经拥有了使用刷新令牌刷新访问令牌所需的一切

$provider = new CreatorsHub\OAuth2\Client\Provider\YouTube([
    'clientId'     => '{google-app-id}',
    'clientSecret' => '{google-app-secret}',
    'redirectUri'  => 'https://example.com/callback-url',
]);

$grant = new League\OAuth2\Client\Grant\RefreshToken();
$token = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);

作用域

如果需要,您可以在获取授权URL时包含作用域数组。示例

$authorizationUrl = $provider->getAuthorizationUrl([
    'scope' => [
        'https://www.googleapis.com/auth/youtube', // Manage your YouTube account
        'https://www.googleapis.com/auth/youtube.force-ssl', // Manage your YouTube account
        'https://www.googleapis.com/auth/youtube.readonly', // iew your YouTube account
        'https://www.googleapis.com/auth/youtube.upload', // Manage your YouTube videos
        'https://www.googleapis.com/auth/youtubepartner', // View and manage your assets and associated content on YouTube
        'https://www.googleapis.com/auth/youtubepartner-channel-audit', // View private information of your YouTube channel relevant during the audit process with a YouTube partner
    ]
]);
header('Location: ' . $authorizationUrl);
exit;

测试

$ ./vendor/bin/phpunit

贡献

有关详细信息,请参阅 CONTRIBUTING

致谢

许可证

MIT许可证(MIT)。有关更多信息,请参阅 许可证文件