php 中使用 curl 的 OAuth 2.0

Question

I need to get my access_token and refresh_token for OAuth 2.0 to Access Google APIs, the php script below should return a json with access_token, refresh_token like this:

{
  "access_token" : "####",
  "token_type" : "Bearer",
  "expires_in" : 3600,
  "refresh_token" : "####"
}

but, the php script return me only this error message:

{
"error" : "invalid_request",
"error_description" : "Client must specify either client_id or client_assertion, not both"
}

I tried to remove client_secret/client_id and use only client_id/client_secret, but still get the same error.

PHP script

$client_id = '###.apps.googleusercontent.com';
$redirect_uri = 'http://localhost/phpConnectToDB/csv/refreshFusionTable.php';
$client_secret = '###';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://accounts.google.com/o/oauth2/token");

$code = $_REQUEST['code'];

curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);


curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'code' => $code,
'client_id' => $clientID,
'client_secret' => $clientSecret,
'redirect_uri' => $redirect_uri,
'grant_type' => 'authorization_code'
));

$data = curl_exec($ch);

var_dump($data);

Although curl in cmd works and returns me access and refresh token without any errors.

curl --data "code=###&client_id=###.apps.googleusercontent.com&client_secret=###&redirect_uri=http://localhost/phpConnectToDB/csv/refreshFusionTable.php&grant_type=authorization_code" https://accounts.google.com/o/oauth2/token

I don't understand why I get the missing scheme error, although the .php script exists and it's located on the given path. Could you help me please ?

EDIT

Problem with "Invalid parameter value for redirect_uri: Missing scheme" solved, I just replaced 'redirect_uri' => urlencode($redirect_uri), with this 'redirect_uri' => $redirect_uri, in CURLOPT_POSTFIELDS.

Answer 1

Wow, stupid mistake, I should have a rest.

The variables names don't match. I defined:

    $client_id = '###.apps.googleusercontent.com';
    $client_secret = '###';

But here I used an non-existing clientID and clientSecret :

    curl_setopt($ch, CURLOPT_POSTFIELDS, array(
    'code' => $code,
    'client_id' => $clientID,
    'client_secret' => $clientSecret,
    'redirect_uri' => $redirect_uri,
    'grant_type' => 'authorization_code'
    ));

Fixed and working PHP script

    $client_id = '###.apps.googleusercontent.com';
    $redirect_uri = 'http://localhost/phpConnectToDB/csv/refreshFusionTable.php';
    $client_secret = '###';

    $ch = curl_init();
    
    curl_setopt($ch, CURLOPT_URL, "https://accounts.google.com/o/oauth2/token");
    
    curl_setopt($ch, CURLOPT_POST, TRUE);
    
    $code = $_REQUEST['code'];

    // This option is set to TRUE so that the response
    // doesnot get printed and is stored directly in
    // the variable
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
    
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    
    curl_setopt($ch, CURLOPT_POSTFIELDS, array(
    'code' => $code,
    'client_id' => $client_id,
    'client_secret' => $client_secret,
    'redirect_uri' => $redirect_uri,
    'grant_type' => 'authorization_code'
    ));

    $data = curl_exec($ch);
    
    var_dump($data);

But I have to say that google provides a little misleading error message here, because I hadn't defined client_id nor client_secret and the error message was:

    {
    "error" : "invalid_request",
    "error_description" : "Client must specify either client_id or client_assertion, not both"
    }