使用HybridAuth在重定向循环中登录Google
[英]Google login in redirect loop using HybridAuth
问题描述
I am using atticmedia/anvard package in laravel for social login. 
我在laravel中使用atticmedia / anvard软件包进行社交登录。 Login for the facebook works fine, but when I login using google, it stays in a redirect loop. 登录facebook工作正常,但是当我使用google登录时,它处于重定向循环中。 The google login page is successfully shown and when i have given access it redirects back to http://domain.com/endpoint?hauth.done=Google&code=XXXX# Google登录页面成功显示,当我获得访问权限后,它会重定向回http://domain.com/endpoint?hauth.done=Google&code=XXXX#
I have no idea why is this not working. 我不知道为什么这不起作用。 Any help would be appreciated. 任何帮助,将不胜感激。 Thanks. 谢谢。
2 个解决方案
解决方案1
0 2015-12-09 08:13:39
Basic steps 基本步骤
Protocol Flow 协议流程
+--------+ +---------------+
| |--(A)- Authorization Request ->| Resource |
| | | Owner |
| |<-(B)-- Authorization Grant ---| |
| | +---------------+
| |
| | +---------------+
| |--(C)-- Authorization Grant -->| Authorization |
| Client | | Server |
| |<-(D)----- Access Token -------| |
| | +---------------+
| |
| | +---------------+
| |--(E)----- Access Token ------>| Resource |
| | | Server |
| |<-(F)--- Protected Resource ---| |
+--------+ +---------------+
Figure 1: Abstract Protocol Flow
The abstract OAuth 2.0 flow illustrated in Figure 1 describes the interaction between the four roles and includes the following steps: 图1所示的抽象OAuth 2.0流程描述了四个角色之间的交互,并包括以下步骤:
(A) The client requests authorization from the resource owner. (A)客户端请求资源所有者的授权。 The authorization request can be made directly to the resource owner (as shown), or preferably indirectly via the authorization server as an intermediary. 可以直接向资源所有者发出授权请求(如图所示),或者最好通过授权服务器作为中介间接进行授权。
(B) The client receives an authorization grant, which is a credential representing the resource owner's authorization, expressed using one of four grant types defined in this specification or using an extension grant type. (B)客户端收到授权授予,该授权授予是表示资源所有者授权的凭据,使用本规范中定义的四种授权类型之一或扩展授权类型表示。 The authorization grant type depends on the method used by the client to request authorization and the types supported by the authorization server. 授权授予类型取决于客户端请求授权所使用的方法以及授权服务器支持的类型。
(C) The client requests an access token by authenticating with the authorization server and presenting the authorization grant. (C)客户端通过与授权服务器进行身份验证并提供授权授权来请求访问令牌。
(D) The authorization server authenticates the client and validates the authorization grant, and if valid, issues an access token. (D)授权服务器对客户端进行身份验证并验证授权授权,如果有效,则颁发访问令牌。
(E) The client requests the protected resource from the resource server and authenticates by presenting the access token. (E)客户端从资源服务器请求受保护的资源,并通过提供访问令牌进行身份验证。
(F) The resource server validates the access token, and if valid, serves the request. (F)资源服务器验证访问令牌,如果有效,则为请求提供服务。
Answer 回答
You must have redirected the user to authorisation and after authroisation user is redirected to callback url provided. 您必须已将用户重定向到授权,并且在身份验证后将用户重定向到提供的回调URL。 Its your Callback URL for your application basically you have completed the step number 4 of Protocol Flow 您的应用程序的回调URL基本上,您已经完成了协议流程的第4步
解决方案2
0 已采纳 2015-12-09 11:17:23
Apparently you need to enable Google+ and Contacts API in the APIs google console. 显然,您需要在APIs google控制台中启用Google+和Contacts API。 Wandered two days and this was the issue. 徘徊了两天,这就是问题所在。 I feel so stupid. 我真傻 But seems like this information isnt mentioned much in the internet. 但是似乎这些信息在互联网上没有被提及太多。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.