Curl Catch Redirect Url參數-API請求的Oauth 2.0授權PHP腳本（例如VK）

Question

我在PHP中使用Oauth進行兩步授權存在問題。

第一個請求像：

$ AUTHORIZE_URL =' https: //oauth.vk.com/authorize?client_id=myID & scope=MyWall & redirect_uri= https: //oauth.vk.com/blank.html&response_type=code';

該請求正在使用“＃code = Anumber”參數重定向到https://oauth.vk.com/blank.html 。

之后，我有第二個請求，需要此代碼。

我使用Curl發出這些請求並解析第二個請求的Json結果，但是如何在curl中獲取重定向URL的參數。

我試圖解析答案的標題，但找不到位置。

編輯：

我的請求的示例代碼：

curl_setopt_array($ch = curl_init(), array(
    CURLOPT_USERAGENT => '',
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_FOLLOWLOCATION => false,
    CURLINFO_REDIRECT_URL => true,
    CURLOPT_BINARYTRANSFER => 1,
    CURLOPT_URL => $url 
));
curl_exec($ch);
$info=curl_getinfo($ch);
prin_r($info);
curl_close($ch);

Answer 1

好的，問題是您尚未登錄，如果您登錄了OAuth身份驗證，則會將您的代碼重定向到空白頁面，但是如果沒有登錄，則不會重定向，並且會顯示帶有登錄名的html頁面。

因此，為了獲得您必須登錄的代碼，可以使用瀏覽器登錄，然后從瀏覽器獲取cookie，並在代碼中使用它們。 如果只希望該代碼進行測試，則此選項很好。

第二個選項更加復雜，您必須以編程方式進行登錄，這意味着多個卷曲，保存cookie並將它們發送到下一個請求。 我為此OAuth身份驗證創建了一個示例，至少對我有用。 相當丑陋，但可以作為概念證明。

<?php
$email = "myemailorphone";
$pass = "mypassword";
$id = "myID";
//this url returns a login page
$url= "https://oauth.vk.com/authorize?".http_build_query(["client_id"=>$id,"scope"=>"MyWall","redirect_uri"=>"https://oauth.vk.com/blank.html","response_type"=>"code"]);

$b64url = str_replace("==","--",base64_encode($url)); //different base64 code, just to have all parameters
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch,CURLOPT_NOBODY,true);
curl_setopt($ch, CURLOPT_USERAGENT,"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($ch);
curl_close($ch);
$cookieString = "";
if(strpos($result,"log in")) {

    //get all the cookies
    preg_match_all('/^Set-Cookie:\s*([^;]*)/mi', $result, $matches);
    $cookies = array();
    foreach($matches[1] as $item) {
        parse_str($item, $cookie);
        $cookies = array_merge($cookies, $cookie);
    }
    $cookieString = "";
    foreach($cookies as $key=>$val){
        $cookieString .= $key."=".$val.";";
    }
    //CREATE LOGIN POST
    $ip_h = explode("name=\"ip_h\" value=\"",$result);
    $ip_h = substr($ip_h[1],0,18); // some hidden fields on that page, maybe important
    $lg_h = explode("name=\"lg_h\" value=\"",$result);
    $lg_h = substr($lg_h[1],0,18); // some hidden fields on that page, maybe important
    $fields = [
                    "origin"=>"https://oauth.vk.com",
                    "to"=>$b64url, // this is where it redirects after login, not used in the php code but, just for the request
                    "email"=>$email,//phone or email of user
                    "expire"=>0,
                    "pass"=>$pass, //your password
                    "ip_h"=>$ip_h,
                    "lg_h"=>$lg_h
              ];

    $post = http_build_query($fields);

    $login_url = "https://login.vk.com/?act=login&soft=1";

    $ch = curl_init($login_url);
    curl_setopt($ch, CURLOPT_HEADER, true);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Cookie: '.$cookieString));
    curl_setopt($ch, CURLOPT_USERAGENT,"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36");
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

    //get the new cookies
    $result = curl_exec($ch);
    preg_match_all('/^Set-Cookie:\s*([^;]*)/mi', $result, $matches);
    $login_cookies = array();
    foreach($matches[1] as $item) {
        parse_str($item, $cookie);
        $login_cookies = array_merge($login_cookies, $cookie);
    }
    foreach($login_cookies as $key=>$val){
        $cookieString .= $key."=".$val.";";
    }
    //get next location redirect
    preg_match_all('/^Location:\s*(.*)/mi', $result, $matches);
    $first_redirect = str_replace("\"","_",$matches[1][0]);
    $first_redirect = filter_var($first_redirect,FILTER_SANITIZE_URL); //sanitize url, because it returns unwanted chars

    //use the second location redirect 
    $ch = curl_init($first_redirect);
    curl_setopt($ch, CURLOPT_HEADER, true);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_USERAGENT,"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36");
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Cookie: '.$cookieString,"accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"));
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    $result = curl_exec($ch);
    curl_close($ch);


    //last location forward
    preg_match_all('/^Location:\s*(.*)/mi', $result, $matches);
    $second_redirect = str_replace("\"","_",$matches[1][0]);
    $second_redirect = filter_var($second_redirect,FILTER_SANITIZE_URL);


    $ch = curl_init($second_redirect);
    curl_setopt($ch, CURLOPT_HEADER, true);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_USERAGENT,"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36");
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Cookie: '.$cookieString,"accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"));
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    $result = curl_exec($ch);

    curl_close($ch);

    preg_match_all('/^Location:\s*(.*)/mi', $result, $matches);
    $blank = str_replace("\"","_",$matches[1][0]);
    $blank = filter_var($blank,FILTER_SANITIZE_URL);


    echo "Blank url: ".$blank;

}


 ?>