[英]Curl Catch Redirect Url parameters - Oauth 2.0 Authorisation PHP script for API request (VK for example)
我在PHP中使用Oauth進行兩步授權存在問題。
第一個請求像:
$ AUTHORIZE_URL =' https: //oauth.vk.com/authorize?client_id=myID & scope=MyWall & redirect_uri= https: //oauth.vk.com/blank.html&response_type=code';
該請求正在使用“#code = Anumber”參數重定向到https://oauth.vk.com/blank.html 。
之后,我有第二個請求,需要此代碼。
我使用Curl發出這些請求並解析第二個請求的Json結果,但是如何在curl中獲取重定向URL的參數。
我試圖解析答案的標題,但找不到位置。
編輯:
我的請求的示例代碼:
curl_setopt_array($ch = curl_init(), array(
CURLOPT_USERAGENT => '',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => false,
CURLINFO_REDIRECT_URL => true,
CURLOPT_BINARYTRANSFER => 1,
CURLOPT_URL => $url
));
curl_exec($ch);
$info=curl_getinfo($ch);
prin_r($info);
curl_close($ch);
好的,問題是您尚未登錄,如果您登錄了OAuth身份驗證,則會將您的代碼重定向到空白頁面,但是如果沒有登錄,則不會重定向,並且會顯示帶有登錄名的html頁面。
因此,為了獲得您必須登錄的代碼,可以使用瀏覽器登錄,然后從瀏覽器獲取cookie,並在代碼中使用它們。 如果只希望該代碼進行測試,則此選項很好。
第二個選項更加復雜,您必須以編程方式進行登錄,這意味着多個卷曲,保存cookie並將它們發送到下一個請求。 我為此OAuth身份驗證創建了一個示例,至少對我有用。 相當丑陋,但可以作為概念證明。
<?php
$email = "myemailorphone";
$pass = "mypassword";
$id = "myID";
//this url returns a login page
$url= "https://oauth.vk.com/authorize?".http_build_query(["client_id"=>$id,"scope"=>"MyWall","redirect_uri"=>"https://oauth.vk.com/blank.html","response_type"=>"code"]);
$b64url = str_replace("==","--",base64_encode($url)); //different base64 code, just to have all parameters
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch,CURLOPT_NOBODY,true);
curl_setopt($ch, CURLOPT_USERAGENT,"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($ch);
curl_close($ch);
$cookieString = "";
if(strpos($result,"log in")) {
//get all the cookies
preg_match_all('/^Set-Cookie:\s*([^;]*)/mi', $result, $matches);
$cookies = array();
foreach($matches[1] as $item) {
parse_str($item, $cookie);
$cookies = array_merge($cookies, $cookie);
}
$cookieString = "";
foreach($cookies as $key=>$val){
$cookieString .= $key."=".$val.";";
}
//CREATE LOGIN POST
$ip_h = explode("name=\"ip_h\" value=\"",$result);
$ip_h = substr($ip_h[1],0,18); // some hidden fields on that page, maybe important
$lg_h = explode("name=\"lg_h\" value=\"",$result);
$lg_h = substr($lg_h[1],0,18); // some hidden fields on that page, maybe important
$fields = [
"origin"=>"https://oauth.vk.com",
"to"=>$b64url, // this is where it redirects after login, not used in the php code but, just for the request
"email"=>$email,//phone or email of user
"expire"=>0,
"pass"=>$pass, //your password
"ip_h"=>$ip_h,
"lg_h"=>$lg_h
];
$post = http_build_query($fields);
$login_url = "https://login.vk.com/?act=login&soft=1";
$ch = curl_init($login_url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Cookie: '.$cookieString));
curl_setopt($ch, CURLOPT_USERAGENT,"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
//get the new cookies
$result = curl_exec($ch);
preg_match_all('/^Set-Cookie:\s*([^;]*)/mi', $result, $matches);
$login_cookies = array();
foreach($matches[1] as $item) {
parse_str($item, $cookie);
$login_cookies = array_merge($login_cookies, $cookie);
}
foreach($login_cookies as $key=>$val){
$cookieString .= $key."=".$val.";";
}
//get next location redirect
preg_match_all('/^Location:\s*(.*)/mi', $result, $matches);
$first_redirect = str_replace("\"","_",$matches[1][0]);
$first_redirect = filter_var($first_redirect,FILTER_SANITIZE_URL); //sanitize url, because it returns unwanted chars
//use the second location redirect
$ch = curl_init($first_redirect);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT,"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Cookie: '.$cookieString,"accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($ch);
curl_close($ch);
//last location forward
preg_match_all('/^Location:\s*(.*)/mi', $result, $matches);
$second_redirect = str_replace("\"","_",$matches[1][0]);
$second_redirect = filter_var($second_redirect,FILTER_SANITIZE_URL);
$ch = curl_init($second_redirect);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT,"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Cookie: '.$cookieString,"accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($ch);
curl_close($ch);
preg_match_all('/^Location:\s*(.*)/mi', $result, $matches);
$blank = str_replace("\"","_",$matches[1][0]);
$blank = filter_var($blank,FILTER_SANITIZE_URL);
echo "Blank url: ".$blank;
}
?>
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.