推特 OAuth 1.0。 Opera 重定向失败
我目前正在网站上工作。授权有多种类型,其中之一是“通过 Twitter”。我正在使用 Abraham Williams 的 TwitterOAuth 库。我将尝试解释下面的脚本是如何工作的:
- 当您点击 index.php 中的“登录”按钮时,弹出窗口(login.php)将打开并要求授权应用程序与您的应用程序一起使用。 twitter 帐户
- 提交后,将被重定向到 api.twitter.com,并在 $_GET 参数中包含“访问令牌”。
- 然后 Twitter 授权该“令牌”,并返回回调 URL,该 URL 在 Twitter 应用程序的设置中定义。
它工作得很好,除了 Opera 在从 api.twitter.com 重定向到回调 URL 时出现问题。看起来根本没有执行重定向。
以下是来源:
index.php
<?php
session_start();
session_destroy();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script type="text/javascript">
function popup(url)
{
var addr = document.location.href.replace('index.php','');
popUpObj = window.open(addr + url, 'Twitter', 'width=700,height=600,menubar=yes,status=yes');
}
function transferdata(data)
{
if (data.screen_name)
{
(elem = document.getElementById('tw-login')).parentNode.removeChild(elem);
document.getElementById('menu').innerHTML = 'Hello, ' + data.screen_name;
}
else
document.getElementById('menu').innerHTML = 'Twitter didn\'t authorize you :(';
}
</script>
<style type="text/css">
#tw-login
{
display: block;
background-color: #ccc;
text-align: center;
font-family: "Trebuchet MS", Vernanda, serif;
color: #fff;
margin: 5px;
padding: 4px 6px;
text-decoration: none;
width: 80px;
}
#tw-logout
{
display: block;
background-color: #ccc;
text-align: center;
font-family: "Trebuchet MS", Vernanda, serif;
color: #fff;
margin: 5px;
padding: 4px 6px;
text-decoration: none;
width: 80px;
}
</style>
</head>
<body>
<a id="tw-login" href="" onclick="popup('login.php');">Log in</a>
<a id="tw-logout" href="session_clear.php">Log out</a>
<div id="menu">
</div>
</body>
</html>
login.php
<?php
session_start();
include 'twitteroauth/twitteroauth.php';
define('TWITTER_KEY', '*******');
define('TWITTER_KEY_SECRET', '*******');
$twitteroauth = new TwitterOAuth(TWITTER_KEY, TWITTER_KEY_SECRET);
$requestToken = $twitteroauth->getRequestToken();
$_SESSION['oauth_token'] = $requestToken['oauth_token'];
$_SESSION['oauth_token_secret'] = $requestToken['oauth_token_secret'];
if($twitteroauth->http_code == 200)
{
$url = $twitteroauth->getAuthorizeURL($requestToken['oauth_token']);
header('Location: ' . $url);
}
else
{
die('Something wrong happened.');
}
callback.php
<?php
session_start();
include 'twitteroauth/twitteroauth.php';
define('TWITTER_KEY', '*******');
define('TWITTER_KEY_SECRET', '*******');
if (!empty($_GET['oauth_verifier']) && !empty($_SESSION['oauth_token']) && !empty($_SESSION['oauth_token_secret']))
{
$twitteroauth = new TwitterOAuth(TWITTER_KEY, TWITTER_KEY_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
$accessToken = $twitteroauth->getAccessToken($_GET['oauth_verifier']);
$_SESSION['access_token'] = $accessToken;
$userinfo = $twitteroauth->get('account/verify_credentials');
}
else
header('Location: login.php');
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script type="text/javascript">
$(document).ready(SendToMain());
function SendToMain()
{
if(window.opener != null || !window.opener.closed)
{
window.opener.transferdata(<?php echo json_encode($userinfo); ?>);
window.close();
}
}
</script>
</head>
<body>
</body>
</html>
session_clear.php
<?php
session_start();
session_destroy();
header('Location: index.php');
I'm currently working on the website. There will be several types of authorization, and one of them is "via Twitter". I'm using TwitterOAuth Library by Abraham Williams. I'll try to explain how the script below works:
- When you hit "Log in" button at index.php the popup window(login.php) opens and asks to authorize the application to work with your twitter account
- When submitted, it is redirected to api.twitter.com with "access token" in $_GET parameter.
- Then twitter authorizes that "token", and returns to callback URL, which is defined in the settings of a twitter application.
It works perfect, except opera has problems when redirecting from api.twitter.com to callback URL. It just seems that redirect isn't performed at all.
Here are the sources:
index.php
<?php
session_start();
session_destroy();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script type="text/javascript">
function popup(url)
{
var addr = document.location.href.replace('index.php','');
popUpObj = window.open(addr + url, 'Twitter', 'width=700,height=600,menubar=yes,status=yes');
}
function transferdata(data)
{
if (data.screen_name)
{
(elem = document.getElementById('tw-login')).parentNode.removeChild(elem);
document.getElementById('menu').innerHTML = 'Hello, ' + data.screen_name;
}
else
document.getElementById('menu').innerHTML = 'Twitter didn\'t authorize you :(';
}
</script>
<style type="text/css">
#tw-login
{
display: block;
background-color: #ccc;
text-align: center;
font-family: "Trebuchet MS", Vernanda, serif;
color: #fff;
margin: 5px;
padding: 4px 6px;
text-decoration: none;
width: 80px;
}
#tw-logout
{
display: block;
background-color: #ccc;
text-align: center;
font-family: "Trebuchet MS", Vernanda, serif;
color: #fff;
margin: 5px;
padding: 4px 6px;
text-decoration: none;
width: 80px;
}
</style>
</head>
<body>
<a id="tw-login" href="" onclick="popup('login.php');">Log in</a>
<a id="tw-logout" href="session_clear.php">Log out</a>
<div id="menu">
</div>
</body>
</html>
login.php
<?php
session_start();
include 'twitteroauth/twitteroauth.php';
define('TWITTER_KEY', '*******');
define('TWITTER_KEY_SECRET', '*******');
$twitteroauth = new TwitterOAuth(TWITTER_KEY, TWITTER_KEY_SECRET);
$requestToken = $twitteroauth->getRequestToken();
$_SESSION['oauth_token'] = $requestToken['oauth_token'];
$_SESSION['oauth_token_secret'] = $requestToken['oauth_token_secret'];
if($twitteroauth->http_code == 200)
{
$url = $twitteroauth->getAuthorizeURL($requestToken['oauth_token']);
header('Location: ' . $url);
}
else
{
die('Something wrong happened.');
}
callback.php
<?php
session_start();
include 'twitteroauth/twitteroauth.php';
define('TWITTER_KEY', '*******');
define('TWITTER_KEY_SECRET', '*******');
if (!empty($_GET['oauth_verifier']) && !empty($_SESSION['oauth_token']) && !empty($_SESSION['oauth_token_secret']))
{
$twitteroauth = new TwitterOAuth(TWITTER_KEY, TWITTER_KEY_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
$accessToken = $twitteroauth->getAccessToken($_GET['oauth_verifier']);
$_SESSION['access_token'] = $accessToken;
$userinfo = $twitteroauth->get('account/verify_credentials');
}
else
header('Location: login.php');
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script type="text/javascript">
$(document).ready(SendToMain());
function SendToMain()
{
if(window.opener != null || !window.opener.closed)
{
window.opener.transferdata(<?php echo json_encode($userinfo); ?>);
window.close();
}
}
</script>
</head>
<body>
</body>
</html>
session_clear.php
<?php
session_start();
session_destroy();
header('Location: index.php');
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您的重定向 URI 不使用 ssl。要解决此问题,请改用 https。
Your redirect URI doesn't use ssl. To resolve this problem use an https instead.
您必须向某些浏览器发送状态代码(例如 301 或 303),然后它们才会重定向。尝试这样的事情:
You have to send some browsers a status code like 301 or 303 before they will redirect. Try something like this: