如何将 youtube api 身份验证和权限响应从服务器传递到客户端浏览器
how to pass youtube api auth and permission response from server to client's webrowser
所以我有一个 Python 脚本正在 运行 服务器上(PHP 运行 它)。但是,脚本必须在 youtube 上对用户进行身份验证。当您 运行 它在本地打开浏览器时,允许进行身份验证并请求许可。一切正常。当我允许用户在服务器上 运行 它时,它会尝试在服务器上打开授权屏幕。我需要将响应传递给网络浏览器。
有任何想法吗?
我使用来自 youtube api 示例的授权脚本:
# The CLIENT_SECRETS_FILE variable specifies the name of a file that contains
# the OAuth 2.0 information for this application, including its client_id and
# client_secret. You can acquire an OAuth 2.0 client ID and client secret from
# the Google Developers Console at
# https://console.developers.google.com/.
# Please ensure that you have enabled the YouTube Data API for your project.
# For more information about using OAuth2 to access the YouTube Data API, see:
# https://developers.google.com/youtube/v3/guides/authentication
# For more information about the client_secrets.json file format, see:
# https://developers.google.com/api-client-library/python/guide/aaa_client_secrets
CLIENT_SECRETS_FILE = "client_secrets.json"
# This variable defines a message to display if the CLIENT_SECRETS_FILE is
# missing.
MISSING_CLIENT_SECRETS_MESSAGE = """
WARNING: Please configure OAuth 2.0
To make this sample run you will need to populate the client_secrets.json file
found at:
%s
with information from the Developers Console
https://console.developers.google.com/
For more information about the client_secrets.json file format, please visit:
https://developers.google.com/api-client-library/python/guide/aaa_client_secrets
""" % os.path.abspath(os.path.join(os.path.dirname(__file__),
CLIENT_SECRETS_FILE))
# This OAuth 2.0 access scope allows for full read/write access to the
# authenticated user's account.
YOUTUBE_READ_WRITE_SCOPE = "https://www.googleapis.com/auth/youtube"
YOUTUBE_API_SERVICE_NAME = "youtube"
YOUTUBE_API_VERSION = "v3"
flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE,
message=MISSING_CLIENT_SECRETS_MESSAGE,
scope=YOUTUBE_READ_WRITE_SCOPE)
storage = Storage("%s-oauth2.json" % sys.argv[0])
credentials = storage.get()
if credentials is None or credentials.invalid:
flags = argparser.parse_args()
credentials = run_flow(flow, storage, flags)
youtube = build(YOUTUBE_API_SERVICE_NAME, YOUTUBE_API_VERSION,
http=credentials.authorize(httplib2.Http()))
服务器端 web 应用非常简单,它允许选择脚本变体和配对设置,仅此而已。
当您在服务器中验证您的用户凭据时,您需要使用 Oauth2(在 google 的情况下)。
一开始我也花了一些时间来理解它...
OAuth2的意思是你把用户重定向到一个google提供的登录地址,告诉服务"look, after the user logged in, send the token to URL X"(你的服务器)。您的服务器获得某种令牌,代表用户授权您 "app" 代表他做事。
查看 https://developers.google.com/api-client-library/python/auth/web-app
具体针对您的情况 - 您需要在 PHP 中实现端点(如果您明白我的意思,它需要 "listen" 在一个地址上)
如果您真的不需要用户凭据,只需要以任何经过身份验证的用户身份访问 youtube API,则更容易 - 您需要拥有自己的凭据并执行 "server to server" 此处说明:
https://developers.google.com/api-client-library/python/auth/service-accounts
所以我有一个 Python 脚本正在 运行 服务器上(PHP 运行 它)。但是,脚本必须在 youtube 上对用户进行身份验证。当您 运行 它在本地打开浏览器时,允许进行身份验证并请求许可。一切正常。当我允许用户在服务器上 运行 它时,它会尝试在服务器上打开授权屏幕。我需要将响应传递给网络浏览器。 有任何想法吗? 我使用来自 youtube api 示例的授权脚本:
# The CLIENT_SECRETS_FILE variable specifies the name of a file that contains
# the OAuth 2.0 information for this application, including its client_id and
# client_secret. You can acquire an OAuth 2.0 client ID and client secret from
# the Google Developers Console at
# https://console.developers.google.com/.
# Please ensure that you have enabled the YouTube Data API for your project.
# For more information about using OAuth2 to access the YouTube Data API, see:
# https://developers.google.com/youtube/v3/guides/authentication
# For more information about the client_secrets.json file format, see:
# https://developers.google.com/api-client-library/python/guide/aaa_client_secrets
CLIENT_SECRETS_FILE = "client_secrets.json"
# This variable defines a message to display if the CLIENT_SECRETS_FILE is
# missing.
MISSING_CLIENT_SECRETS_MESSAGE = """
WARNING: Please configure OAuth 2.0
To make this sample run you will need to populate the client_secrets.json file
found at:
%s
with information from the Developers Console
https://console.developers.google.com/
For more information about the client_secrets.json file format, please visit:
https://developers.google.com/api-client-library/python/guide/aaa_client_secrets
""" % os.path.abspath(os.path.join(os.path.dirname(__file__),
CLIENT_SECRETS_FILE))
# This OAuth 2.0 access scope allows for full read/write access to the
# authenticated user's account.
YOUTUBE_READ_WRITE_SCOPE = "https://www.googleapis.com/auth/youtube"
YOUTUBE_API_SERVICE_NAME = "youtube"
YOUTUBE_API_VERSION = "v3"
flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE,
message=MISSING_CLIENT_SECRETS_MESSAGE,
scope=YOUTUBE_READ_WRITE_SCOPE)
storage = Storage("%s-oauth2.json" % sys.argv[0])
credentials = storage.get()
if credentials is None or credentials.invalid:
flags = argparser.parse_args()
credentials = run_flow(flow, storage, flags)
youtube = build(YOUTUBE_API_SERVICE_NAME, YOUTUBE_API_VERSION,
http=credentials.authorize(httplib2.Http()))
服务器端 web 应用非常简单,它允许选择脚本变体和配对设置,仅此而已。
当您在服务器中验证您的用户凭据时,您需要使用 Oauth2(在 google 的情况下)。
一开始我也花了一些时间来理解它...
OAuth2的意思是你把用户重定向到一个google提供的登录地址,告诉服务"look, after the user logged in, send the token to URL X"(你的服务器)。您的服务器获得某种令牌,代表用户授权您 "app" 代表他做事。
查看 https://developers.google.com/api-client-library/python/auth/web-app
具体针对您的情况 - 您需要在 PHP 中实现端点(如果您明白我的意思,它需要 "listen" 在一个地址上)
如果您真的不需要用户凭据,只需要以任何经过身份验证的用户身份访问 youtube API,则更容易 - 您需要拥有自己的凭据并执行 "server to server" 此处说明: https://developers.google.com/api-client-library/python/auth/service-accounts