问题描述
我需要构建在PHP的Web应用程序,允许AD用户能够轻松添加视频链接到我们公司账户的播放列表。问题是,我们不想让员工知道这个帐户的密码。
I need to build a web application in php that allows an AD user to easily add a video link to a playlist of our company account. The problem is we don't want the employees to know the password of this account.
我们最近安装的所有的YouTube流量重定向到Youtube教育一个新的互联网过滤框。唯一的问题是,如果一个老师要访问他们需要的教育视频,但它不是在EDU网站,它就会被阻止的学生。解决的办法是给视频添加到我们的帐户EDU播放列表,视频将随后神奇地为学生工作。
We recently installed a new internet filtering box that redirects all youtube traffic to Youtube for Education. The only problem is that if a teacher wants to visit a video they need for education but it isn't on the edu site, it will be blocked for students. The solution is to add that video to our edu account playlist and the video will then magically work for students.
我在这篇文章阅读:与YouTube API
你可以交换的临时令牌一个永久性之一,但这种方法已经去precated,我找不到在哪里的OAuth 2.0允许这一点。
I read in this post: Permanent access token with YouTube api?that you can exchange the temporary token for a permanent one but this method has been deprecated and I cannot find where OAuth 2.0 allows for this.
任何帮助将大大AP preciated!
Any help would be greatly appreciated!
更新:
我在谷歌的API在两个不同的地点,一个服务帐户没有YouTube的可用读取。但是,我决定试一试,反正因为它不支持OAuth认证。它就像它正在执行的查询,但不会返回任何结果。
I read in two different locations in the google API that a Service Account wasn't usable for youtube. But, I decided to try it anyways since it does support OAuth Authentication. It acts like it is performing the query but doesn't return any results.
// Make sure you keep your key.p12 file in a secure location, and isn't
// readable by others.
const KEY_FILE = '/secretlocation/youtubeAPIServiceKey.p12';
$client = new Google_Client();
// Set your cached access token. Remember to replace $_SESSION with a
// real database or memcached.
session_start();
if (isset($_SESSION['token'])) {
$client->setAccessToken($_SESSION['token']);
}
// Load the key in PKCS 12 format (you need to download this from the
// Google API Console when the service account was created.
$key = file_get_contents(KEY_FILE);
$client->setClientId(CLIENT_ID);
$client->setAssertionCredentials(new Google_AssertionCredentials(
SERVICE_ACCOUNT_NAME,
array('https://www.googleapis.com/auth/youtube'),
$key));
$youtube = new Google_YoutubeService($client);
$playlistResponse = $youtube->playlists->listPlaylists('id',
array("mine"=>true));
print_r($playlistResponse);
$_SESSION['token'] = $client->getAccessToken();
当在沙箱中所做的谷歌API的网站上它返回5个项目。在这里,它只返回这一点:
When done in the sandbox on the google api website it returns 5 items. Here it only returns this:
Array ( [kind] => youtube#playlistListResponse [etag] => "dYdUuZbCApIwJ-onuS7iKMSekuo/Db2Wkrhuywa2CiaiO8EVH7ZukZ8" [pageInfo] => Array ( [totalResults] => 0 [resultsPerPage] => 5 ) [items] => Array ( ) )
再次更新:
我证实了我已经知道了。尝试新的播放列表添加到我的帐户时,我recieving未经授权的错误(401)。
I confirmed what I already knew. I was recieving Unauthorized error (401) when trying to add a new playlist to my account.
This error is commonly seen if you try to use the OAuth 2.0 Service Account flow. YouTube does not support Service Accounts, and if you attempt to authenticate using a Service Account, you will get this error.
回到原点。
推荐答案
您需要使用OAuth 2.0桌面应用程序:
You need to use oauth 2.0 for desktop applications:
从链接:
1:当注册应用程序,您指定的应用程序是一个已安装的应用。这将导致在用于REDIRECT_URI参数不同的值。
1: When registering the application, you specify that the application is a Installed application. This results in a different value for the redirect_uri parameter.
2:CLIENT_ID和注册过程中获得client_secret嵌入到应用程序的源代码code。在此背景下,client_secret显然不被视为秘密
2: The client_id and client_secret obtained during registration are embedded in the source code of your application. In this context, the client_secret is obviously not treated as a secret.
3:授权code可以返回到您的应用程序在浏览器的标题栏或一个http:查询字符串//本地主机端口
3: The authorization code can be returned to your application in the title bar of the browser or to an http:// localhost port in the query string.
检查也:
换句话说,你几分辛苦code中的访问凭据的帐户并绕过认证的用户交互。
in other words, you sort of hardcode the access credentials to an account and bypass the user-interaction for authentication.
这篇关于你怎么收到,而无需用户干预的一个访问令牌,使用谷歌的Youtube API v3的一个已知的帐户?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!