post('https://oauth2.googleapis.com/token', [ 'form_params' => [ 'code' => $authCode, 'client_id' => getenv('GOOGLE_CLIENT_ID'), 'client_secret' => getenv('GOOGLE_CLIENT_SECRET'), 'redirect_uri' => getenv('GOOGLE_REDIRECT_URI'), 'grant_type' => 'authorization_code', ], ]); return json_decode($response->getBody(), true); } public function saveRefreshToken($refreshToken, $accessToken) { // 使用ThinkORM保存数据到bps_third_user表 // $thirdUser = new \App\Models\ThirdUser(); // $thirdUser->access_token = $accessToken; // $thirdUser->is_default = true; // $thirdUser->random_code = bin2hex(random_bytes(16)); // 生成随机码 // $thirdUser->third_type = 'google'; // $thirdUser->user_id = $userId; // $thirdUser->save(); $data = [ 'access_token' => $refreshToken, 'is_default' => 't', 'third_type' => 'google', ]; $tableName = 'bps_third_user'; $tableName = getenv('DB_PG_SCHEMA') ? getenv('DB_PG_SCHEMA') . '.' . $tableName : 'bps' . $tableName; $sql = " INSERT INTO {$tableName} (access_token, is_default, third_type) VALUES (:access_token, :is_default, :third_type) ON CONFLICT (user_id) DO UPDATE SET access_token = EXCLUDED.access_token, is_default = EXCLUDED.is_default, "; // $sql = " // INSERT INTO {$tableName} // (access_token, is_default, random_code, third_type, user_id, facebook_user_id) // VALUES (:access_token, :is_default, :random_code, :third_type, :user_id, :facebook_user_id) // ON CONFLICT (user_id) // DO UPDATE SET // access_token = EXCLUDED.access_token, // is_default = EXCLUDED.is_default, // random_code = EXCLUDED.random_code, // third_type = EXCLUDED.third_type, // "; ThinkDb::execute($sql, $data); } public function revokeToken($accessToken) { $client = new Client(); $client->post('https://oauth2.googleapis.com/revoke', [ 'form_params' => [ 'token' => $accessToken, ], ]); // 在数据库中删除或标记该`refresh_token`为无效 // \App\Models\ThirdUser::where('access_token', $refreshToken)->delete(); } public function useRefreshToken($refreshToken) { $client = new Client(); $response = $client->post('https://oauth2.googleapis.com/token', [ 'form_params' => [ 'refresh_token' => $refreshToken, 'client_id' => getenv('GOOGLE_CLIENT_ID'), 'client_secret' => getenv('GOOGLE_CLIENT_SECRET'), 'grant_type' => 'refresh_token', ], ]); $data = json_decode($response->getBody(), true); return $data['access_token']; } }