In Oauth2 playground I have set it up to use my oauth client id and secret with the Google Play Game Services v1 and https://www.googleapis.com/auth/games scope.
I then exchange the Auth code retrieved from unity google play login to get an access code and then use https://games.googleapis.com/games/v1/applications/{applicationId}/verify which successfully gives me the players google play id.
The problem I am having is knowing the php required with the google api to do this in the php part. Right now I have the following but not sure if it is correct or where to go from here, Any help would be greatly appreciated thanks.
require_once("google/vendor/autoload.php");
putenv('GOOGLE_APPLICATION_CREDENTIALS=secret.json');
$client = new Google_Client();
$client->useApplicationDefaultCredentials();
$client->addScope('https://www.googleapis.com/auth/games');
$service = new Google_Service_Games($client);
Related
The documentation on TwitterOAuthAPI.com leaves quite a bit to be desired, to say the least. However, the software does appear to work with an elevated Twitter API Developer account, when used with the API Key and Secret, along with the Access Token and Secret (passed into the TwitterOAuth constructor).
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $access_token, $access_token_secret);
However, with an Essentials account, there's only access to OAuth 2, which Twitter seems to provide a Client ID and Client secret for. If I try to use the Access Token and Access Secret with an Essential account (not elevated or academic), it returns a status saying that an elevated account or academic account is required to use the v1 API).
The developer of TwitterOAuthAPI only currently has an honorable mention of v2 Twitter API and a small code segment, that seems to suggest all we have to do is
$connection->setApiVersion('2');
But this does not work. $connection->get no longer retrieves data, $connection->post no longer posts status updates - just a blank page from what I can tell (no errors or anything, just blank).
So I'm very confused as to how the Client ID and secret are used with this system as I assume, an alternative to the Access Token and Access Token Secret (?).
If anyone knows how to use TwitterOAuthAPI for PHP with the v2 of Twitter API and a non-elevated/academic account, I'd appreciate any insight.
Thanks for your time,
~G
right now i'm using google-calendar-api with Laravel, i want to create a reminder, and let the user decides if he wants to shows it in his Google Calendar (based in his gmail account). Right now this code works fine:
I got an error when trying to add an attendee, Googling i found out that you need to "impersonate" the user you want to invite, so i tried the next approach:
And getting this error:
What do you guys think am i doing wrong?
In my Google Api Console i'm using a Service Account, i tried with several keys, i enabled Domain Wide Delegation:
Nothing works, as i said, i can create and list the events, but can't invite anyone.
Thanks in advance!
The error message
the client is not authorized to request a token using this method
Means that the client credetials that you created on Google developer console do not match the login method you are using
You apear to be using code designed for use with a service account
// Create and configure a new client object.
$client = new Google_Client();
$client->useApplicationDefaultCredentials();
$client->addScope([YOUR SCOPES HERE]);
return $client;
To use this you need to create service account credentials on Google developer console. You have not.
I am trying to load from a web server some scores from GPGS, using the Google API PHP Client.
Here's how I proceed:
1/ SETTING UP THE OAUTH CLIENT
I created the OAuth client on the Google API Console using a service account, according this doc: https://developers.google.com/accounts/docs/OAuth2ServiceAccount
It provided me a certificate + an email address + a client_id.
2/ WRITING PHP CODE
Here's my code:
$client = new Google_Client();
$client->setApplicationName("");
$client->setAssertionCredentials(
new Google_Auth_AssertionCredentials(
"something#developer.gserviceaccount.com", // email provided by console
array('https://www.googleapis.com/auth/games'), // scope
file_get_contents("../certificates/certificate.p12") // keyfile i downloaded
)
);
$service = new Google_Service_Games($client);
$service->scores->listScores("myLeaderboardId", "PUBLIC", "ALL_TIME");
3/ FIRST RESULTS
The first weird thing about this snippet, is that the API thrown me an error with an HTTP status 401 with this message:
Request was missing required scope(s): plus.login
According the official documentation (https://developers.google.com/games/services/web/api/scores/list) the required scope for this request is only games
4/ HITTING A WALL
Adding this scope to my request was really not a big deal, but after that, the API responded me again with a 401 HTTP status:
User has not completed registration
which I completly understand, since I am using credentials from a service account, and not a real account.
QUESTION
What am I doing wrong? Do I really can load leaderboards by calling the Google API from a server?
Thanks in advance for helping me,
Regards,
While reading this Implementing OAuth 2.0 Authentication (server side) I noticed the process is probably meant for a scenario where one is creating an app that let's users sign in with their Google credentials and subsequently show their Google+ posts, Youtube videos, etc.
What I need is the ability to fetch Google data based on google user's username or user ID. I do have client_id, client_secret, etc. from Google - and I'm willing to send them along my requests.
Step 1 seems OK. Make a request similar to this:
https://accounts.google.com/o/oauth2/auth?
client_id=1084945748469-eg34imk572gdhu83gj5p0an9fut6urp5.apps.googleusercontent.com&
redirect_uri=http%3A%2F%2Flocalhost%2Foauth2callback&
scope=https://www.googleapis.com/auth/youtube&
response_type=code&
access_type=offline
What would be great after this step is the possibility to just take the code so I can authenticate my request (via Google_Client()->authenticate($_GET['code']); or similar) and then exchange it for the auth_token.
I achieved something similar with Facebook API for PHP for fetching Facebook profile/page public posts - so unlike the sign in with FB process - no user consent is needed nor asked for.
You should be using a service account for this. Accessing the Google APIs using a service account is quite useful. Some times you just want to access your own data and not data owned by other users. In this instance there is no reason to use OAuth2 and prompt a user to give you access to there information, its your information you already have access. This is why we use a service account.
Google Service Account Example with in the PHP client lib can be found here: Example
You don't say exactly which API you are trying to access, and I dislike link only answers. So here is a basic example using the Google Analytics API.
<?php
session_start();
require_once 'Google/Client.php';
require_once 'Google/Service/Analytics.php';
/************************************************
The following 3 values an befound in the setting
for the application you created on Google
Developers console.
The Key file should be placed in a location
that is not accessable from the web. outside of
web root.
In order to access your GA account you must
Add the Email address as a user at the
ACCOUNT Level in the GA admin.
************************************************/
$client_id = '1046123799103-nk421gjc2v8mlr2qnmmqaak04ntb1dbp.apps.googleusercontent.com';
$Email_address = '1046123799103-nk421gjc2v8mlr2qnmmqaak04ntb1dbp#developer.gserviceaccount.com';
$key_file_location = '629751513db09cd21a941399389f33e5abd633c9-privatekey.p12';
$client = new Google_Client();
$client->setApplicationName("Client_Library_Examples");
$key = file_get_contents($key_file_location);
// seproate additional scopes with a comma
$scopes ="https://www.googleapis.com/auth/analytics.readonly";
$cred = new Google_Auth_AssertionCredentials(
$Email_address,
array($scopes),
$key
);
$client->setAssertionCredentials($cred);
if($client->getAuth()->isAccessTokenExpired()) {
$client->getAuth()->refreshTokenWithAssertion($cred);
}
$service = new Google_Service_Analytics($client);
I have a tutorial that goes along with that code it can be found here. Google Service Account PHP
I am trying to upgrade the google calendar API to v3 from v1 in a web service project. It worked very well with the api v1 currently, which is using the two legged Oauth for domain wide operations. For example, we're able to CRUD calendars and events in any person's calendars inside our domain, including having people subscribe a public account's calendars.
So far so good, but I didn't find a proper replacement solution for it in the api v3. By checking the service account, I downloaded the latest php client library and run some sample codes, and make some configurations in the Cpanel and console, and it does work in a simple way.
$client = new Google_Client();
$client->setApplicationName("Google Calendar PHP Starter Application");
# fetch the private key
$key = file_get_contents(KEY_FILE);
$client->setClientId(CLIENT_ID);
$auth = new Google_AssertionCredentials(
SERVICE_ACCOUNT_NAME,
array('https://www.googleapis.com/auth/calendar'),
$key,
'notasecret',
'http://oauth.net/grant_type/jwt/1.0/bearer',
'aaa#gmail.com'
);
$client->setAssertionCredentials($auth);
$service = new Google_CalendarService($client);
$calendarList = $service->calendarList->get('aaa#gmail.com');
I am able to get aaa#gmail.com's calendar List by impersonating him, while I can't get bbb#gmail.com's list unless I impersonate bbb#gmail.com to rebuild the Google_AssertionCredentials. This is not as convenient as what it acts in api v1. With the domain consume key and secret set in v1, I have the magic power of anything. i.e. I can get anyone's calendar list by adding a parameter xoauth_requestor_id=AN_EMAIL.
I often need to deal with the request to update multiple people's calendars in one time. Does anyone know a good way to deal with it with the service account in api v3?
Any help will be appreciated.