I have two channels under my Google account. I can upload the videos to my main channel using the Youtube API for PHP. I want to upload the videos to my second channel (Not the main channel). I have searched a lot, but could not find a solution for that. What I just figured is, that I may need to use the Google_Service_YouTube_ChannelContentOwnerDetails() class, but I don't know how to specify this detail to $youtube->videos->insert("status,snippet", $video) method specified at https://github.com/youtube/api-samples/blob/master/php/resumable_upload.php.I have also found that there is onBehalfOfContentOwner and onBehalfOfContentOwnerChannel attributes which I may need to use, but I think these parameters are for the accounts which have given access to other channels to manage their channels on behalf of them, and I don't need to use them because I own my two channels under one Google account. (Maybe I am wrong). I just want to upload the videos to my second account by authorizing from my Main channel.Any help will be highly appreciated in this regard.
There's no way for one to specify a channel ID to the Videos.insert API endpoint. But bear with me for a while...
The first time one issues the OAuth 2.0 authorization flow, his/her app is receiving something as the following JSON object:
{
"access_token": "1/fFAGRNJru1FTz70BzhT3Zg",
"expires_in": 3920,
"token_type": "Bearer",
"scope": "https://www.googleapis.com/auth/youtube.force-ssl",
"refresh_token": "1//xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI"
}
The access token is short-lived, while the refresh token is long-lived (but can be revoked at will). This kind of JSON object gets cached in a local file, for to be used later when the app needs a fresh access token (that is obtained from the API based on the stored refresh token). The access token needs to be passed on to each API endpoint that requires authorization.
The above two tokens are relative to the Google account that one has been logged into during the authorization process. Under most common circumstances, each Google account is uniquely associated to a certain YouTube account (i.e. channel). But there can be Google accounts that are associated with multiple YouTube channels (see this doc, the section Use Brand Accounts managed by your Google Account).
Now my conjecture: I do think that it's possible for one to have N such JSON objects (relative to the same scope; e.g. https://www.googleapis.com/auth/youtube.upload), each being associated with a different Youtube channel -- all under the umbrella of a single Google account --, all being stored locally in separate files (or even all in one file), such that, when issuing API calls that need to target a given channel, to choose programmatically the associated pair of tokens out of the whole set of N objects.
The second part of my answer contains source code illustrating my conjecture above. It's not my intention to present here a complete and/or an all-encompassing solution, but only to set forth an application frame that would fit the various ways a concrete PHP app may function (e.g. single desktop apps or apps that run autonomously on remote servers that have no browser installed).
The app manages a set of JSON files -- all stored in the same directory ($auth_conf_path). Each file contains the required credentials relative to a certain channel, such that to be able to create from it a proper instance of class Google_Client. The names of these JSON files are of form CHANNEL_ID.json, where CHANNEL_ID is the ID of the channel to which this file is referring to.
The app is split into two parts: one creating these credentials JSON files upon initiating OAuth authorization flows; the other making API calls relative to a given channel for which a credentials JSON file already exists.
The first part of the app, by using initChannelCredentials within an usual PHP OAuth flow, produces IDs of and credentials JSON files relative to YouTube channels to which the app was granted access to.
The second part of the app, upon obtaining an instance of Google_Client class from makeChannelClient, makes actual API endpoint calls relative to the channel identified by the ID passed to that function.
function initChannelCredentials(
$auth_conf_path, $scopes, $redirect_uri, $client_code)
{
if (!is_dir($auth_conf_path))
throw new InvalidArgumentException(sprintf(
'Auth config path "%s" does not exist', $auth_conf_path));
$client = new Google_Client();
$client->setAuthConfigFile(
$auth_conf_path . DIRECTORY_SEPARATOR . 'client_secrets.json');
$client->setRedirectUri($redirect_uri);
$client->setScopes($scopes);
$cred = $client->fetchAccessTokenWithAuthCode($client_code);
$youtube = new Google_Service_YouTube($client);
$response = $youtube->channels->listChannels('id', array(
'mine' => 'true'
));
$channel_id = $response[0]['id'];
$cred_file = $auth_conf_path . DIRECTORY_SEPARATOR . $channel_id . '.json';
if (file_exists($cred_file))
throw new InvalidArgumentException(sprintf(
'Credentials file for channel "%s" already exists', $channel_id));
file_put_contents($cred_file, json_encode($cred));
return $channel_id;
}
function makeChannelClient($auth_conf_path, $channel_id)
{
if (!is_dir($auth_conf_path))
throw new InvalidArgumentException(sprintf(
'Auth config path "%s" does not exist', $auth_conf_path));
$cred_file = $auth_conf_path . DIRECTORY_SEPARATOR . $channel_id . '.json';
if (!file_exists($cred_file))
throw new InvalidArgumentException(sprintf(
'Credentials file for channel "%s" does not exist', $channel_id));
if (!$cred = json_decode(file_get_contents($cred_file), true))
throw new LogicException(sprintf(
'Invalid content of credentials file for channel "%s"', $channel_id));
$client = new Google_Client();
$client->setAccessType('offline');
$client->setScopes($cred['scope']);
$client->setAccessToken($cred);
if ($client->isAccessTokenExpired()) {
$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
file_put_contents($cred_file, json_encode($client->getAccessToken()));
}
return $client;
}
Note that an app as described above is a bit more general than the one subsumed to the original post and to my conjecture above. The credentials JSON files -- equally the YouTube channels -- managed by the app are not required to work all under the umbrella of a single Google account (as was prescribed by my conjecture). These channels may well be relative to different Google accounts, as long as the concrete incarnation of such a PHP app is able to handle properly multiple Google accounts.
I tried setting '--channelId' in snippet object but that doesn't seem to work.
The solution is to generate different oauth2.json for different sub-channels.
Related
I am currently new to using php and Laravel and working with an API however I have been following the Spotify PHP tutorial https://github.com/jwilsson/spotify-web-api-php.
I've also put in bold some of my questions that I wanted to ask , hopefully someone can help.
I have followed all steps but need help just to get it working.
Put the following code in its own file, lets call it auth.php. Replace CLIENT_ID and CLIENT_SECRET with the values given to you by Spotify.
(Where abouts should I save this file?)
The REDIRECT_URI is the one you entered when creating the Spotify app, make sure it's an exact match.
(I used my localhost:8888/callback/ not sure if that is correct?) Obviously I haven't put me details in here on this website as for security reasons.
<?php
require 'vendor/autoload.php';
$session = new SpotifyWebAPI\Session(
'CLIENT_ ID',
'CLIENT_SECRET',
'REDIRECT_URL'
);
$options = [
'scope' => [
'playlist-read-private',
'user-read-private',
],
];
header('Location: ' . $session->getAuthorizeUrl($options));
die();
?>
When the user has approved your app, Spotify will redirect the user together with a code to the specifed redirect URI. You'll need to use this code to request a access token from Spotify.
put this code in a new file called callback.php:
Do replace client id and secret with my detail? also how do I save the access token?
require 'vendor/autoload.php';
$session = new SpotifyWebAPI\Session(
'CLIENT_ID',
'CLIENT_SECRET',
'REDIRECT_URI'
);
// Request a access token using the code from Spotify
$session->requestAccessToken($_GET['code']);
$accessToken = $session->getAccessToken();
$refreshToken = $session->getRefreshToken();
// Store the access and refresh tokens somewhere. In a database for example.
// Send the user along and fetch some data!
header('Location: app.php');
die();
In a third file, app.php, tell the API wrapper which access token to use, and then make some API calls!
(Where do i also save this file and how do I make these calls in my Laravel Controllers?)
require 'vendor/autoload.php';
$api = new SpotifyWebAPI\SpotifyWebAPI();
// Fetch the saved access token from somewhere. A database for example.
$api->setAccessToken($accessToken);
// It's now possible to request data about the currently authenticated user
print_r(
$api->me()
);
// Getting Spotify catalog data is of course also possible
print_r(
$api->getTrack('7EjyzZcbLxW7PaaLua9Ksb')
);
(Where abouts should I save this file?)
You can save this file in differents places in laravel, for testing you could write it in a controller (not the best but you can).
Do replace client id and secret with my detail?
Yes of course !
also how do I save the access token?
You can save in a database or in a session or where you want. If you store it in a session you will have to make a new request to get a new Access token if the user logged out of your application. In a database you can reuse it.
Many access token are only available for a specific duration. The spotify doc should speak of it.
(Where do i also save this file and how do I make these calls in my Laravel Controllers?)
For testing you can do this in your controller, but it's a good idea to have a service layer where you put the business logic of your application.
Do not copy require 'vendor/autoload.php'; in your file laravel handle the composer autoload already.
I requested authorization for a public application to be able to access store data via the Shopify API.
The store successfully authorized my application via an authorization request URL such as
https://some-store.myshopify.com/admin/oauth/authorize?client_id=123abc&scope=read_inventory%2Cread_products&redirect_uri=http%3A%2F%mysite.com%2Fauth.php&state=123456
and the response was passed back to my application. This response (containing the code that can be exchanged for a permanent access token) was mishandled by my application (an error on the page meant that the access token was not stored).
Everything I read regarding requesting these tokens involves authorization by the store - but given the store has already authorized my application, passed back the code and that code has already successfully been exchanged for a token: is there a way my application can request that same token or a fresh one using my API keys given that the application is already authorized?
The only method I currently can find for requesting a token requires starting back at the beginning and fetching a code for exchange etc.
I working in PHP and using Luke Towers' php shopify wrapper
This stage was completed successfully:
function check_authorization_attempt()
{
$data = $_GET;
$api = new Shopify($data['shop'], [
'api_key' => '123',
'secret' => '456',
]);
$storedAttempt = null;
$attempts = json_decode(file_get_contents('authattempts.json'));
foreach ($attempts as $attempt) {
if ($attempt->shop === $data['shop']) {
$storedAttempt = $attempt;
break;
}
}
return $api->authorizeApplication($storedAttempt->nonce, $data);
}
$response = check_authorization_attempt();
and I would have been able to read the access token from :
$access_token = $response->access_token;
But this was the stage at which my application hit an error in accessing a database in which to write said token.
I cannot repeat it without repeating the auth request because the data in $_GET that's passed to this function comes from Shopify's response to the shop owner authorizing the access, and includes amoung other things the code for exchange.
You have to re-ask for authorization. It is no one's fault but yours that your persistence layer code was incorrect. So there is nothing you can do to change that. Ensure your code works. Since the client has no token in your App persistence layer, your App will retry the authorization token exchange. They do not have to delete your App first. So basically, the next time your client tries to use the App, YES they will asked to approve it, but who cares, they will, and you'll get a good auth token to store. You have fixed your code (right), so that will work. You are one step closer to glory.
Shopify does return the Permanent Access Token, but the ACCESS_MODE must be "Offline" for the token to be permanent.
With ACCESS_MODE offline, your app receives the permanent access token
to make requests whenever you want, without the user's permission.
Documentation:
https://shopify.dev/tutorials/authenticate-with-oauth#step-2-ask-for-permission
https://shopify.dev/concepts/about-apis/authentication#api-access-modes
$KEY_FILE_LOCATION = __DIR__ . '/service-account-credentials.json';
// Create and configure a new client object.
$client = new \Google_Client();
$client->setApplicationName("Hello Analytics Reporting");
$client->setAuthConfig($KEY_FILE_LOCATION);
$client->setScopes(['https://www.googleapis.com/auth/analytics']);
$analytics = new \Google_Service_Analytics($client);
// Construct the body of the request and set its properties.
$profile = new \Google_Service_Analytics_Profile();
$profile->setName('View name');
$analytics->management_profiles->insert('123425914', 'UA-2344718-15', $profile);
I try to insert view on GA App but API return insufficient permissions error.
When I had tried to get data if I enter the wrong $VIEW_ID then the same error is printed.
I had enter those parms in insert method
existing VIEW_ID - the same error occurred if enter none existed VIEW_ID.
Second param is existed APP_ID.
Do you see some mistake here? I double check permissions on GA dashboard and everything seems to be ok.
either the user you are authenticating with does not have admin permissions on the Google Analytics account.
You have not received beta access to the write methods on the Management API.
Views (Profiles): insert
Write operations in the Management API (e.g. create, update, delete, patch) for Web Property, View (Profile), and Goal resources are currently available as a developer preview in limited beta. If you're interested in using these features, request access to the beta.
I am having issue with the Google Drive API, i was able to fetch the files using API But i can't download via this link. I guess, must some auth, but i have used refresh tokens to authenticate.Please see below for my code
$this->load->library('google-api-php-client/src/Google_Client');
include APPPATH . '/libraries/google-api-php-client/src/contrib/Google_DriveService.php';
// Library Files Configuration to get access token and Refresh Token
$client = new Google_Client();
$client->setAccessType('offline'); // default: offline
$client->setApplicationName('xxx'); //name of the application
$client->setClientId('yyyy'); //insert your client id
$client->setClientSecret('zzz'); //insert your client secret
$client->setScopes(array('https://www.googleapis.com/auth/drive'));
$service = new Google_DriveService($client);
$client->refreshToken($drive_data->refreshtoken);
$client->getAccessToken();
$parameters = array();
$files = $service->files->listFiles($parameters);
foreach ($files['items'] as $key => $items)
{
Download
}
Anybody knows how to get the download url with authentication?
This is having the answer:
(Java) Download URL not working
There seem to be some changes on v2 of GDrive, instead of using "downloadUrl" you may have to use "webContentLink" for getting the download link
To get downloadUrls, you need to get the metadata of a file. You can do so by using the get method. The method will return a File Resource representation. In this resource, there is a downloadUrl property. If you're able to access the files and get the URL already, then there should be no problem with your authentication setup. There could be permission issues where you may not have access to certain drive files, but if you receive no error for it, you should be fine there too. I am not particularly familiar with PHP, but perhaps you are not downloading it correctly? Here it seems to be done differently.
I also suggest that you check out the Drive PHP Quickstart App to use as a reference.
I have bumped into the same problem today and just found a solution for my case. I hope that this helps the one or another confused PHP coder out there who also does not get a downloadUrl. I assume that you are working with the examples of the v2 API, as seen on https://developers.google.com/drive/v2/reference.
First, I have altered the head to not only access the metadata but get full access (mind the DRIVE constant):
<?php
require 'vendor/autoload.php';
const DRIVE = "https://www.googleapis.com/auth/drive";
define('APPLICATION_NAME', 'MAGOS poller');
define('CREDENTIALS_PATH', 'credentials.json');
define('CLIENT_SECRET_PATH', 'client_secret.json');
define('SCOPES', implode(' ', array(Google_Service_Drive::DRIVE)));
Then I have deleted my credentials file (credentials.json) and reran the script so it authenticated once more against gDrive and recreated the credentials file. After that
$downloadUrl = $file->getDownloadUrl();
finally worked like a charm.
I simply don't really understand how this whole OAuth authentification thing works and I'm pretty much stuck. I'm trying to let a user authentificate his/her YouTube account to my server using the Google PHP Client API.
Here's my current code:
<?php
require_once app_path().'/google-apis/Google_Client.php';
require_once app_path().'/google-apis/contrib/Google_YouTubeService.php';
class SignupController extends BaseController {
public function showSignupForm() {
$client = new Google_Client();
$client->setClientId('CLIENTID');
$client->setClientSecret('CLIENTSECRET');
$client->setAccessType('offline');
$client->setDeveloperKey('DEVKEY');
$youtube = new Google_YoutubeService($client);
$client->authenticate(Input::get('code'));
$token = json_decode($client->getAccessToken());
return View::make('signup')->with('google_token', $token->access_token);
}
public function getYTAccess() {
$client = new Google_Client();
$client->setClientId('CLIENTID');
$client->setClientSecret('CLIENTSECRET');
$client->setAccessType('offline');
$client->setDeveloperKey('DEVKEY');
$client->setRedirectUri('REDIRECT_URI');
$youtube = new Google_YoutubeService($client);
$authUrl = $client->createAuthUrl();
return View::make('connect_youtube')->with('authUrl', $authUrl);;
}
}
?>
This is the code for the SignupController in the Laravel-based application I'm building. The relevant routes are as follows:
Route::get('signup/connect_youtube/return', 'SignupController#showSignupForm');
Route::get('signup', 'SignupController#getYTAccess');
I only get an invalid request error after getting redirected to my application and I know it has something to do with the access token, just don't know what.
Any help would be appreciated.
Thanks
Tobias Timpe
(Secrets omitted, obviously)
To put it simply, there are 2 steps (at least) you have to do:
1. pass the correct parameters to google. The parameters tell you 1. who you are (you need to present your client id and client secret), 2. what you ask for (in your case youtube scope) 3. redirect_uri which is where your user will be redirected back after she accepts your app's request. 4. other options like access_type=offline which specifies that you have a backend server to continue the auth flow.
To check that this step works correctly, you don't always need run the code. Just print out your auth_url that the sdk makes for you. All those parameters i mentioned should be embedded there. Copy-paste the url in the browser, if the parameters are correct, it will take you to Google's consent page. If not, most likely is because the parameters you set in Google Apis setting page are mismatched with your parameters scripted in the auth_url. Examples are mismatched domains, redirect_uris, client_ids, client_secrets. I'm not sure if this is the error that you are receiving.
If your parameters are good, Google will let your user to login and allow youtube scope access for your app ('consent'). It will redirect user's browser back to your specified 'redirect_uri' with the parameter code=. So this will get you to the step 2 your server script has to process.
The value shooted from Google in the parameter ?code is what you need to get access token. So your server route (redirect_uri) needs to extract the code parameter and pass to the google api to exchange for 'credentials'. Note that the auth code can be used only once. The response credentials will contain access_token and refresh_token. These are important for the api calling so you need to persist them in a storage, possibly with google sdk you are using.
Hope that helps.