i am in the situation that i have to use the zend framework along with oauth 2 for gmail.
all works fine and i get the messages and login just fine, my problem is that the token expire too fast.
am i able to set it so it will never expire or how should i implement a refresh token to the framework ? i use standard code when it comes to login.
what i basically need is an access-token that does not expire or a guide for how to implement a refresh token and how to use it in a program.
any help is appreciated.
thank you.
this is the login page.
include("../classes/Google/Client.php");
$client_id = "hidden";
$client_secret = "hidden";
$redirect_uri = "hidden";
$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->addScope("https://www.googleapis.com/auth/userinfo.email");
$client->addScope("https://www.googleapis.com/auth/userinfo.profile");
$client->addScope("https://mail.google.com/");
$client->setRedirectUri($redirect_uri);
$authUrl = $client->createAuthUrl();
echo "Login";
this is the callback
$client_id = "hidden";
$client_secret = "hidden";
$redirect_uri = "hidden";
$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
session_start();
if (isset($_GET['code'])) {
$client->authenticate($_GET['code']);
$_SESSION['access_token'] = $client->getAccessToken();
$oauth2 = new Google_Service_Oauth2($client);
$user = $oauth2->userinfo->get();
$_SESSION['email'] = $user;
$redirect = 'hidden';
header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
}
i know the code is not great, but i wonder if i should get a refresh token along with the access token ?
if someone are interested i have done like this to fix it... now it works like it should.
this method is called every time i need to do something with the mails (if the access token is not valid then you will not have access, so this is to make sure access is always there.)
public function checktokenexpiry()
{
global $google_client; // this is global as we use it in our webservice.
session_start();
$time_created = json_decode($_SESSION['access_token']);
$t=time();
$timediff=$t-$time_created->created;
if($timediff>3500) // 3500 as i want to have a little time to connect if it is just about to need refreshing.
{
$user = json_decode($_COOKIE['user']);
$usermail = $user->email;
$refreshtoken = $this->model->getRefreshToken($usermail);
$refreshtoken = $refreshtoken[0]['google_refresh_token'];
$google_client->refreshToken($refreshtoken);
$_SESSION['access_token'] = $google_client->getAccessToken();
}
}
Related
I have next code for google auth
use Google\Spreadsheet\DefaultServiceRequest;
use Google\Spreadsheet\ServiceRequestFactory;
require './vendor/autoload.php';
$application_name = '*****';
$client_secret = '**********';
$client_id = '**********.apps.googleusercontent.com';
$scope = array('https://spreadsheets.google.com/feeds');
$key = file_get_contents(__DIR__.'/the_key.txt');
$client = new Google_Client();
$client->setApplicationName($application_name);
$client->setClientId($client_id);
$client->setAccessType('offline');
$client->setAccessToken($key);
$client->setScopes($scope);
$client->setApprovalPrompt('force');
$client->setClientSecret($client_secret);
if ($client->getAccessToken()) {
if($client->isAccessTokenExpired()) {
$newToken = json_encode($client->getAccessToken());
$token = $client->getAccessToken();
$client->refreshToken($token['refresh_token']);
json_encode($client->getAccessToken()));
}
$key = json_decode(file_get_contents(__DIR__.'/the_key.txt'));
First time fillin file via oauthcallback via browser, and it works ok, i got refresh token and all works ok.
But when token expires as you see in code i request new via refresh_token, but in result i didn't get new refresh_token.
Also i forced acces type to offline, and approval prompt to force in Client.php of google-oauth-client(because even if i set it via paramaters it didn't worked).
My script must be executed via cron. So i can't each time receive token manually. Can you help me with this?
For credentials, I have created an developer account on https://console.developers.google.com, I have created a project and then i have created credentials from API Manager. I use "google/apiclient": "1.1.*" package. I think it is a problem with credentials.
$OAUTH2_CLIENT_ID = 'XXXXX-rvm1l9b1nvht9je1ic0bbe05ab5gvhbg.apps.googleusercontent.com';
$OAUTH2_CLIENT_SECRET = 'XXXXXXP90L_DLD3Nrc_rT4zGD';
$client = new Google_Client();
$client->setClientId($OAUTH2_CLIENT_ID);
$client->setClientSecret($OAUTH2_CLIENT_SECRET);
$client->setScopes('https://www.googleapis.com/auth/youtube');
$redirect = url('/');
$client->setRedirectUri($redirect);
$token = $client->getAccessToken();
dd($token);
Tip:
Don't use:
$client->authenticate($authcode);
$token = $client->getAccessToken();
Use:
$token = $client->fetchAccessTokenWithAuthCode($authcode);
This will at least allow you to see the error message if you dump $token.
In the 'Don't use:' example, if the authenticate() step fails, getAccessToken() may return null. Bad job on the API here.
I think the problem is you're not making the request to Google to authenticate and get back the token. You should do:
$client = new Google_Client();
$client->setClientId($OAUTH2_CLIENT_ID);
$client->setClientSecret($OAUTH2_CLIENT_SECRET);
$client->setScopes('https://www.googleapis.com/auth/youtube');
$redirect = url('/');
$client->setRedirectUri($redirect);
//redirect to google server to get the token
return Redirect::to( $client->createAuthUrl() );
If the authentication succeeds, google will redirect you to the page you set with $client->setRedirectUri($redirect).
In that page you can:
//authenticate using the parameter $_GET['code'] you got from google server
$client->authenticate( $request->input('code') );
//get the access token
$tokens = $client->getAccessToken();
I am using codeigniter MVC framework for signing in to my site using google client library. Everything is working fine except $client->getAccessToken() when google redirects with code and I do the following code. $client->getAccessToken() return null value. Here is my code for controller function one. In this function I set my credentials to create authUrl.
public function login()
{
// Include two files from google-php-client library in controller
include_once APPPATH . 'third_party/google-api-php-client/vendor/autoload.php';
// Store values in variables from project created in Google Developer Console
$client_id = 'XXXXXX';
$client_secret = 'XXXXX';
$redirect_uri = 'path/to/mysite/login/loginGoogle';
$simple_api_key = 'XXXXXXX';
// Create Client Request to access Google API
$client = new Google_Client();
$client->setApplicationName("mysite");
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->setDeveloperKey($simple_api_key);
$client->addScope("https://www.googleapis.com/auth/userinfo.email");
$authUrl = $client->createAuthUrl();
$data['authUrl'] = $authUrl;
$this->load->view('login',$data);
}
And after that when google authenticate and redirects to my redirect uri which is an other controller function which is given below. and problem is in this function.
public function loginGoogle()
{
// Include two files from google-php-client library in controller
include_once APPPATH . 'third_party/google-api-php-client/vendor /autoload.php';
$client_id = 'XXXXXX';
$client_secret = 'XXXXX';
$redirect_uri = 'path/to/mysite/login/loginGoogle';
$simple_api_key = 'XXXXXXX';
// Create Client Request to access Google API
$client = new Google_Client();
$client->setApplicationName("mysite");
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->setDeveloperKey($simple_api_key);
$client->addScope("https://www.googleapis.com/auth/userinfo.email");
$objOAuthService = new Google_Service_Oauth2($client);
// Add Access Token to Session
if(!isset($_SESSION['access_token'])){
if (isset($_GET['code'])) {
$client->authenticate($_GET['code']);
$token = $client->getAccessToken();
$_SESSION['access_token'] = $token;
print_r($this -> session -> userdata());exit;
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
}
// Set Access Token to make Request
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
}
// Get User Data from Google and store them in $data
if ($client->getAccessToken()) {
$userData = $objOAuthService->userinfo->get();
$data['userData'] = $userData;
$_SESSION['access_token'] = $client->getAccessToken();
}}
here in second function getAccessToken return nothing and google throws expection.
It looks like you never get the refresh token. There are two different tokens, the access token expires every few hours or so, but the refresh token is only sent the one time when the redirect asks the user for permission. It needs to be stored somewhere secure and is used in the future to refresh the access token.
Here's what my codeigniter code looks like to access the Google API (this would replace your if statements in the loginGoogle function:
if($refresh_token_accessed_from_my_database) {
//If session contains no valid Access token, get a new one
if ($client->isAccessTokenExpired()) {
$client->refreshToken($refresh_token_accessed_from_my_database);
}
//We have access token now, launch the service
$this->service = new Google_Service_Calendar($client);
}
else {
//User has never been authorized, so let's ask for the ok
if (isset($_GET['code'])) {
//Creates refresh and access tokens
$credentials = $client->authenticate($_GET['code']);
//Store refresh token for further use
//I store mine in the DB, I've seen others store it in a file in a secure place on the server
$refresh_token = $credentials['refresh_token'];
//refresh_token->persist_somewhere()
//Store the access token in the session so we can get it after
//the callback redirect
$_SESSION['access_token'] = $client->getAccessToken();
$redirect_uri = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
if (!isset($_SESSION['access_token'])) {
$auth_url = $client->createAuthUrl();
header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
}
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
$this->service = new Google_Service_Calendar($client);
}
If you are running on PLESK you might want to change the permission on /var/lib/php/session to 1777.
chmod 1777 /var/lib/php/sessions
I tried in codeigniter.
Below I put this code in a construct
$this->google = new Google_Client();
$this->google->setClientId(GOOGLEID);
$this->google->setClientSecret(GOOGLESECRET);
$this->google->setDeveloperKey(GOOGLEAPIKEY);
$objOAuthService = new Google_Service_Oauth2($this->google);
then in a method1 I put the below
$this->google->setRedirectUri(site_url('auth/google-login?'));
$this->google->addScope("email");
$this->google->addScope("profile");
$data['content_data']['google_login_url'] = $this->google->createAuthUrl();
$this->load->view("test", $data);
then in method2 I put the below
if (isset($_GET['code'])) {
$this->google->authenticate($_GET['code']);
$token = $this->google->getRefreshToken();
echo $token;
}
You can see that I tried to print the $token but it's empty.
My Question is WHY is it empty?
EDIT:
echo $this->google->getAccessToken();
Even the getAccessToken returns empty.
I just fixed it.
My Solution is that in the construct I have
$this->google = new Google_Client();
$this->google->setClientId(GOOGLEID);
$this->google->setClientSecret(GOOGLESECRET);
$this->google->setDeveloperKey(GOOGLEAPIKEY);
$this->google->setRedirectUri(site_url('auth/google-login?'));
$this->google->addScope("email");
$this->google->addScope("profile");
in method1 I only have this
$data['content_data']['google_login_url'] = $this->google->createAuthUrl();
$this->load->view("test", $data);
and in method2 I have this
if (isset($_GET['code'])) {
$this->google->authenticate($_GET['code']);
$token = $this->google->getAccessToken();
var_dump($token);
}
and here the $token already now has value
Here is the working code which I'm using in Laravel and Codeigniter.
// Initial config
$client = new Google_Client();
$client->setApplicationName(APP_NAME);
$client->setClientId(CLIENT_ID);
$client->setClientSecret(CLIENT_SECRET);
$client->setRedirectUri(REDIRECT_URI);
$client->setScopes(array(SCOPE_A));
// To retrieve refresh token forcefully
// This will ask for permission everytime.
$client->setApprovalPrompt('force');
$client->setAccessType('offline');
// Return url data part
if (isset($_GET['code'])) {
// Log the user in
$client->authenticate($_GET['code']);
// Get acess token and refresh token
$getAccesToken = $client->getAccessToken();
$getRefreshToken = $client->getRefreshToken();
}
else
{
// Return to login
$googleAuthUrl = $client->createAuthUrl();
// Redirect user to authentication URI
}
I hope this helps.
I'm trying to insert some activity app in a Google+ profile as shown in this documentation page:
https://developers.google.com/+/api/latest/moments/insert
I successfully obtain the access token needed, but seems the moments->insert method doesn't make anything.
If successful I would expect to see something on this page, once made the access, but nothing happen
https://plus.google.com/u/0/apps/activities
That's my code
<?php
require_once '../google-api-php-client/Google_Client.php';
require_once '../google-api-php-client/contrib/Google_PlusService.php';
session_start();
$client = new Google_Client();
$client->setClientId('xxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com');
$client->setClientSecret('xxxxxxxxxxxxxxxxxxxxxxxx');
$client->setRedirectUri('http://www.myregisteredcallbackurl.com');
$client->setAccessType('offline');
$client->setScopes(array('https://www.googleapis.com/auth/plus.login'));
$client->setApprovalPrompt('force');
$plus = new Google_PlusService($client);
if (isset($_GET['logout'])) {
unset($_SESSION['token']);
}
if (isset($_GET['code'])) {
$client->authenticate($_GET['code']);
$_SESSION['token'] = $client->getAccessToken();
header('Location: http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']);
}
if (isset($_SESSION['token'])) {
echo 'Logout<br><br>'.PHP_EOL.PHP_EOL;
$client->setAccessToken($_SESSION['token']);
$moment = new Google_Moment();
$moment->setType('http://schemas.google.com/AddActivity');
$itemScope = new Google_ItemScope();
$itemScope->setUrl('https://developers.google.com/+/plugins/snippet/examples/thing');
$moment->setTarget($itemScope);
$plus->moments->insert('me', 'vault', $moment);
}
if ($client->getAccessToken()) {
$_SESSION['token'] = $client->getAccessToken();
} else {
$authUrl = $client->createAuthUrl();
echo 'Connect<br>';
}
You need to add the requestvisibleactions permissions to your scope. The easiest way to do this is to switch from the conventional OAuth 2.0 flow to the new Google+ Sign-In flow - the Google+ team provides a PHP sample for Google+ Sign-In. If you want to continue using the older OAuth flow, you need to append request_visible_actions=[the app activity types] to your authorization URL.
Related questions:
Google+ PHP moments not working
Google+ Insert moment using dot-net-client
Google+ unable to insert moment
In your code, you are really close, the following seems to work for me:
$client = new Google_Client();
$client->setClientId('YOUR_CLIENT_ID');
$client->setClientSecret('YOUR_CLIENT_SECRET');
$client->setRedirectUri('http://example.com/callback.php');
$client->setAccessType('offline');
$client->setScopes(array('https://www.googleapis.com/auth/plus.login'));
$client->setRequestVisibleActions(array('https://schemas.google.com/AddActivity'));
$plus = new Google_PlusService($client);
To check the app activities that you have written, visit the app activity log.