I use a request dialog in my app where the user can send requests to their friends. Once the user sends the request i redirect the app to a page where it posts on the users page. I use the below code to get an access_token:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://graph.facebook.com/oauth/access_token?client_id='.APP_ID.'&client_secret='.APP_SECRET.'&redirect_uri=http://www.facebook.com/pages/Cosmetics/167231286678063?sk=app_233227910028874&grant_type=client_credentials');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);
$token = curl_exec($ch);
$me = $facebook->api('/me?'.$token);
but when I try to post on the wall it shows this error:
Fatal error: Uncaught OAuthException: Invalid OAuth access token signature.
I'm not sure on how exactly you are trying to authenticate.. It might be ok doing a request that way, but the method I use is the one documented here: http://developers.facebook.com/docs/authentication/
That is, you first redirect the user to a Facebook page in order to make him accept permissions. Once he accepts, he gets redirected to an URL you provided, with a code=### get argument you need to perform a server-side request in order to get the real access_token you need..
Example redirect url:
$my_url = 'http://www.example.com';
"http://www.facebook.com/dialog/oauth?client_id=". $app_id ."&redirect_uri=". urlencode($my_url);
Then, when the user clicks on Accept, he gets redirected to, for example
http://www.example.com?code=ABCDEF
Then, on the server-side, you need to get the access_token making a call like this:
"https://graph.facebook.com/oauth/access_token?"
. "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret . "&code=" . $code;
Then double check the returned text from that call, and try getting
"https://graph.facebook.com/me?access_token=". $access_token;
(You can also check this by hand)
EDIT
Also, you probably need some more permissions from the user in order to publishi on his stream. So, ask for permissions adding a scope=publish_stream get to the first (user authorization) URL.
Why don't you use PHP SDK 3.0.1 ?
Its easy if you use the sdk provided by facebook, here's the sample for authentication using php sdk 3.0.1:
<?php
// Requires Facebook PHP SDK 3.0.1: https://github.com/facebook/php-sdk/
require ('facebook.php');
define('FACEBOOK_APP_ID',"YOUR-APP-ID-HERE");
define('FACEBOOK_SECRET',"YOUR-APP-API-SECRET-HERE");
define('REDIRECT_URI',"YOUR-REDIRECT-URL-HERE");
define('PERMISSIONS_REQUIRED', "publish_stream,user_photos");
$user = null;
$facebook = new Facebook(array(
'appId' => FACEBOOK_APP_ID,
'secret' => FACEBOOK_SECRET,
'cookie' => true
));
$user = $facebook->getUser(); // Get the UID of the connected user, or 0 if the Facebook user is not connected.
if($user == 0) {
// If the user is not connected to your application, redirect the user to authentication page
/**
* Get a Login URL for use with redirects. By default, full page redirect is
* assumed. If you are using the generated URL with a window.open() call in
* JavaScript, you can pass in display=popup as part of the $params.
*
* The parameters:
* - redirect_uri: the url to go to after a successful login
* - scope: comma separated list of requested extended perms
*/
$login_url = $facebook->getLoginUrl($params = array('redirect_uri' => REDIRECT_URI,'scope' => PERMISSIONS_REQUIRED));
echo ("<script> top.location.href='".$login_url."'</script>");
} else {
// if the user is already connected, then fetch access_token and user's information or show some content to logged in user.
try
{
$access_token = $facebook->getAccessToken(); // Gives you current user's access_token
$user = $facebook->api('/me'); // Gets User's information based on permissions the user has granted to your application.
} catch(FacebookApiException $e){
$results = $e->getResult();
// Print results if you want to debug.
}
}
?>
You're using &grant_type=client_credentials which gives you an access token for your app as a whole, not for your current user. To get an access token for your current user you need to redirect them to the same url, but without the &grant_type=client_credentials and then Facebook will redirect them back to your redirect_uri and send along the access_token you need. Alternatively you can use the Javascript SDK to obtain an access token through a pop up window without redirecting them.
Here's a link to another question for how to authenticate with the JS SDK and no redirect: Facebook Authentication Without Redirect?
What you are doing there is getting the application access token:
App Login allows you to take various administrative actions for your
app, such as retrieving Insights data or approving Requests. Graph API
calls that require an app access token are clearly denoted in the API
reference.
What you need is a user access token with some permissions, in your case it would be publish_stream.
Related
I am trying to give the tweeter posting UI from my website for users who has twitter account and post tweet into their home page. In addition I like to give access to webcam to cartoonize their face and put that image with the tweet. (my main target is cartoonize image posts)
Initially I take the Codebird PHP library to make a tweet. https://github.com/jublonet/codebird-php
I tested my first post like same example Codebird given in their github page.
require_once ('codebird.php');
\Codebird\Codebird::setConsumerKey('YOURKEY', 'YOURSECRET'); // static, see README
$cb = \Codebird\Codebird::getInstance();
/*You may either set the OAuth token and secret, if you already have them:*/
$cb->setToken('YOURTOKEN', 'YOURTOKENSECRET');
This part work nicely.
But this is only for the app developer. because YOURTOKEN and YOURTOKEN SECRET is in the https://apps.twitter.com/app/ page.
Therefor I try to run this code as given in Codebird sample.
<?php
require_once('./src/codebird.php');
\Codebird\Codebird::setConsumerKey('REPLACE_WITH_MY_CONSUMER_KEY');
$cb = \Codebird\Codebird::getInstance();
/*$cb->setToken('REPLACE_WITH_MY_CONSUMER_TOKEN');
session_start();
if (!empty($_SESSION['oauth_token'])) {
echo 'ttt';
var_dump($_SESSION['oauth_token']);
// get the request token
$reply = $cb->oauth_requestToken([
'oauth_callback' => 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']
]);
// store the token
$cb->setToken($reply->oauth_token, $reply->oauth_token_secret);
$_SESSION['oauth_token'] = $reply->oauth_token;
$_SESSION['oauth_token_secret'] = $reply->oauth_token_secret;
$_SESSION['oauth_verify'] = true;
// redirect to auth website
$auth_url = $cb->oauth_authorize();
header('Location: ' . $auth_url);
die();
} elseif (isset($_GET['oauth_verifier']) && isset($_SESSION['oauth_verify'])) {
// verify the token
$cb->setToken($_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
unset($_SESSION['oauth_verify']);
// get the access token
$reply = $cb->oauth_accessToken([
'oauth_verifier' => $_GET['oauth_verifier']
]);
// store the token (which is different from the request token!)
$_SESSION['oauth_token'] = $reply->oauth_token;
$_SESSION['oauth_token_secret'] = $reply->oauth_token_secret;
// send to same URL, without oauth GET parameters
header('Location: ' . basename(__FILE__));
die();
}
// assign access token on each page load
$cb->setToken($_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
$reply = $cb->statuses_update('status=Whohoo, I just Tweeted!');
?>
But it gives this error.
Fatal error: Uncaught Codebird\CodebirdCredentialsException: To call
this API, the OAuth access token must be set.
Any clue for this ? or;
Are there anything easy method like facebook handle this thing very easy. It's redirect to facebook login page and after logged use can post whatever user like from the my website. Therefore any way to do something for the twitter , Like call native login window and getting the token and secret from that login session and post the tweet message from my website ?
I just added callback url from the my application page (https://apps.twitter.com/app) and now it's work perfect. It will automatically redirect to login page (like bellow) if user not logged in or else ask permission to approve to get the token and secret key.
Call back URL from setting tab:
User redirect work fine if user not logged-in:
I'm trying to code a couple of PHP pages for getting users tokens the Twitter API 1.1. Iām using the TwitterOAuth library https://twitteroauth.com/
First page: twitter-go.php
The user opens it and gets redirected to twitter.com for authorizing the app.
I'm guessing this is where the POST oauth/request_token and GET oauth/authorize functions are being used.
Second page: twitter-back.php
The user gets redirected there from twitter once he authorizes the app. It then displays the user Access Token and the user Access Secret (or store them into a database for later use).
I'm guessing this is where the POST oauth/access_token function is being used.
Is this the correct way of getting a user Secret Token and Access Token?
Alright, actually managed to figure it out myself. Here is my code for those who need it:
First page: twitter-go.php
The user opens it and gets redirected to twitter.com for authorizing the app.
<?php
//LOADING LIBRARY
require "twitteroauth/autoloader.php";
use Abraham\TwitterOAuth\TwitterOAuth;
//TWITTER APP KEYS
$consumer_key = 'yourkey';
$consumer_secret = 'yourkey';
//CONNECTION TO THE TWITTER APP TO ASK FOR A REQUEST TOKEN
$connection = new TwitterOAuth($consumer_key, $consumer_secret);
$request_token = $connection->oauth("oauth/request_token", array("oauth_callback" => "http://boulangerie-colas.fr/twitter/twitter-back.php"));
//callback is set to where the rest of the script is
//TAKING THE OAUTH TOKEN AND THE TOKEN SECRET AND PUTTING THEM IN COOKIES (NEEDED IN THE NEXT SCRIPT)
$oauth_token=$request_token['oauth_token'];
$token_secret=$request_token['oauth_token_secret'];
setcookie("token_secret", " ", time()-3600);
setcookie("token_secret", $token_secret, time()+60*10);
setcookie("oauth_token", " ", time()-3600);
setcookie("oauth_token", $oauth_token, time()+60*10);
//GETTING THE URL FOR ASKING TWITTER TO AUTHORIZE THE APP WITH THE OAUTH TOKEN
$url = $connection->url("oauth/authorize", array("oauth_token" => $oauth_token));
//REDIRECTING TO THE URL
header('Location: ' . $url);
?>
Second page: twitter-back.php
The user gets redirected there from twitter once he authorizes the app. It then displays the user Access Token and the user Access Secret.
<?php
/**
* users gets redirected here from twitter (if user allowed you app)
* you can specify this url in https://dev.twitter.com/ and in the previous script
*/
//LOADING LIBRARY
require "twitteroauth/autoloader.php";
use Abraham\TwitterOAuth\TwitterOAuth;
//TWITTER APP KEYS
$consumer_key = 'yourkey';
$consumer_secret = 'yourkey';
//GETTING ALL THE TOKEN NEEDED
$oauth_verifier = $_GET['oauth_verifier'];
$token_secret = $_COOKIE['token_secret'];
$oauth_token = $_COOKIE['oauth_token'];
//EXCHANGING THE TOKENS FOR OAUTH TOKEN AND TOKEN SECRET
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $oauth_token, $token_secret);
$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $oauth_verifier));
$accessToken=$access_token['oauth_token'];
$secretToken=$access_token['oauth_token_secret'];
//DISPLAY THE TOKENS
echo "<b>Access Token : </b>".$accessToken."<br />";
echo "<b>Secret Token : </b>".$secretToken."<br />";
?>
Please remember that you need to be using the using the TwitterOAuth library https://twitteroauth.com/
I want to find the list of friends of Google+ user who have authorized the app without asking for authorization again.
For example: Once the user login using the Google+ to my website, I store the auth token, code, Google+ user id in the db.
So once that is done I want to find the list of users friends in his circle.
I managed to get the first part working and it saves the auth token, code, Google+ user id in the db.
But in the second case i.e. finding the list of users friends, I again get a the screen where user have to authorize the app.
Can someone please help me in this?
Also is it possible to get all the user details in offline mode like using the auth token, code, Google+ user id which is in the db?
Initial code(login):
require_once __DIR__.'/social-api/google/Google_Client.php';
require_once __DIR__.'/social-api/google/contrib/Google_PlusService.php';
$this->sn_obj = new Google_Client($google_app_id, $google_secret_key, $call_back_url);
$this->plus_obj = new Google_PlusService($this->sn_obj);
$this->sn_obj->setRedirectUri($call_back_url);
$this->sn_obj->setState($redirect_url);
$requestVisibleActions = array('http://schemas.google.com/AddActivity','http://schemas.google.com/ReviewActivity');
$this->sn_obj->setRequestVisibleActions($requestVisibleActions);
$this->sn_obj->setAccessType('offline');
$this->sn_obj->setScopes(array('https://www.googleapis.com/auth/userinfo.profile','https://www.googleapis.com/auth/userinfo.email','https://www.googleapis.com/auth/plus.login'));
$this->sn_obj->createAuthUrl();
In callback page:
require_once __DIR__.'/social-api/google/Google_Client.php';
require_once __DIR__.'/social-api/google/contrib/Google_PlusService.php';
$this->sn_obj = new Google_Client($google_app_id, $google_secret_key, $call_back_url);
$this->plus_obj = new Google_PlusService($this->sn_obj);
$this->sn_obj->setRedirectUri($call_back_url);
$this->sn_obj->setState($redirect_url);
$requestVisibleActions = array('http://schemas.google.com/AddActivity','http://schemas.google.com/ReviewActivity');
$this->sn_obj->setRequestVisibleActions($requestVisibleActions);
$this->sn_obj->setAccessType('offline');
$this->sn_obj->setScopes(array('https://www.googleapis.com/auth/userinfo.profile','https://www.googleapis.com/auth/userinfo.email','https://www.googleapis.com/auth/plus.login'));
$this->sn_obj->authenticate();
$google_auth_token = $this->sn_obj->getAccessToken();
$google_user_info = $this->plus_obj->people->get('me');
Friends listing page:
require_once __DIR__.'/social-api/google/Google_Client.php';
require_once __DIR__.'/social-api/google/contrib/Google_PlusService.php';
$this->sn_obj = new Google_Client($google_app_id, $google_secret_key, $call_back_url);
$this->plus_obj = new Google_PlusService($this->sn_obj);
$this->sn_obj->setRedirectUri($call_back_uri);
$this->sn_obj->authenticate();
$user_info = $this->plus_obj->people->listPeople($token['oauth_uid'],'visible');
In general, when working in offline mode, you need to store the entire object that comes back from the server - not just the auth token. This object includes the long-lived refresh token as well as information about when it needs to do a refresh. Passing this entire token to the service allows it to refresh the token for you.
The answer you came up with looks like you do the refresh yourself manually - which is fine, but shouldn't be necessary in general.
In some cases, if a user authorizes your app before you have requested offline mode, and you later request offline mode, you still won't get the refresh token. Google will only give a refresh token when asked if there is no auth token, current or expired, that was issued. There are two ways around this:
When you switch to using offline mode, invalidate your old client id / secret and start using a new one. or
Have the user de-authorize your app via https://accounts.google.com/b/0/IssuedAuthSubTokens or (if you're using Google+ Sign-In) via https://plus.google.com/apps
Finally managed to get get it done
On Friends listing page:
require_once __DIR__.'/social-api/google/Google_Client.php';
require_once __DIR__.'/social-api/google/contrib/Google_PlusService.php';
$this->sn_obj = new Google_Client($google_app_id, $google_secret_key, $call_back_url);
$this->plus_obj = new Google_PlusService($this->sn_obj);
if(!$this->sn_obj->getAccessToken()){
$this->sn_obj->refreshToken($refresh_token_from_db);
}
$google_auth_token = $this->sn_obj->getAccessToken();
$google_auth_token_arr = json_decode($google_auth_token,true);
$url = 'https://www.googleapis.com/plus/v1/people/'.$uid_from_db.'/people/visible?access_token='.$google_auth_token_arr['access_token'].'&format=json';
$c = curl_init($url);
curl_setopt($c, CURLINFO_HEADER_OUT, 1);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_HEADER, 0);
$contents = curl_exec($c);
curl_close($c);
$user_info = json_decode($contents, true);
Hello I am new to facebook app development and working over my first app.
My app includes the functionality of retrieving user email, ive the required privileges and user has approved those privileges at the time of authentication but when am trying to retrieve user email through graph api am getting nothing in return however other information such as user display picture, name etc has been successfully retrieved.
at Authentication:
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id=" . $app_id . "&redirect_uri=" . $redirect_uri . "&state=" . $_SESSION['state']."&scope=email,user_photos,publish_stream";
Retrieving user email:
$userEmail = json_decode(file_get_contents('http://graph.facebook.com/' . $userId)) -> email;
echo "email: ".$userEmail;
Kindly help me with this.
Thankyou!
The URL must me https:// insead of http://
And also include the access token.
file_get_contents("https://graph.facebook.com/" . $userId . "/?access_token=" . $accesstoken);
You must add the "access token" in your request in order to "authenticate" your request call. Otherwise, only public data is returned.
Find here the steps to get this token: http://developers.facebook.com/docs/authentication/
Basically, if the user accept the permissions, Facebook will redirect him to the url $redirect_uri and will add a "code" parameter. With this code, you can retrieve the AccessToken I mentionned with another Graph API call.
You really need to be using the facebook sdk, rather than glomming together urls by yourself:
something like
$params = array(
'scope' => 'email',
'redirect_uri' => $redirect_uri
);
$dialog_url = $facebook->getLoginUrl($params);
Will give you a link to pop up the dialog. Then, on the redirected page,
$user_profile = $facebook->api('/me','GET');
echo $user_profile['email'];
Docs are here
I am writing a PHP application that's supposed to allow users to add certain events to a private Google Calendar. The calendar is owned by me, and I need a way for PHP to communicate with the calendar API using fixed credentials (everyone can add events using a form on the website, but the calendar itself is not publicly visible).
From what I have read, this is possible using ClientLogin in the v1 API. In the v3 API, however, the available options are OAuth2.0 or the API key. Using the API key doesn't seem to work, since it can only be used for requests that don't require authorization, and OAuth doesn't seem right either, because users are not supposed to access their own calendars, but the one my application uses.
I thought about getting the OAuth token programatically, but that's bound to break sooner or later, since the OAuth dialog can use captchas.
This seems to be such a standard use case ā a web application that lets users interact with a single calendar in some predefined ways ā yet I can't find any documentation on how to make it happen in the v3 API. Can anyone help me?
I have found a solution that I think that is "the official" for what you want to do.
First, you have to activate a Google API "Client ID for installed applications".
Go to the Google API console and create the project.
Then, activate the calendar.
Go to the "API access" option, and use the "Create OAuth 2.0 client" button.
Give a name (and a logo, if you want) to the product. Click "next".
Choose the "Installed application" option and click "Create Client Id".
Now you have your access configurated. Now, you will need some codes. To obtain them:
*The "Authentication Code". To get it, you need the following information:
SCOPE: https://www.google.com/calendar/feeds/ (if you want to access the calendar API. There are others you can find them at the OAuth 2.0 Playground)
CLIENT_ID: You will find it at the API Access Section at the Google API Console.
REDIRECT_URI: Get it at the same place.
Now, copy the following code into a file, put the values into the variables, execute the code (php -q script_name.php), and go to the URL printed.
<?php
$scope = '';
$client_id = '';
$redirect_uri = '';
$params = array(
'response_type' => 'code',
'client_id' => $client_id,
'redirect_uri' => $redirect_uri,
'scope' => $scope
);
$url = 'https://accounts.google.com/o/oauth2/auth?' . http_build_query($params);
echo $url."\n";
?>
The web page will ask you to allow the access. Do it, and you will get a code, which is your Authentication Code.
*The "Refresh Code". To get it, you will need:
The data you used before, plus the "client secret" code in the API Console, between the "client id" and the "redirect URI".
As you did before, copy the following code, and put the variables in place (the code field is the Authentication Code).
Execute and the result is the "Refresh Token".
<?php
$url = 'https://accounts.google.com/o/oauth2/token';
$post_data = array(
'code' => '',
'client_id' => '',
'client_secret' => '',
'redirect_uri' => '',
'grant_type' => 'authorization_code',
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
$token = json_decode($result);
echo $token->refresh_token . "\n";
?>
At this moment, you have all you need. Be careful if one day you change the Authentication Code. You will have to get new keys.
To access a calendar service, here you have the example:
Change the variable values before using it.
This example gets the primary calendar events, but you can change the address for any in the calendar API (http://code.google.com/intl/ca/apis/calendar/v3/getting_started.html#background_operations)
<?php
$scope = 'https://www.google.com/calendar/feeds/';
$client_id = '';
$client_secret = '';
$redirect_uri = '';
$refresh_token = '';
$token_url = 'https://accounts.google.com/o/oauth2/token';
$post_data = array(
'client_secret' => $client_secret,
'grant_type' => 'refresh_token',
'refresh_token' => $refresh_token,
'client_id' => $client_id
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $token_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
$token_object = json_decode($result);
$access_token = $token_object->access_token;
// Get the results
$rest_url = 'https://www.googleapis.com/calendar/v3/calendars/primary/events';
$header = "Authorization: OAuth " . $access_token;
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
curl_setopt($ch, CURLOPT_URL, $rest_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$rest_result = curl_exec($ch);
print_r(json_decode($rest_result));
?>
First, the script asks for an "Access Token", which is valid for an hour. Then, the script gets the REST service (any in the calendar scope), sending the access token in the header.
To give a best speed at the scrip, it would be good to store the access token in a cache until it's older than 3600 seconds. This way, the script would avoid one of the two calls.
Tips:
Visit OAuth 2.0 Playground to understand all the information sent in the OAuth process. It helped me a lot
A post by Eric Nagel in his blog gave me the solution. All the merit is to him. I can't link it since I haven't got enough "reputation".
You will need to use both the Developer Key (API Key) and OAuth2. The developer key authenticates who wrote the software and is used for things like quota which is on a per developer basis not a per user basis. OAuth2 is for user authentication and will be need to access the non-public calendar.
OAuth2 has a renew token from which you can generate a session token and this means that you will not need to screen scrape the OAuth screens to get authenticated. To get this I would write a little command line application, or you use a one off PHP page.
Under the Google Api Console go to API Access
Generate a new Client ID and choose Installed Application ( as you will be authenticating you server as you not as your user)
Either using a console app or a one off PHP page authenticate using OAuth and your google account (the one with the calendar you want access to)
In the return from the authentication there should be a renew token, (called renew or refresh or something similar). Save this string and make it available to your PHP site.
When you need to access the service your OAuth library should have a renew/refresh call. There is an example using .Net below.
private IAuthorizationState CreateAuthorization(NativeApplicationClient arg)
{
// Get the auth URL:
IAuthorizationState state = new AuthorizationState(new[] { AdsenseService.Scopes.AdsenseReadonly.GetStringValue() });
state.Callback = new Uri(NativeApplicationClient.OutOfBandCallbackUrl);
if (refreshToken.IsNotNullOrEmpty()) // refreshToken you stored in step 4
{
try
{
state.RefreshToken = refreshToken;
if (arg.RefreshToken(state)) // This is calling out to the OAuth servers with the refresh token getting back a session token, returns true if successful.
{
if (state.RefreshToken != refreshToken) // if the refresh token has changed, save it.
{
PersistRefreshToken(authorization.RefreshToken);
}
return this.authorization = state; // Retain the authorization state, this is what will authenticate your calls.
}
}
catch (ProtocolException ex) {...}
The AuthorisationState that has now been renewed can then be used to authenticate call you make to the API. this state can be used many time until it expires and then can be refreshed. As you are authenticating your application as yourself not as a user this AuthorisationState can be shared by all you sessions. Both the current AuthorisationState and the refresh token should be kept securely on your server and never sent to the client, if you ever sent these as part of a response your clients would have the same privileges as your code application
Can also be used with the Google php library. The access token for the $client->setAccessToken() function has to be formatted in the following way:
$at= '{"access_token":"' . $access_token . '",' .
'"token_type":"Bearer",' .
'"expires_in":3600,' .
'"refresh_token":"' . $refresh_token . '",',
'"created":' . time() . '}';
Where $access_token is the access token found by you and $refresh_token is the refresh token. Tested with the useless simple.php google example.
Authentication is then just:
$client->setAccessToken($at);