Reputation: 5568
How to reauthenticate a user using Google Oauth2
Here's my problem. I have a Google Plus link on a page with a custom image. The URL is
https://accounts.google.com/o/oauth2/auth?client_id=' . Zend_Registry::get('config')->googlePlus->client_id . '&redirect_uri=' . urlencode($strRedirectUrl) . '&access_type=offline&response_type=code&scope=' . urlencode('https://www.googleapis.com/auth/plus.login') . '&' . urlencode('https://www.googleapis.com/auth/plus.me')
The client ID and redirect are passed in dynamically. (This link is generated by a PHP function.)
The user clicks a link and authenticates with Google. Now I need to log them into my app. The only thing that seems to come back from the server is the authentication code. I somehow need to have a Google_Client that I can get the user info on. Thing is when I build up the client to meet all of Google's requirements, I get an issue that I'm trying to reuse the code. I think I've figured a work around for that.
What happens, though, is a get a redirect_uri_mismatch. Extensive Googling says this is because the URI is not in my developer console. Yet it is. I've quadruple checked it and it is exactly the same. There are no special ports or trailing slashes or anything. So I can't figure out why I'm getting this error.
Is it because I pass in a redirect_uri in the above link and then specify one below? I did notice that if I make the two redirect_uris the same, the redirect_uri error goes away, but then I get an error that the code has already been redeemed. I guess because its cycling back over where it was before. I can't have the two be the same anyway, because I need different ones to route the browser through my code.
(All of the Zend_Registry values below have been confirmed. This function returns a string, the necessary API key.)
$client = new Google_Client();
$client->setApplicationName('Web Application');
$client->setClientId(Zend_Registry::get('config')->googlePlus->client_id);
$client->setDeveloperKey(Zend_Registry::get('config')->googlePlus->serverKey);
$client->setClientSecret(Zend_Registry::get('config')->googlePlus->secret);
$client->setRedirectUri('http://test.XXX.com/login/social/network/google');
$client->setScopes(array('https://www.googleapis.com/auth/userinfo.email','https://www.googleapis.com/auth/userinfo.profile'));
$client->setAccessType('offline');
$client->setApprovalPrompt('force'); # this line is important when you revoke permission from your app, it will prompt google approval dialogue box forcefully to user to grand offline access
$client->getRefreshToken();
$plus = new Google_Service_Oauth2($client);
if (isset($_GET['code'])) {
$client->authenticate($_GET['code']);
}
if ($client->getAccessToken())
{
$userinfo = $plus->userinfo;
die(print_r($userinfo->get()));
}
I don't like the way this is structured, since I've already authenticated with Google when the user filled in their credentials in the popup window. But I don't see any way around it. I'm open to any and all suggestions. This is my first time working with this API and I have to say the documentation absolutely sucks.
Upvotes: 0
Views: 2064
Answers (1)
Reputation: 2063
The scopes need to be separated by a space. You have added . '&' .
And that means the second scope is an invalid key as & is a special character.
If you are not aware, you may find Oauthplayground quite useful in trying various requests. https://developers.google.com/oauthplayground/
Upvotes: 1
Related Questions
- Google OAuth, Refresh token invalid
- how to get Refresh token in google oauth 2.0 api with PHP
- Revoke Token OAuth 2 google api
- Google Api, how can I refresh user token when I have acces token and previous refresh token
- Cannot refresh token from google api OAuth2
- Refresh Tokens Google OAuth 2.0 PHP
- Google OAuth 2.0 Refresh Token
- Getting Users info with Google Oauth PHP without refresh tokens
- Google OAuth2.0 php client exchange access token with refresh token
- Use OAuth Refresh Token to Obtain New Access Token - Google API