CODEWITHSUNDEEP
phpoauth-2.0google-oauthgoogle-api-php-clientgoogle-client
Zurupupz
Zurupupz

Reputation: 345

Google Access token not refreshing automatically with offline access

I'm working on a PHP web application that creates Google contacts after the user has authorized permission. I dont want to prompt the user everytime new contact is created, so I found this: https://developers.google.com/identity/protocols/oauth2/web-server#offline

If your application needs offline access to a Google API, set the API client's access type to offline:

$client->setAccessType("offline");

After a user grants offline access to the requested scopes, you can continue to use the API client to access Google APIs on the user's behalf when the user is offline. The client object will refresh the access token as needed.

So if I read this correctly the client automatically refreshes access token without me doing anything?

After performing every operation using the Google Client the access token is not there when I use $this->client->getAccessToken(). If I var_dump it always will come out as NULL. What should I be doing so that the client refreshes the access token automatically?? Here is the enterity of my code, you'll see its not too complex

My model

class PeopleModel{
  protected $client;
  public function __construct(){
     $this->client = new Google_Client();
     $this->client->setAuthConfig('credentials.json');
     $this->client->setScopes(Google_Service_PeopleService::CONTACTS);
     $this->client->setRedirectUri('my url');
     $this->client->setAccessType('offline');
     $this->client->setPrompt('consent');
     $this->client->setApprovalPrompt('auto');
     $this->client->setIncludeGrantedScopes(true);
  }

  public function getClient(){
    return $this->client;
  }
}

My controller

class GooglePeople extends Controller{

    protected $client;

    public function __construct(){
        $this->client = new PeopleModel();
        $this->client = $this->client->getClient();

        // we get code from the google auth page
        if( isset($_GET['code']) ){
            $token = $this->client->fetchAccessTokenWithAuthCode($_GET['code']);
            $acc_token = $this->client->getAccessToken();

            $this->client->setAccessToken($acc_token);
        }
    }

    public function index(){
        // we get code from the google auth page or the client as an acc token
        if (isset($_GET['code']) || $this->client->getAccessToken()) {
            // ... Do stuff with the PeopleService. So far no errors here

        }else{ // we redirect to google auth page to get auth code
            $auth_url = $this->client->createAuthUrl();
            if(!header('Location: '.filter_var($auth_url,FILTER_SANITIZE_URL))){
                exit('Header error');
            }
        }
    }

 }

I'm being redirected everytime because $this->client->getAccessToken() is NULL. Can anyone give me a hint??

Upvotes: 0

Views: 704

Answers (1)

Zurupupz
Zurupupz

Reputation: 345

I'm posting this as answer because it solved my problem temporarily but no idea if this is a good practice. Googles example seems to suggest that I save the acc_token to session and re-set it again every time. So I did and I assume the client does indeed handle the token refresh by itself. if I'm wrong int this let me know. I'm posting my new code

Only the controller changed

<?php

namespace App\Http\Controllers;

use App\GooglePeople as PeopleModel;
use Illuminate\Http\Request;
use Google_Service_PeopleService;
use Google_Service_PeopleService_Person;
use Google_Service_PeopleService_EmailAddress;
use Google_Service_PeopleService_Name;

class GooglePeople extends Controller
{
    protected $client;

    public function __construct(){
        $this->client = new PeopleModel();
        $this->client = $this->client->getClient();

        if( array_key_exists('code', $_GET) && $_GET['code'] )
        {
            $token = $this->client->fetchAccessTokenWithAuthCode($_GET['code']);
            $acc_token = $this->client->getAccessToken();
            session(['acc_token' => $acc_token]);
            session()->save();
            // come back to this file
            redirect('/this_controller');
        }
    }

    public function index(){
        $isset_acctoken = $this->is_acctoken_saved();
        if ($isset_acctoken) {
            // We do stuff with the Google Api, so far no errors here..

        }else{
            $auth_url = $this->client->createAuthUrl();
            redirect()->away('$auth_url');  
        }
    }

    // For some reason I cant retrieve session values in construct
    private function is_acctoken_saved(){
        if(session('acc_token')){
            $this->client->setAccessToken(session('acc_token'));
            return true;
        }

        return false;
    }
}
?>

Upvotes: 1

Related Questions