Google API Authentication for server

Question

I've been trying to get Google's Calendar API working in a PHP web application, but I'm having a hard time getting authenticated.

What I want to do is to allow users to interact with calendars of a single account known by the server.

Each type of scenario covered in the OAuth 2.0 docs talks about "user consent" which involves a login form and the individual user logging in, but I want the server itself to authenticate directly and obtain an access token for itself.

Is there some part of OAuth or some alternative mechanism I can use to do this?

Answer 1

See mathewh's answer here:

How to automate login to Google API to get OAuth 2.0 token to access known user account

The lightbulb for me is when you get the access token you get a refresh_token as well... you use this token to "refresh" your access token once it expires.

There is no way around a manual authorization step the first time.

Answer 2

In order to do this, you must go through the steps for user consent and then copy the access tokens it gives you into the PHP code.

The usual procedure for OAuth is like this:

1. Send user to authentication page.
2. User comes back with $_GET['code']
3. Send $_GET['code'] to OAuth server for a token
4. Store token in database for the user (or session, if it's very short lived)

But when doing it with a single calendar like this, you modify step 4. Instead, you dump the token to screen and copy it into your PHP file as variables, instead of putting it in the database. Then when you go to pass the access token to the server, you just pass the known, static token rather than a dynamic token from the database / session.