Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $google_client_id = 'xxx';
- $google_client_secret = 'xxx';
- $google_redirect_url = 'xxx';
- $google_developer_key = 'xxx';
- $google_application_name = 'xxx';
- $google_application_scope = 'email'; /* I only needed the basic user info */
- //include google api files
- require_once 'Google/Client.php';
- require_once 'Google/Service/Oauth2.php';
- //start session
- session_start();
- //Create the Client
- $gClient = new Google_Client();
- // Set Basic Client info as established at the beginning of the file
- $gClient->setApplicationName($google_application_name);
- $gClient->setClientId($google_client_id);
- $gClient->setClientSecret($google_client_secret);
- $gClient->setRedirectUri($google_redirect_url);
- $gClient->setDeveloperKey($google_developer_key);
- $gClient->setScopes($google_application_scope);
- //Set this to 'force' in order to get a new refresh_token.
- //Useful if you had already granted access to this application.
- $gClient->setApprovalPrompt('force');
- //Critical in order to get a refresh_token, otherwise it's not provided in the response.
- $gClient->setAccessType('offline');
- $google_oauthV2 = new Google_Service_Oauth2($gClient);
- /************************************************
- If we're logging out we just need to clear our
- local access token in this case
- ************************************************/
- if (isset($_REQUEST['logout'])) {
- unset($_SESSION['access_token']);
- //Perform any other sort of redirection or work.
- }
- /************************************************
- If we have a code back from the OAuth 2.0 flow,
- we need to exchange that with the authenticate()
- function. We store the resultant access token
- bundle in the session, and redirect to ourself.
- ************************************************/
- if (isset($_GET['code'])) {
- $gClient->authenticate($_GET['code']);
- $_SESSION['token'] = $gClient->getAccessToken();
- header('Location: ' . filter_var($google_redirect_url, FILTER_SANITIZE_URL));
- return;
- }
- /************************************************
- If we have an access token, we can make
- requests, else we generate an authentication URL.
- ************************************************/
- if (isset($_SESSION['token'])) {
- $gClient->setAccessToken($_SESSION['token']);
- }
- else {
- $authUrl = $gClient->createAuthUrl();
- }
- /************************************************
- If we're signed in we can go ahead and retrieve
- the user's information.
- ************************************************/
- if ($gClient->getAccessToken()) {
- //Check if our token has expired.
- if ($gClient->isAccessTokenExpired()) {
- //Retrieve token from database
- $refreshToken = getRefreshToken($con);
- //Here's where the magical refresh_token comes into play
- $gClient->refreshToken($refreshToken);
- }
- //Basic User Information
- $user = $google_oauthV2->userinfo->get();
- $user_id = $user['id'];
- $user_name = filter_var($user['name'], FILTER_SANITIZE_SPECIAL_CHARS);
- $email = filter_var($user['email'], FILTER_SANITIZE_EMAIL);
- $profile_url = filter_var($user['link'], FILTER_VALIDATE_URL);
- $profile_image_url = filter_var($user['picture'], FILTER_VALIDATE_URL);
- $_SESSION['token'] = $gClient->getAccessToken();
- //Save the refresh token on our database.
- $tokens = json_decode($gClient->getAccessToken());
- setRefreshToken($con, $tokens->refresh_token);
- }
- /************************************************
- Basic user redirects based on whether or not
- they are authenticated.
- ************************************************/
- if(isset($authUrl)) {
- //If not already on the login page, redirect to the login page.
- if ($_SERVER["REQUEST_URI"] != "/test/clients/login.php") {
- header('Location: http://fatcave.me/test/clients/login.php');
- }
- }
- else {
- //If not already on our main page for authenticated users
- //then let's redirect there.
- if ($_SERVER["REQUEST_URI"] != "/test/clients/") {
- header('Location: http://fatcave.me/test/clients/');
- }
- }
- //Simple function to store a given refresh_token on a database
- function setRefreshToken ($con, $token) {
- if (isset($token) && isset($email)) {
- $result = mysqli_query($con,"UPDATE mytable SET refresh_token='" . $token . "'");
- }
- }
- //Retrieves the refresh_token from our database.
- function getRefreshToken ($con) {
- $result = mysqli_query($con,"SELECT refresh_token FROM mytable");
- $rows = mysqli_num_rows($result);
- if ($rows == 0) {
- return "";
- }
- else {
- $row = mysqli_fetch_array($result);
- return $row['Refresh'];
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement