Persisting authentication data

[Sebastian Vaggi]

Hi, I am using PHP to get the token, i get a Token that only let me get the reports for 3600 seconds, how can i make the token to Persist forever ? i cant find the correct info in how to use the refresh token to get a new token.

Regards

Sebastian

[Silvano Luciani]

Hello Sebastian,

If you are developing your own implementation to handle the OAuth 2.0
authentication flow, this is the documentation that you need to
follow:
https://developers.google.com/accounts/docs/OAuth2WebServer

You need to request offline access for your application, so that with
the access token you will receive also a refresh token that you can
exchange for a new access token when needed. The refresh token never
expires, but its validity can be manually revoked by the user:
https://developers.google.com/accounts/docs/OAuth2WebServer#offline

If you use the Google API Php Client Library the offline access is
requested by default, so all you need to do is save the access token
and the refresh token, use the access token until it expires, obtain a
new access token using the refresh token.
http://code.google.com/p/google-api-php-client/

Cheers,
Silvano

--
Silvano Luciani | Developer Programs Engineer

Google UK Limited
Registered Office: Belgrave House, 76 Buckingham Palace Road, London
SW1W 9TQ
Registered in England Number: 3977902

[Sebastian Vaggi]

i have this code and it returns: { "error" : "invalid_grant" }1


$url = "https://accounts.google.com/o/oauth2/token";
$ch = curl_init();

curl_setopt($ch, CURLOPT_URL,$url);

curl_setopt($ch, CURLOPT_POST, 1);

$data = array('refresh_token' => '', // i put here the refresh token i
got the last time i got the token
'client_id' => '', //i put here my client id
'client_secret' => '', // i put here my client secret
'grant_type' => 'refresh_token');


curl_setopt($ch, CURLOPT_POSTFIELDS,$data);

$result= curl_exec ($ch);
curl_close ($ch);
print $result;

On Mar 1, 7:12 pm, Silvano Luciani <silvano.luci...@google.com> wrote:
> Hello Sebastian,
>
> If you are developing your own implementation to handle the OAuth 2.0
> authentication flow, this is the documentation that you need to
> follow:https://developers.google.com/accounts/docs/OAuth2WebServer
>
> You need to request offline access for your application, so that with
> the access token you will receive also a refresh token that you can
> exchange for a new access token when needed. The refresh token never
> expires, but its validity can be manually revoked by the user:https://developers.google.com/accounts/docs/OAuth2WebServer#offline
>
> If you use the Google API Php Client Library the offline access is
> requested by default, so all you need to do is save the access token
> and the refresh token, use the access token until it expires, obtain a

> new access token using the refresh token.http://code.google.com/p/google-api-php-client/

[Silvano Luciani]

Hello Sebastian,

can you show me the code that you're using to start the flow and
request the access token?

Cheers,
Silvano

--
Silvano Luciani | Developer Programs Engineer

Google UK Limited
Registered Office: Belgrave House, 76 Buckingham Palace Road, London
SW1W 9TQ
Registered in England Number: 3977902

[Sebastian Vaggi]

yes, its funny because the code i am using have your copyright :P

/**
* Include the library files for the api client and AdSense service
class.
*/
require_once "google-api-php-client/src/apiClient.php";
require_once "google-api-php-client/src/contrib/
apiAdsenseService.php";

/**
* Handles authentication and OAuth token storing.
* Assumes the presence of a sqlite database called './
examples.sqlite'
* containing a table called 'auth' composed of two VARCHAR(255)
fields called
* 'user' and 'token'.
*
* @author Silvano Luciani <silvano...@gmail.com>
*/

class AdSenseAuth {
protected $apiClient;
protected $adSenseService;
private $user;

/**
* Create the dependencies.
* (Inject them in a real world app!!)
*/
public function __construct() {
// Create the apiClient instances.
$this->apiClient = new apiClient();
// Visit https://code.google.com/apis/console?api=adsense to
// generate your oauth2_client_id, oauth2_client_secret, and to
// register your oauth2_redirect_uri.
$this->apiClient->setClientId('#################');
$this->apiClient->setClientSecret('##################');
$this->apiClient->setDeveloperKey('###################');
// Point the oauth2_redirect_uri to index.php.
$this->apiClient->setRedirectUri('http://myurl.com/tests/
adsense_auth.php?logged');
// Create the api AdsenseService instance.
$this->adSenseService = new apiAdsenseService($this->apiClient);
}

/**
* Check if a token for the user is already in the db, otherwise
perform
* authentication.
* @param string $user The user to authenticate
*/
public function authenticate($user) {
$this->user = $user;
// Override the scope to use the readonly one
$this->apiClient->setScopes(
array("https://www.googleapis.com/auth/adsense.readonly"));
// Go get the token
$this->apiClient->setAccessToken($this->apiClient-
>authenticate());
}

/**
* Return the AdsenseService instance (to be used to retrieve data).
* @return apiAdsenseService the authenticated apiAdsenseService
instance
*/
public function getAdSenseService() {
return $this->adSenseService;
}

public function getToken() {
return $this->apiClient->getAccessToken();
}

}


$client = new AdSenseAuth();
$client->authenticate("john");

if(isset($_GET["logged"])){
echo $client->getToken();

[Silvano Luciani]

Hello Sebastian,

That's strange. If you use the code from the example, AdSenseAuth and
the Google API PHP Client take care of everything for you. I've just
checked with my staged version of the example code and it's correctly
refreshing the tokens.

Just to understand, do you use the code from the example to request
the token and then you use the code that you have developed to refresh
the token?

Cheers,
Silvano

--
Silvano Luciani | Developer Programs Engineer

Google UK Limited
Registered Office: Belgrave House, 76 Buckingham Palace Road, London
SW1W 9TQ
Registered in England Number: 3977902

On Mar 2, 1:57 pm, Sebastian Vaggi <sva...@gmail.com> wrote:
> yes, its funny because the code i am using have your copyright :P
>
> /**
>  * Include the library files for the api client and AdSense service
> class.
>  */
> require_once "google-api-php-client/src/apiClient.php";
> require_once "google-api-php-client/src/contrib/
> apiAdsenseService.php";
>
> /**
>  * Handles authentication and OAuth token storing.
>  * Assumes the presence of a sqlite database called './
> examples.sqlite'
>  * containing a table called 'auth' composed of two VARCHAR(255)
> fields called
>  * 'user' and 'token'.
>  *

>  * @author Silvano Luciani <silvano.luci...@gmail.com>

[Sebastian Vaggi]

I use the last code i pasted to get the token and i also get the
refresh token, then i try to get a new token using that refresh token
with the code i pasted first, and i get the: { "error" :
"invalid_grant" }1

What i need to do is to have a token forever so i can access to my
adsense account from a PHP file and get some reports with a cronjob
that will run and get that info and keep it updated. I dont know if
this is the right way to do it.

Regards
Sebastian

[Silvano Luciani]

Hello Sebastian,

If you are trying to access the API from an application that is not
published on the web (as your update script is likely to be), you need
to implement the flow for installed applications:
https://developers.google.com/accounts/docs/OAuth2InstalledApp

From what I know the flow is not implemented in the Google API PHP
Client Library, but you can ask about it in their forum:
http://groups.google.com/group/google-api-php-client/

Cheers,
Silvano

--
Silvano Luciani | Developer Programs Engineer

Google UK Limited
Registered Office: Belgrave House, 76 Buckingham Palace Road, London
SW1W 9TQ
Registered in England Number: 3977902