11934

Google API: Authenticate request with OAuth but without user consent window then request Google data

Question:

While reading this <a href="https://developers.google.com/youtube/v3/guides/authentication#server-side-apps" rel="nofollow">Implementing OAuth 2.0 Authentication (server side)</a> I noticed the process is probably meant for a scenario where one is creating an app that let's users sign in with their Google credentials and subsequently show their Google+ posts, Youtube videos, etc.

What I need is the ability to fetch Google data based on google user's username or user ID. I do have client_id, client_secret, etc. from Google - and I'm willing to send them along my requests.

Step 1 seems OK. Make a request similar to this:

https://accounts.google.com/o/oauth2/auth? client_id=1084945748469-eg34imk572gdhu83gj5p0an9fut6urp5.apps.googleusercontent.com& redirect_uri=http%3A%2F%2Flocalhost%2Foauth2callback& scope=https://www.googleapis.com/auth/youtube& response_type=code& access_type=offline

What would be great after this step is the possibility to just take the code so I can authenticate my request (via Google_Client()->authenticate($_GET['code']); or similar) and then exchange it for the auth_token.

I achieved something similar with Facebook API for PHP for fetching Facebook profile/page public posts - so unlike the sign in with FB process - no user consent is needed nor asked for.

Answer1:

You should be using a <a href="https://developers.google.com/accounts/docs/OAuth2ServiceAccount" rel="nofollow">service account</a> for this. Accessing the Google APIs using a service account is quite useful. Some times you just want to access your own data and not data owned by other users. In this instance there is no reason to use OAuth2 and prompt a user to give you access to there information, its your information you already have access. This is why we use a service account.

Google Service Account Example with in the PHP client lib can be found here: <a href="http://developers.google.com/accounts/docs/OAuth2ServiceAccount" rel="nofollow">Example</a>

You don't say exactly which API you are trying to access, and I dislike link only answers. So here is a basic example using the Google Analytics API.

<?php session_start(); require_once 'Google/Client.php'; require_once 'Google/Service/Analytics.php'; /************************************************ The following 3 values an befound in the setting for the application you created on Google Developers console. The Key file should be placed in a location that is not accessable from the web. outside of web root. In order to access your GA account you must Add the Email address as a user at the ACCOUNT Level in the GA admin. ************************************************/ $client_id = '1046123799103-nk421gjc2v8mlr2qnmmqaak04ntb1dbp.apps.googleusercontent.com'; $Email_address = '1046123799103-nk421gjc2v8mlr2qnmmqaak04ntb1dbp@developer.gserviceaccount.com'; $key_file_location = '629751513db09cd21a941399389f33e5abd633c9-privatekey.p12'; $client = new Google_Client(); $client->setApplicationName("Client_Library_Examples"); $key = file_get_contents($key_file_location); // seproate additional scopes with a comma $scopes ="https://www.googleapis.com/auth/analytics.readonly"; $cred = new Google_Auth_AssertionCredentials( $Email_address, array($scopes), $key ); $client->setAssertionCredentials($cred); if($client->getAuth()->isAccessTokenExpired()) { $client->getAuth()->refreshTokenWithAssertion($cred); } $service = new Google_Service_Analytics($client);

I have a tutorial that goes along with that code it can be found here. <a href="http://www.daimto.com/google_service_account_php/" rel="nofollow">Google Service Account PHP</a>

Recommend

  • Google with oauth 2
  • how to check if selected account is YouTube channel
  • JMSSerializerBundle mixing auto detection and explicit directories?
  • Error: invalid_request getToken
  • Query JSON data column using Spark DataFrames, But Not sure about its Schema
  • Getting a refresh token from google api
  • Google API: Authenticate request with OAuth but without user consent window then request Google data
  • Get information from JSON
  • iPhone dev box?
  • Is there way to scroll to anchor rather than jump with javascript (something like smooth scroll)
  • Authenticating to BigQuery REST API via OAuth2 from Node.js
  • getting error “There was a issue with network [400]” while playing You tube video
  • Ios swift - storing uiimage in document directory and path in core data
  • youtube video insert “onBehalfOfContentOwner” parameter value
  • Android GCM push notification without server OR GCM push notification using Microsoft SQL(Not Mysql)
  • Docker container for google cloudML on compute engine - authenticating for mounting bucket
  • Youtube upload API and cordova / phonegap
  • Sencha Touch 2.1 native (android) app not getting json from remote (it works on PC)
  • Cannot page through all results using nextPageToken on YouTube search API v3
  • Using $compile in a directive triggers AngularJS infinite digest error
  • Updating Dojo provide
  • Is it possible to access block's scope in method?
  • does jqgrid support a multiple checkbox list for editing
  • Optimizing database types to compact database (SQLite)
  • swift auto completion not working in Xcode6-Beta
  • Cross-Platform Protobuf Serialization
  • Do I've to free mysql result after storing it?
  • bootstrap to use multiple ng-app
  • Turn off referential integrity in Derby? is it possible?