G
G
Grigory Vasilkov2017-03-06 09:34:05
Google Sheets
Grigory Vasilkov, 2017-03-06 09:34:05

How to make authorization in Google Spreadsheets in PHP?

I've been fumbling at Google's documentation for quite a long time, but I still haven't been able to put together the right picture of how it works, let alone explain why.
I ask for help - I need it to get the rights to write and read the table into an array when requesting the script. In general, I managed to count and write. From the browser. But here the automatic token from the script does not work, and each time it is manually updated - well, it cannot be that Google did this.
Separate concepts:
1. Google account
2. Google Api account
As I understand it works:
1. Create a Google account for any mail
2. In the settings, create a service account for Google Api
3. In the same place, create another Google Api account and select web there -Appendix
4. Download client_secret.json
5. Install a lib from google `google-api-php-client-2.1.1`
6. Write this code from this lib:

// config
  $client_secret_fpath = '<fpath to client_secret.json>';
  $client_secret = json_decode(file_get_contents($client_secret_fpath), true);

  // process
  // init client
  $client = new Google_Client();
  $client->setAuthConfig($client_secret_fpath);
  $client->addScope(Google_Service_Sheets::SPREADSHEETS);
  $client->setIncludeGrantedScopes(true);
  $client->setAccessType('offline');

7. We check the token in a file or in a session, where it is convenient
$token_fpath = __DIR__ . '/token.ini';
  if (!is_file($token_fpath) || (!$access_token = json_decode(file_get_contents($token_fpath), true))):
    $auth_url = $client->createAuthUrl();
    // ... стопэээээ, ни curl, ни wget не спасут, redirect делать нельзя, т.к. терминал
  endif;

Here I am lost:
Generated link - CLIENT. If the browser switches to it, it works and gives a token in response, after pressing the "Allow" button in the standard form from Google.
But in all its glory, PHP can't CLICK that button, it just gives the content of the page instead of redirecting the code.
How to be here?
And then...
9. Save the token to a file
10. Check the token for expiration, and make a request to revoke() when it happens...

Answer the question

In order to leave comments, you need to log in

1 answer(s)
G
Grigory Vasilkov, 2017-03-06
@gzhegow

Happened.
In order to gain access from another computer (without user intervention) - the so-called. service accounts. When we create such an account - Google warns that `credentials` will be created in a single instance and it is unacceptable to "lose" them.
Thus, you need to use in the script:

$client_secret_fpath = __DIR__ . 'service-account-credentials.json';
$client->setAuthConfig($client_secret_fpath);

And since this file contains a private key, obtaining permission to use is not required at all.
Do not forget to share access to the Li table or another service to the service email (it is also in the service account key file).
===
But if we create access as a "web application" - this does not mean that we can connect to the account from the server, it means that "the site will be able to use the ability to ask the user for permission", thus Google has a " token " is a unique identifier for a person's permission, and requires the "allow" button to be clicked.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question