How to properly configure Google API OAuth 2.0 authorization in CodeIgniter?

A

Anton Dyshkant2015-03-30 17:36:36

Google

Anton Dyshkant, 2015-03-30 17:36:36

Hello.
During development, it became necessary to authorize users in the Google API via OAuth 2.0. The meaning is this: there is a certain model, and some of its fields must be added to Google Calendar as an event.
At the moment, everything is implemented, it seems to me, far from perfect.
The user is prompted to click on a link of the form
/controller_name/gcalendar_initialize/137
where "137" is the id of the object to be added to the calendar, and gcalendar_initialize is the name of the method that starts authorization in the Google API. At the same time, it receives an auth-url, and the Google_Client object and records the id "137" are written to the session, after which the user is redirected to the auth-url:

public function gcalendar_initialize($id) {

    ...

    // записываем в сессию сериализованную версию объекта
    $_SESSION['google_api_object'] = serialize($google_api_object);

     // также записываем id
    $_SESSION['id'] = $id;

    // уходим по ссылке авторизации
    header ('Location: '.$google_api_object->get_auth_url());
}

What happens next is this: in the same browser tab, the user enters the Google authorization menu, where he authorizes our application, after which, in accordance with the current settings, the user is redirected back to our site using the following link, bringing the authorization code

/controller_name/finish_authorization_in_gcalendar?code=...

Accordingly, the execution of the code returns to the same controller, but another method, where in exchange for the received code we receive an authToken, "137" is read from the session, after which the event is added to the Google calendar, and again the redirect to the page where we started :

public function finish_authorization_in_google_calendar() {
        
    ...
        
    // вытягиваем из сессии сериализованную версию объекта
    $google_api_object = unserialize($_SESSION['google_api_object']);

    // устанавливаем access token
    $google_api_object->set_access_token_in_calendar($this->input->get('code'));

    // переходим непосредственно к добавлению объекта в календарь
    $created_event = $this->model_name->add_to_google_calendar($google_api_object, $_SESSION['id']);

    // возвращаемся на страницу, с которой начали
    header ('Location: /index.php/controller_name/?gcalendar_success='.$_SESSION['id']);
    }

In the end, everything works, but it seems to me that this is done quite crookedly, because it is full of redirects and everything else.
Google itself does this quite beautifully, for example, on this page you can try the functionality of their API by clicking on the OFF slider. At the same time, a new window (not pop-up) appears, and after the completion of actions in this window, the status on the specified page changes to ON.
Actually, I would like to know how to properly configure authorization in this API, how to avoid permanent redirects.
Thank you.
Z.Y. The google-api-php-client library from Google is used.