问题
I am upgrading a joomla component i once made for google fusion tables. I downloaded the new php api. But I have some doubts about how I should develop my site and some things with oauth.
So my site reads the fusion tables and allows my (Joomla) users to change, delete or add data to any of those tables. So my question is, do I need a client login that is a web application type or a service account. It seems more logically to use the service account. If so how do I connect using php and the google php api framework.
$clientlogin_curl = curl_init();
curl_setopt($clientlogin_curl,CURLOPT_URL,'https://www.google.com/accounts/ClientLogin');
curl_setopt($clientlogin_curl, CURLOPT_POST, true);
curl_setopt ($clientlogin_curl, CURLOPT_POSTFIELDS,
"Email=".$username."&Passwd=".$password."&service=fusiontables&accountType=GOOGLE");
curl_setopt($clientlogin_curl,CURLOPT_CONNECTTIMEOUT,2);
curl_setopt($clientlogin_curl,CURLOPT_RETURNTRANSFER,1);
$token = curl_exec($clientlogin_curl);
curl_close($clientlogin_curl);
$token_array = explode("=", $token);
$token = str_replace("\n", "", $token_array[3]);
Above it is how I used to connect, but now I get quota exceed, because it is deprecated.
I was reading this, https://code.google.com/p/google-api-php-client/wiki/OAuth2, and in the part of service accounts Fusion Tables is not mentioned. If not what should my redirect uri should be
EDIT
this is my code now
jimport('gft-jdc.oauth-php.src.Google_Client');
jimport('gft-jdc.oauth-php.src.contrib.Google_PlusService');
const CLIENT_ID = 'XXXXXXXXXXXXXXXXXXXXXXX7pu.apps.googleusercontent.com';
const SERVICE_ACCOUNT_NAME = 'XXXXXXXXXXXXXXXXXXXpu@developer.gserviceaccount.com';
const KEY_FILE = '/home/jdc/workspace/xxxxxxxxxxxxxxxprivatekey.p12';
class ClientLogin {
public static function getAuthToken($username, $password) {
$client = new Google_Client();
$client->setApplicationName("API Project");
var_dump(CLIENT_ID);
var_dump(KEY_FILE);
$client->setClientId(CLIENT_ID);
// Set your cached access token. Remember to replace $_SESSION with a
// real database or memcached.
if (isset($_SESSION['token'])) {
$client->setAccessToken($_SESSION['token']);
}
// Load the key in PKCS 12 format (you need to download this from the
// Google API Console when the service account was created.
$key = file_get_contents(KEY_FILE);
$client->setAssertionCredentials(new Google_AssertionCredentials(
SERVICE_ACCOUNT_NAME,
array('https://www.googleapis.com/auth/fusiontables'),
$key)
);
$client->authenticate();
if ($client->getAccessToken()) {
$_SESSION['token'] = $client->getAccessToken();
}
$token = $_SESSION['token'];
var_dump($token);
return $token;
}
}
I get this error
Solution, I just solved this last problem, you dont need $client->authenticate()
Here is a solution How to get OAuth2 access token with Google API PHP client?
if ($client->getAuth()->isAccessTokenExpired()) {
$client->getAuth()->refreshTokenWithAssertion();
}
回答1:
Use a service account. Service account identifies a service(e.g: a website) and not a person. Since it is your site that needs to access the fusion tables - not you - service account is the way to go. (The other option would be to get your users to authenticate against your fusion tables one by one. This would require all of your users to have a google account and your site to give permission for them. Now we don't want to go through all the hassle, do we?)
Use the API Console to create a service account. Note your account name, client id. Generate and download your .p12 private key file. After you created a service account, share(a.k.a: give permissions) your fusion table with the service account's email address (xxxx@developer.gserviceaccount.com)
Forget curl. Download the Google API PHP Client. Under the hood it will still use curl but saves you the headache.
Include the api client in your code and do the authentication.
require_once '<path>/src/Google_Client.php'; require_once '<path>/src/contrib/Google_FusiontablesService.php'; $CLIENT_ID = 'xxx.apps.googleusercontent.com'; $SERVICE_ACCOUNT_NAME = 'xxx@developer.gserviceaccount.com'; $KEY_FILE = '<path to your .p12 file>'; //this should not be reached by any of your site's visitors $client = new Google_Client(); $client->setApplicationName("whatever"); $client->setClientId($CLIENT_ID); $client->setAssertionCredentials(new Google_AssertionCredentials( $SERVICE_ACCOUNT_NAME, array('https://www.googleapis.com/auth/fusiontables'), file_get_contents($KEY_FILE) ); $client->authenticate(); //do whatever you need to do with your fusion table on behalf of the user
来源:https://stackoverflow.com/questions/19525580/upgrading-to-google-fusion-tables-to-google-api-v-1