Oauth2Authentication.php

<?php
// Copyright 2017 DAIMTO ([Linda Lawton](https://twitter.com/LindaLawtonDK)) :  [www.daimto.com](http://www.daimto.com/)
//
// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
// the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
// an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
// specific language governing permissions and limitations under the License.
//------------------------------------------------------------------------------
// <auto-generated>
//     This code was generated by DAIMTO-Google-apis-Sample-generator 1.0.0
//     Template File Name:  Oauth2Authentication.tt
//     Build date: 2017-10-08
//     PHP generator version: 1.0.0
//     
//     Changes to this file may cause incorrect behavior and will be lost if
//     the code is regenerated.
// </auto-generated>
//------------------------------------------------------------------------------
// Installation
//
// The preferred method is via https://getcomposer.org. Follow the installation instructions https://getcomposer.org/doc/00-intro.md 
// if you do not already have composer installed.
//
// Once composer is installed, execute the following command in your project root to install this library:
//
// composer require google/apiclient:^2.0
//
//------------------------------------------------------------------------------  
require_once __DIR__ . '/vendor/autoload.php';
/**
 * Gets the Google client refreshing auth if needed.
 * Documentation: https://developers.google.com/identity/protocols/OAuth2
 * Initializes a client object.
 *
 * @return A google client object.
 */
function getGoogleClient($credentialsPath = __DIR__ . '/credentials.json') {
  $client = getOauth2Client($credentialsPath);

  if (!$client->getRefreshToken()) {
//    error_log('[StopLight] No Refresh token found...');
  }

  // Refresh the token if it's expired.
  if ($client && $client->isAccessTokenExpired()) {
//    error_log('[StopLight] Refreshing Token...');
    $client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
    writeToCredentials($client, $credentialsPath);
  }
  return $client;
}

/**
 * Builds the Google client object.
 * Documentation: https://developers.google.com/identity/protocols/OAuth2
 * Scopes will need to be changed depending upon the API's being accessed.
 * Example:  array(Google_Service_Analytics::ANALYTICS_READONLY,
 * Google_Service_Analytics::ANALYTICS) List of Google Scopes:
 * https://developers.google.com/identity/protocols/googlescopes
 *
 * @return A google client object.
 */
function buildClient() {
  $client = new Google_Client([
    'access_type' => 'offline',
    'approval_prompt' => 'force',
    'include_granted_scopes' => true,
    'scopes' => [
      Google\Service\Calendar::CALENDAR_READONLY,
      Google\Service\Calendar::CALENDAR_EVENTS_READONLY
    ],
    'credentials' => __DIR__ . '/client_secret.json',
    'redirect_uri' => getRedirectUri()
  ]);
  return $client;
}

/**
 * Builds the redirect uri.
 * Documentation:
 * https://developers.google.com/api-client-library/python/auth/installed-app#choosingredirecturi
 * Hostname and current server path are needed to redirect to
 * oauth2callback.php
 *
 * @return A redirect uri.
 */
function getRedirectUri() {
  //Building Redirect URI
  $url = $_SERVER['REQUEST_URI'];                    //returns the current URL
  if (strrpos($url, '?') > 0) {
    $url = substr($url, 0, strrpos($url, '?'));
  }  // Removing any parameters.
  $folder = substr($url, 0, strrpos($url, '/'));   // Removing current file.
  return (isset($_SERVER['HTTPS']) ? "https" : "http") . '://' . $_SERVER['HTTP_HOST'] . $folder . '/oauth2callback.php';
}

/**
 * Authenticating to Google using Oauth2
 * Documentation:  https://developers.google.com/identity/protocols/OAuth2
 * Returns a Google client with refresh token and access tokens set.
 *  If not authencated then we will redirect to request authencation.
 *
 * @return A google client object.
 */
function getOauth2Client($credentialsPath = __DIR__ . '/credentials.json') {
  try {
    $client = buildClient();

    // If the user has already authorized this app then get an access token
    // else redirect to ask the user to authorize access to Google Analytics.
    if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
      // Set the access token on the client.
      $client->setAccessToken($_SESSION['access_token']);
      return $client;
    }
    else {
      $credentials = json_decode(@file_get_contents($credentialsPath), true);

      if (!empty($credentials->access_token)) {
        $client->setAccessToken($credentials);
        return $client;
      }
      else {
        // We do not have access request access.
        header('Location: ' . filter_var($client->getRedirectUri(), FILTER_SANITIZE_URL));
      }
    }
  }
  catch (Exception $e) {
    error_log('[StopLight] ' . $e->getMessage());
    print "An error occurred: " . $e->getMessage();
  }
}

function writeToCredentials($client, $credentialsPath) {
  unset($_SESSION['access_token']);

  if (file_exists($credentialsPath)) {
    unlink($credentialsPath);
  }

  file_put_contents($credentialsPath, json_encode($client->getAccessToken()));

  // Add access token and refresh token to session.
  $_SESSION['access_token'] = $client->getAccessToken();

  if (!file_exists($credentialsPath)) {
    error_log('[StopLight] Unable to create credentials file.');
  }
}