Happyr Google Site Authenticator Bundle
In some situations you want a website to make API request on the behalf of you (not your users). Example when
you want to fetch website data from Google Analytics or upload database dumps to Google Drive. The solution Google
offers for this is a Domain-Wide Delegation of Authority. But
that solution requires you be a paying customer on Google Apps. I wanted a free solution so I created this bundle.
This bundle is using a normal OAuth for a web application, but it authenticates your google account (or accounts) but
not your users'. It saves the access token in a cache until you manually revoke it.
Read all of this README file to understand how to get started and authenticated
Use composer to get the bundle. You do also have to get a PSR-6 cache implementation.
$ php composer.phar require happyr/google-site-authenticator-bundle cache/redis-adapter
Activate this bundle in AppKernel.
Include the routing.yml and make sure it is protected from normal users.
// app/config/routing.yml happyr_google_site_authenticator: resource: "@HappyrGoogleSiteAuthenticatorBundle/Resources/config/routing.yml" prefix: /admin
Get API credentials
You will find all information on the Google Console. Go in to the console and
click on "APIs" in the sidebar to select those API you want to use.
To retrieve the API-key and secret, click on "Credentials" in the sidebar and then "Create new ClientID". And create a
client ID for a web application. Make sure to specify the correct Authorized redirect URIs. If you used the
configuration above you should use the following url:
When you are done you will get a client id and a client secret. Save those for the next section.
This bundle will fetch an access token and save it to cache. The PHPCacheAdapterBundle
is an excellent bundle for this. You may use one of many predefined cache providers like; file_system, apc, mongodb etc.
Read more about caching here: http://www.php-cache.com/
It also allows you to create your own cache provider. Here is an example configuration:
cache_adapter: providers: my_redis: factory: 'cache.factory.redis'
To configure the Happyr Google Site Authenticator bundle you need to add your API credentials and select a service
Psr\Cache\CacheItemInterface. If you are using the configuration
above you could use the following values:
happyr_google_site_authenticator: cache_service: 'cache.provider.my_redis' tokens: google_drive: client_id: '00000000000-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com' client_secret: 'xxxxx-xxxxx_xxxxxxxxxxxx' redirect_url: 'http://www.domain.com/admin/authenticate-google/return-url' scopes: ['https://www.googleapis.com/auth/drive']
You will find all available scopes here.
The config above will configure a token called google_drive. You may, of course, configure more tokens. To get a
Google_Client instance with those credentials:
$clientProvider = $this->get('happyr.google.client_provider'); $client = $clientProvider->getClient('google_drive'); // or don't use the client provider $client = $this->get('google.client.google_drive'); // if you only have one token configured $client = $this->get('google.client');
To make sure you fetch an access token you need to navigate to
click on Authenticate. You will be asked to sign in with your Google account and grant the permissions. The access token
retrieved will be saved by the cache service. You want to make sure this is stored for a very long time.
When you are authenticated you may use
happyr.google.client_provider to get an authenticated client.
Copyright (c) 2014 Happyr
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
tokens: # Required
client_id: ~ # Required
client_secret: ~ # Required
redirect_url: ~ # Required
By Nyholm, 8 months ago
Fixed typo (#16)
By web-flow, 8 months ago
- better load templates
- Do not use versions higher than 1.1.7
- Updated link
- Cache key (#14)
- Travis fixes (#13)
- Dropped support for php 5.4
- Removed build.xml (#10)
- Merge pull request #8 from Happyr/meta
- Improved testing, badges and added metadata
- style fix
- Added tests
- Applied fixes from StyleCI (#6)
- Updated travis config (#5)
- Start using PSR-6 cache
- Merge pull request #4 from segli/segli-patch-1
By , 3 years ago
- Merge pull request #3 from Happyr/remove
- Merge branch 'master' into remove
- Code style
- Made a difference between revoke and remove
- Adapt to the sf3.0 api
- You dont need google/apiclient @dev any more
- Merge pull request #2 from Nyholm/cleanup
- Remove clover reports
- Make sure to do a strict comparison