210 lines
9.6 KiB
PHP
210 lines
9.6 KiB
PHP
<?php
|
|
|
|
namespace OAuth\OAuth2\Service;
|
|
|
|
use OAuth\Common\Consumer\CredentialsInterface;
|
|
use OAuth\Common\Http\Client\ClientInterface;
|
|
use OAuth\Common\Http\Uri\UriInterface;
|
|
use OAuth\Common\Storage\TokenStorageInterface;
|
|
use OAuth\OAuth2\Token\StdOAuth2Token;
|
|
use OAuth\Common\Http\Exception\TokenResponseException;
|
|
use OAuth\OAuth2\Service\Exception\InvalidAccessTypeException;
|
|
use OAuth\Common\Http\Uri\Uri;
|
|
|
|
class Google extends AbstractService
|
|
{
|
|
/**
|
|
* Defined scopes - More scopes are listed here:
|
|
* https://developers.google.com/oauthplayground/
|
|
*
|
|
* Make a pull request if you need more scopes.
|
|
*/
|
|
|
|
// Basic
|
|
const SCOPE_EMAIL = 'email';
|
|
const SCOPE_PROFILE = 'profile';
|
|
|
|
const SCOPE_USERINFO_EMAIL = 'https://www.googleapis.com/auth/userinfo.email';
|
|
const SCOPE_USERINFO_PROFILE = 'https://www.googleapis.com/auth/userinfo.profile';
|
|
|
|
// Google+
|
|
const SCOPE_GPLUS_ME = 'https://www.googleapis.com/auth/plus.me';
|
|
const SCOPE_GPLUS_LOGIN = 'https://www.googleapis.com/auth/plus.login';
|
|
const SCOPE_GPLUS_CIRCLES_READ = 'https://www.googleapis.com/auth/plus.circles.read';
|
|
const SCOPE_GPLUS_CIRCLES_WRITE = 'https://www.googleapis.com/auth/plus.circles.write';
|
|
const SCOPE_GPLUS_STREAM_READ = 'https://www.googleapis.com/auth/plus.stream.read';
|
|
const SCOPE_GPLUS_STREAM_WRITE = 'https://www.googleapis.com/auth/plus.stream.write';
|
|
const SCOPE_GPLUS_MEDIA = 'https://www.googleapis.com/auth/plus.media.upload';
|
|
|
|
// Google Drive
|
|
const SCOPE_DOCUMENTSLIST = 'https://docs.google.com/feeds/';
|
|
const SCOPE_SPREADSHEETS = 'https://spreadsheets.google.com/feeds/';
|
|
const SCOPE_GOOGLEDRIVE = 'https://www.googleapis.com/auth/drive';
|
|
const SCOPE_DRIVE_APPS = 'https://www.googleapis.com/auth/drive.appdata';
|
|
const SCOPE_DRIVE_APPS_READ_ONLY = 'https://www.googleapis.com/auth/drive.apps.readonly';
|
|
const SCOPE_GOOGLEDRIVE_FILES = 'https://www.googleapis.com/auth/drive.file';
|
|
const SCOPE_DRIVE_METADATA_READ_ONLY = 'https://www.googleapis.com/auth/drive.metadata.readonly';
|
|
const SCOPE_DRIVE_READ_ONLY = 'https://www.googleapis.com/auth/drive.readonly';
|
|
const SCOPE_DRIVE_SCRIPTS = 'https://www.googleapis.com/auth/drive.scripts';
|
|
|
|
// Cloud Print
|
|
const SCOPE_CLOUD_PRINT = 'https://www.googleapis.com/auth/cloudprint';
|
|
|
|
// Adwords
|
|
const SCOPE_ADSENSE = 'https://www.googleapis.com/auth/adsense';
|
|
const SCOPE_ADWORDS = 'https://www.googleapis.com/auth/adwords/';
|
|
const SCOPE_GAN = 'https://www.googleapis.com/auth/gan'; // google affiliate network...?
|
|
|
|
// Google Analytics
|
|
const SCOPE_ANALYTICS = 'https://www.googleapis.com/auth/analytics';
|
|
const SCOPE_ANALYTICS_EDIT = 'https://www.googleapis.com/auth/analytics.edit';
|
|
const SCOPE_ANALYTICS_MANAGE_USERS = 'https://www.googleapis.com/auth/analytics.manage.users';
|
|
const SCOPE_ANALYTICS_READ_ONLY = 'https://www.googleapis.com/auth/analytics.readonly';
|
|
|
|
//Gmail
|
|
const SCOPE_GMAIL_MODIFY = 'https://www.googleapis.com/auth/gmail.modify';
|
|
const SCOPE_GMAIL_READONLY = 'https://www.googleapis.com/auth/gmail.readonly';
|
|
const SCOPE_GMAIL_COMPOSE = 'https://www.googleapis.com/auth/gmail.compose';
|
|
const SCOPE_GMAIL_SEND = 'https://www.googleapis.com/auth/gmail.send';
|
|
const SCOPE_GMAIL_INSERT = 'https://www.googleapis.com/auth/gmail.insert';
|
|
const SCOPE_GMAIL_LABELS = 'https://www.googleapis.com/auth/gmail.labels';
|
|
const SCOPE_GMAIL_FULL = 'https://mail.google.com/';
|
|
|
|
// Other services
|
|
const SCOPE_BOOKS = 'https://www.googleapis.com/auth/books';
|
|
const SCOPE_BLOGGER = 'https://www.googleapis.com/auth/blogger';
|
|
const SCOPE_CALENDAR = 'https://www.googleapis.com/auth/calendar';
|
|
const SCOPE_CALENDAR_READ_ONLY = 'https://www.googleapis.com/auth/calendar.readonly';
|
|
const SCOPE_CONTACT = 'https://www.google.com/m8/feeds/';
|
|
const SOCPE_CONTACTS = 'https://www.googleapis.com/auth/contacts';
|
|
const SCOPE_CONTACTS_RO = 'https://www.googleapis.com/auth/contacts.readonly';
|
|
const SCOPE_CHROMEWEBSTORE = 'https://www.googleapis.com/auth/chromewebstore.readonly';
|
|
const SCOPE_GMAIL = 'https://mail.google.com/mail/feed/atom';
|
|
const SCOPE_GMAIL_IMAP_SMTP = 'https://mail.google.com';
|
|
const SCOPE_PICASAWEB = 'https://picasaweb.google.com/data/';
|
|
const SCOPE_SITES = 'https://sites.google.com/feeds/';
|
|
const SCOPE_URLSHORTENER = 'https://www.googleapis.com/auth/urlshortener';
|
|
const SCOPE_WEBMASTERTOOLS = 'https://www.google.com/webmasters/tools/feeds/';
|
|
const SCOPE_TASKS = 'https://www.googleapis.com/auth/tasks';
|
|
|
|
// Cloud services
|
|
const SCOPE_CLOUDSTORAGE = 'https://www.googleapis.com/auth/devstorage.read_write';
|
|
const SCOPE_CONTENTFORSHOPPING = 'https://www.googleapis.com/auth/structuredcontent'; // what even is this
|
|
const SCOPE_USER_PROVISIONING = 'https://apps-apis.google.com/a/feeds/user/';
|
|
const SCOPE_GROUPS_PROVISIONING = 'https://apps-apis.google.com/a/feeds/groups/';
|
|
const SCOPE_NICKNAME_PROVISIONING = 'https://apps-apis.google.com/a/feeds/alias/';
|
|
|
|
// Old
|
|
const SCOPE_ORKUT = 'https://www.googleapis.com/auth/orkut';
|
|
const SCOPE_GOOGLELATITUDE =
|
|
'https://www.googleapis.com/auth/latitude.all.best https://www.googleapis.com/auth/latitude.all.city';
|
|
const SCOPE_OPENID = 'openid';
|
|
|
|
// YouTube
|
|
const SCOPE_YOUTUBE_GDATA = 'https://gdata.youtube.com';
|
|
const SCOPE_YOUTUBE_ANALYTICS_MONETARY = 'https://www.googleapis.com/auth/yt-analytics-monetary.readonly';
|
|
const SCOPE_YOUTUBE_ANALYTICS = 'https://www.googleapis.com/auth/yt-analytics.readonly';
|
|
const SCOPE_YOUTUBE = 'https://www.googleapis.com/auth/youtube';
|
|
const SCOPE_YOUTUBE_READ_ONLY = 'https://www.googleapis.com/auth/youtube.readonly';
|
|
const SCOPE_YOUTUBE_UPLOAD = 'https://www.googleapis.com/auth/youtube.upload';
|
|
const SCOPE_YOUTUBE_PARTNER = 'https://www.googleapis.com/auth/youtubepartner';
|
|
const SCOPE_YOUTUBE_PARTNER_AUDIT = 'https://www.googleapis.com/auth/youtubepartner-channel-audit';
|
|
|
|
// Google Glass
|
|
const SCOPE_GLASS_TIMELINE = 'https://www.googleapis.com/auth/glass.timeline';
|
|
const SCOPE_GLASS_LOCATION = 'https://www.googleapis.com/auth/glass.location';
|
|
|
|
// Android Publisher
|
|
const SCOPE_ANDROID_PUBLISHER = 'https://www.googleapis.com/auth/androidpublisher';
|
|
|
|
|
|
// Google Gsuite
|
|
const SCOPE_ADMIN_DIRECTORY_USER = "https://www.googleapis.com/auth/admin.directory.user";
|
|
const SCOPE_ADMIN_DIRECTORY_CUSTOMER = "https://www.googleapis.com/auth/admin.directory.customer";
|
|
|
|
protected $accessType = 'online';
|
|
|
|
public function __construct(
|
|
CredentialsInterface $credentials,
|
|
ClientInterface $httpClient,
|
|
TokenStorageInterface $storage,
|
|
$scopes = array(),
|
|
UriInterface $baseApiUri = null
|
|
) {
|
|
parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri, true);
|
|
|
|
if (null === $baseApiUri) {
|
|
$this->baseApiUri = new Uri('https://www.googleapis.com/oauth2/v1/');
|
|
}
|
|
}
|
|
|
|
public function setAccessType($accessType)
|
|
{
|
|
if (!in_array($accessType, array('online', 'offline'), true)) {
|
|
throw new InvalidAccessTypeException('Invalid accessType, expected either online or offline');
|
|
}
|
|
$this->accessType = $accessType;
|
|
}
|
|
|
|
// LDR CHANGE Add approval_prompt to force the prompt if value is set to 'force' so it force return of a "refresh token" in addition to "standard token"
|
|
public $approvalPrompt='auto';
|
|
public function setApprouvalPrompt($prompt)
|
|
{
|
|
if (!in_array($prompt, array('auto', 'force'), true)) {
|
|
// @todo Maybe could we rename this exception
|
|
throw new InvalidAccessTypeException('Invalid approuvalPrompt, expected either auto or force.');
|
|
}
|
|
$this->approvalPrompt = $prompt;
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function getAuthorizationEndpoint()
|
|
{
|
|
// LDR CHANGE Add approval_prompt to force the prompt if value is set to 'force' so it force return of a "refresh token" in addition to "standard token"
|
|
//return new Uri('https://accounts.google.com/o/oauth2/auth?access_type='.$this->accessType);
|
|
$url = 'https://accounts.google.com/o/oauth2/auth?'.($this->approvalPrompt?'approval_prompt='.$this->approvalPrompt.'&':'').'access_type='.$this->accessType;
|
|
|
|
return new Uri($url);
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function getAccessTokenEndpoint()
|
|
{
|
|
return new Uri('https://accounts.google.com/o/oauth2/token');
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
protected function parseAccessTokenResponse($responseBody)
|
|
{
|
|
$data = json_decode($responseBody, true);
|
|
|
|
if (null === $data || !is_array($data)) {
|
|
throw new TokenResponseException('Unable to parse response.');
|
|
} elseif (isset($data['error'])) {
|
|
throw new TokenResponseException('Error in retrieving token: "' . $data['error'] . '"');
|
|
}
|
|
|
|
$token = new StdOAuth2Token();
|
|
$token->setAccessToken($data['access_token']);
|
|
$token->setLifetime($data['expires_in']);
|
|
|
|
if (isset($data['refresh_token'])) {
|
|
$token->setRefreshToken($data['refresh_token']);
|
|
unset($data['refresh_token']);
|
|
}
|
|
|
|
unset($data['access_token']);
|
|
unset($data['expires_in']);
|
|
|
|
$token->setExtraParams($data);
|
|
|
|
return $token;
|
|
}
|
|
}
|