Last active
February 27, 2021 22:37
-
-
Save Jerry0022/27248ce51369e261829a to your computer and use it in GitHub Desktop.
Google oAuth2, sign up, sign in, logout and show user data. Need to set REDIRECT_URL from google developer console and the https://github.com/google/google-api-php-client cloned in the web directory.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Enable error reporting | |
error_reporting(E_ALL); | |
ini_set('display_errors', 1); | |
$google_redirect_url = 'REDIRECT_URL'; | |
//start session | |
session_start(); | |
//include google api files | |
include_once 'google-api-php-client/src/Google/autoload.php'; | |
// New Google client | |
$gClient = new Google_Client(); | |
$gClient->setApplicationName('ApplicationName'); | |
$gClient->setAuthConfigFile('client_secret.json'); | |
$gClient->addScope(Google_Service_Oauth2::USERINFO_PROFILE); | |
$gClient->addScope(Google_Service_Oauth2::USERINFO_EMAIL); | |
// New Google Service | |
$google_oauthV2 = new Google_Service_Oauth2($gClient); | |
// LOGOUT? | |
if (isset($_REQUEST['logout'])) | |
{ | |
unset($_SESSION["auto"]); | |
unset($_SESSION['token']); | |
$gClient->revokeToken(); | |
header('Location: ' . filter_var($google_redirect_url, FILTER_SANITIZE_URL)); //redirect user back to page | |
} | |
// GOOGLE CALLBACK? | |
if (isset($_GET['code'])) | |
{ | |
$gClient->authenticate($_GET['code']); | |
$_SESSION['token'] = $gClient->getAccessToken(); | |
header('Location: ' . filter_var($google_redirect_url, FILTER_SANITIZE_URL)); | |
return; | |
} | |
// PAGE RELOAD? | |
if (isset($_SESSION['token'])) | |
{ | |
$gClient->setAccessToken($_SESSION['token']); | |
} | |
// Autologin? | |
if(isset($_GET["auto"])) | |
{ | |
$_SESSION['auto'] = $_GET["auto"]; | |
} | |
// LOGGED IN? | |
if ($gClient->getAccessToken()) // Sign in | |
{ | |
//For logged in user, get details from google using access token | |
try { | |
$user = $google_oauthV2->userinfo->get(); | |
$user_id = $user['id']; | |
$user_name = filter_var($user['givenName'], FILTER_SANITIZE_SPECIAL_CHARS); | |
$email = filter_var($user['email'], FILTER_SANITIZE_EMAIL); | |
$gender = filter_var($user['gender'], FILTER_SANITIZE_SPECIAL_CHARS); | |
$profile_url = filter_var($user['link'], FILTER_VALIDATE_URL); | |
$profile_image_url = filter_var($user['picture'], FILTER_VALIDATE_URL); | |
$personMarkup = "$email<div><img src='$profile_image_url?sz=50'></div>"; | |
$_SESSION['token'] = $gClient->getAccessToken(); | |
// Show user | |
echo '<br /><a href="'.$profile_url.'" target="_blank"><img src="'.$profile_image_url.'?sz=100" /></a>'; | |
echo '<br /><a class="logout" href="?logout=1">Logout</a>'; | |
$boolarray = Array(false => 'false', true => 'true'); | |
echo '<p>Was automatical login? '.$boolarray[isset($_SESSION["auto"])].'</p>'; | |
//list all user details | |
echo '<pre>'; | |
print_r($user); | |
echo '</pre>'; | |
} catch (Exception $e) { | |
// The user revoke the permission for this App! Therefore reset session token | |
unset($_SESSION["auto"]); | |
unset($_SESSION['token']); | |
header('Location: ' . filter_var($google_redirect_url, FILTER_SANITIZE_URL)); | |
} | |
} | |
else // Sign up | |
{ | |
//For Guest user, get google login url | |
$authUrl = $gClient->createAuthUrl(); | |
// Fast access or manual login button? | |
if(isset($_GET["auto"])) | |
{ | |
header('Location: ' . filter_var($authUrl, FILTER_SANITIZE_URL)); | |
} | |
else | |
{ | |
echo '<p>Login?</p>'; | |
echo '<a class="login" href="'.$authUrl.'"><img src="images/google-login-button.png" /></a>'; | |
} | |
} | |
?> |
Hey,
thanks! you can use it for free :)
And yes under GPL.
Regards
Jeremy
Am Mi., 8. Mai 2019 um 20:35 Uhr schrieb Andreas Lopez <
[email protected]>:
… I wished I found this a week or two ago. I struggled so much with the
logout functionality and overall OAuth 2.0 from googles utterly confusing
documentation.
You are my hero @Jerry0022 <https://github.com/Jerry0022> ! I might use
this as building block for an article on Medium or such and hope more
people find here. Please feel free to contact me for details and whether or
not you would consider officially putting this under the GPL license so
that people can use this in their projects.
Sincerely,
Andreas Lopez aka Uriel1339 ( @Uriel1339 <https://twitter.com/uriel1339> )
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://gist.github.com/27248ce51369e261829a#gistcomment-2912154>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ABP2375JGEB53ASJA52UJ4DPUMMNPANCNFSM4HLUFK3A>
.
Thank you very much!
Also I saw on your GitHub profile that you are German. Well I was born and
raised there for 19 years, lol.
What coincidence that my coding saviour and angel is also from my home
country, haha!
Sincerely,
Andreas Lopez
…On Wed, May 8, 2019, 2:57 PM Jerry ***@***.***> wrote:
Hey,
thanks! you can use it for free :)
And yes under GPL.
Regards
Jeremy
Am Mi., 8. Mai 2019 um 20:35 Uhr schrieb Andreas Lopez <
***@***.***>:
> I wished I found this a week or two ago. I struggled so much with the
> logout functionality and overall OAuth 2.0 from googles utterly confusing
> documentation.
>
> You are my hero @Jerry0022 <https://github.com/Jerry0022> ! I might use
> this as building block for an article on Medium or such and hope more
> people find here. Please feel free to contact me for details and whether
or
> not you would consider officially putting this under the GPL license so
> that people can use this in their projects.
>
> Sincerely,
>
> Andreas Lopez aka Uriel1339 ( @Uriel1339 <https://twitter.com/uriel1339>
)
>
> —
> You are receiving this because you were mentioned.
> Reply to this email directly, view it on GitHub
> <https://gist.github.com/27248ce51369e261829a#gistcomment-2912154>, or
mute
> the thread
> <
https://github.com/notifications/unsubscribe-auth/ABP2375JGEB53ASJA52UJ4DPUMMNPANCNFSM4HLUFK3A
>
> .
>
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://gist.github.com/27248ce51369e261829a#gistcomment-2912185>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ADFMIKHWGGMZUZMJGNN3VT3PUMPDHANCNFSM4HLUFK3A>
.
Excellent example!
Thank you.
$gClient->revokeToken();
It does't work without argument now. At least for me.
I had to change it to:
$gClient->revokeToken($_SESSION['token']);
And of coz unset $_SESSION['token'] after revokeToken. Not before.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I wished I found this a week or two ago. I struggled so much with the logout functionality and overall OAuth 2.0 from googles utterly confusing documentation.
You are my hero @Jerry0022 ! I might use this as building block for an article on Medium or such and hope more people find here. Please feel free to contact me for details and whether or not you would consider officially putting this under the GPL license so that people can use this in their projects.
Sincerely,
Andreas Lopez aka Uriel1339 ( @uriel1339 )