/usr/share/doc/php-google-api-php-client/examples/analytics/demo/authHelper.php is in php-google-api-php-client 0.6.7-2ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 | <?php
/*
* Copyright 2012 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* Abstracts handling authorization using an opaque storage mechanism.
* @author Nick Mihailovski (api.nickm@gmail.com)
*/
class AuthHelper {
/** @var Google_Client $client */
private $client;
/** @var apiAnalyticsService $analytics */
private $analytics;
/** @var storage $storage */
private $storage;
/** @var string $controllerUrl */
private $controllerUrl;
private $errorMsg = null;
/**
* Constructor.
* @param Google_Client $client The API client service object. Used for
* authorization. This is passed by reference and allows this same
* object (once authorized) to be used outside of this class.
* @param storage $storage The storage mechanism to persist authorization
* tokens.
* @param string $controllerUrl The Url of the main controller.
*/
function __construct(&$client, &$storage, $controllerUrl) {
$this->client = $client;
$this->storage = $storage;
$this->controllerUrl = $controllerUrl;
}
/**
* Retrieves an access token from the storage object and sets it into the
* client object.
*/
public function setTokenFromStorage() {
$accessToken = $this->storage->get();
if (isset($accessToken)) {
$this->client->setAccessToken($accessToken);
}
}
/**
* Goes through the client authorization routine. This routine both
* redirects a user to the Google Accounts authorization screen as well as
* handle the response from the authorization service to retrieve the
* authorization code then exchange it for an access token. This method
* also removes the authorization code from the URL to keep things pretty.
* Details on how the apiClient implements authorization can be found here:
* http://code.google.com/p/google-api-php-client/source/browse/trunk/src/auth/apiOAuth2.php#84
* If an authorization error occurs, the exception is caught and the error
* message is saved in $error.
*/
public function authenticate() {
try {
$accessToken = $this->client->authenticate();
$this->storage->set($accessToken);
// Keep things pretty. Removes the auth code from the URL.
if ($_GET['code']) {
header("Location: $this->controllerUrl");
}
} catch (Google_AuthException $e) {
$this->errorMsg = $e->getMessage();
}
}
/**
* Revokes an authorization token. This both revokes the token by making a
* Google Accounts API request to revoke the token as well as deleting the
* token from the storage mechanism. If any errors occur, the authorization
* exception is caught and the message is stored in error.
*/
public function revokeToken() {
$accessToken = $this->storage->get();
if ($accessToken) {
$tokenObj = json_decode($accessToken);
try {
$this->client->revokeToken($tokenObj->refresh_token);
$this->storage->delete();
} catch (Google_AuthException $e) {
$this->errorMsg = $e->getMessage();
}
}
// Keep things pretty. Removes the auth code from the URL.
header("Location: $this->controllerUrl");
}
/**
* Returns whether the apiClient object has been authorized. If true,
* the user can make authorized requests to the API.
* @return bool Whether the client is authorized to make API requests.
*/
public function isAuthorized() {
return $this->client->getAccessToken() ? true : false;
}
/**
* @return string Any error messages.
*/
public function getError() {
return $this->errorMsg;
}
}
|