using oauth #328
Comments
|
Hey there @ammopt! We don't have official support for an oauth workflow in this library yet, the main focus has been service accounts - but I believe it is still possible to achieve what you're looking for. :) I used the PHP league's oauth2 google provider to get things up and running. Please note that the provider requires PHP >= 5.6, and if you prefer the google PHP auth library does include an OAuth2 class which can achieve the same goal without an additional dependency. Here is a very basic example just to outline it should be possible: <?php
require 'vendor/autoload.php';
use League\OAuth2\Client\Provider\Google as GoogleProvider;
use Google\Cloud\Storage\StorageClient;
$provider = new GoogleProvider([
'clientId' => 'yourClientId',
'clientSecret' => 'yourClientSecret',
'redirectUri' => 'http://localhost:8080/app.php',
'hostedDomain' => 'https://localhost:8080',
]);
if (empty($_GET['code'])) {
$authUrl = $provider->getAuthorizationUrl([
'scope' => [StorageClient::FULL_CONTROL_SCOPE]
]);
header('Location: ' . $authUrl);
}
$token = $provider->getAccessToken('authorization_code', [
'code' => $_GET['code']
]);
$accessToken = $token->getToken();
if (!$accessToken) {
die('Something went south!');
}
$storage = new StorageClient([
'projectId' => 'yourProject',
'accessToken' => $accessToken
]);
foreach ($storage->buckets() as $bucket) {
echo $bucket->name() . PHP_EOL;
}/cc @jgeewax @omaray @bshaffer @tmatsuo @michaelbausor Do you guys have an opinion as to whether or not we should officially support oauth workflows? I spoke with @stephenplusplus and it appears we don't do so for node at the moment either. Could this be valuable across all the google-cloud-* libraries? |
|
Hello @dwsupplee ! Thank you so much for your detailed reply. I installed league/oauth2-google, gave it a whirl and adapted the code to provide a link to authentication and it's working, the request for objects is only returning successfully if the user has access to the bucket and I've been able to get to the point where I was (regarding authentication), using the former API. I look forward to see if you guys decide to support this officially and eventually contribute however I can. Thank you. |
michaelbausor
added
api: core
type: question
|
@dwsupplee Sorry for the late reply, but I would defer 3 legged OAuth flow to other libraries as long as you can inject the auth token from that flow. |
michaelbausor
added
the
priority: p2
|
@dwsupplee @jdpedrie Perhaps we can make a decision to either close this issue, or otherwise move it into the feature request wiki? |
|
Given that we do provide an |
|
Hi, I am also planning to have this for Analytics Data API (GA4). Is this applicable if I can use the oauth token generated from google oauth lib? Thanks, |
Hello all,
I'm not sure how to authenticate users with this lib using oauth.
I've been building an app to communicate with GC Storage and I started with storage-getting-started-php.
Everything was coming up nicely until I realized that that project is using google-api-php-client instead of, well, this one google-cloud-php.
In the README.md file of google-api-php-client says I should be using this one if I'm looking to call the Cloud Platform APIs, so I decided to switch to this one. After switching to this one, I got the service account credentials working nicely and I can request bucket and objects information but I don't seem to find any info on how to implement user authentication, which the other repository was using.
Without user authentication, I can only get objects from the bucket if "user=>allUsers" as read permissions, which is something I don't want to have.
Can I use user authentication with this lib? Or do I have to import a different lib on top of it? Or ultimately go back to the original google-php api I was using intially.
Thank you!
The text was updated successfully, but these errors were encountered: