2

i am in the situation that i have to use the zend framework along with oauth 2 for gmail. all works fine and i get the messages and login just fine, my problem is that the token expire too fast.

am i able to set it so it will never expire or how should i implement a refresh token to the framework ? i use standard code when it comes to login.

what i basically need is an access-token that does not expire or a guide for how to implement a refresh token and how to use it in a program.

any help is appreciated. thank you.

this is the login page.

include("../classes/Google/Client.php");


$client_id = "hidden";
$client_secret = "hidden";
$redirect_uri = "hidden";

$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->addScope("https://www.googleapis.com/auth/userinfo.email");
$client->addScope("https://www.googleapis.com/auth/userinfo.profile");
$client->addScope("https://mail.google.com/");

$client->setRedirectUri($redirect_uri);
$authUrl = $client->createAuthUrl();


echo "<a href=".$authUrl.">Login</a>";

this is the callback

$client_id = "hidden";
$client_secret = "hidden";
$redirect_uri = "hidden";

$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
session_start();
if (isset($_GET['code'])) {
  $client->authenticate($_GET['code']);


  $_SESSION['access_token'] = $client->getAccessToken();



  $oauth2 = new Google_Service_Oauth2($client);
  $user = $oauth2->userinfo->get();
  $_SESSION['email'] = $user;


  $redirect = 'hidden';
  header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
}

i know the code is not great, but i wonder if i should get a refresh token along with the access token ?

T.B Ygg
  • 116
  • 10
  • 1
    Access tokens are only good for 1 hour there is nothing you can do to change that. You need to use the Refresh token to get a new access token before it expires. Are you using the Google PHP client lib? Can you post the code you are currently using to get authentication? – Linda Lawton - DaImTo May 26 '14 at 19:24
  • of course.... i will post it in a second :) – T.B Ygg May 27 '14 at 05:49
  • anyone with an idea on how i should use the refresh-token ? – T.B Ygg May 27 '14 at 07:34
  • 1
    I haven't had time to test it. but this might help http://stackoverflow.com/questions/23880928/use-oauth-refresh-token-to-obtain-new-access-token-google-api – Linda Lawton - DaImTo May 27 '14 at 07:35

1 Answers1

1

if someone are interested i have done like this to fix it... now it works like it should.

this method is called every time i need to do something with the mails (if the access token is not valid then you will not have access, so this is to make sure access is always there.)

public function checktokenexpiry()
    {
    global $google_client; // this is global as we use it in our webservice.
    session_start();
    $time_created = json_decode($_SESSION['access_token']);

    $t=time();
    $timediff=$t-$time_created->created;

    if($timediff>3500) // 3500 as i want to have a little time to connect if it is just about to need refreshing. 
    {
        $user = json_decode($_COOKIE['user']);
        $usermail = $user->email;
        $refreshtoken = $this->model->getRefreshToken($usermail);
        $refreshtoken = $refreshtoken[0]['google_refresh_token'];

        $google_client->refreshToken($refreshtoken);
        $_SESSION['access_token'] = $google_client->getAccessToken();   
    }   
    }
T.B Ygg
  • 116
  • 10