How do I check if an access token is valid using only Google Drive's REST API?

Question

I am implementing the answer to this question in PHP, for which there was already converted code in this question.

    $ch = curl_init();
    curl_setopt( $ch, CURLOPT_URL, "https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=$access_token" ) ;
    curl_setopt( $ch, CURLOPT_PORT , 443 ) ;
    curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ) ;
    curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 ) ;
    curl_setopt( $ch, CURLOPT_HEADER, false ) ;
    curl_setopt( $ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded") ) ;

    $response = curl_exec( $ch ) ;
    error_log($response);

When I run that code, however, I receive:

HTTP/1.1 400 Bad Request
Vary: X-Origin
Content-Type: application/json; charset=UTF-8
Date: Wed, 06 Sep 2017 22:29:24 GMT
Expires: Wed, 06 Sep 2017 22:29:24 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Accept-Ranges: none
Vary: Origin,Accept-Encoding
Transfer-Encoding: chunked

{
 "error": "unsupported_grant_type",
 "error_description": "Invalid grant_type: "
}

My post fields are in the exact same format as they are in the JavaScript answer, even URL-encoded as they are not in PHP. I have the same refresh token open in Google's OAuth 2.0 Playground, and I receive the same message when I try to refresh my access token there.

Answer 1

Finished this two weeks ago and forgot to post my own answer. Here are the methods I created for getting tokens and downloading files:

const CLIENT_ID = "";
const CLIENT_SECRET = "";

private $refresh_token;
private $access_token;
private $file_id;
private $output_path;
private $token_filename;

public function is_token_valid() {
    $startTime = new \DateTime();

    error_log('[' . $startTime->format('Y-m-d h:i:s') . '] Checking if access token ' . trim($this->access_token) . ' is valid...');

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, "https://www.googleapis.com/oauth2/v3/tokeninfo?access_token="  . urlencode($this->access_token));
    curl_setopt($ch, CURLOPT_PORT, 443);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    $response = curl_exec($ch);

    error_log('[' . $startTime->format('Y-m-d h:i:s') . '] Checking token information...');
    if ($response === false) {
        error_log('[' . $startTime->format('Y-m-d h:i:s') . '] Error while checking access token...');
        throw new \Exception("Token check triggered cURL error " + curl_errno($ch) . ": " . curl_error($ch));
    }

    $response = json_decode($response, true);

    return !(isset($response['error']) || isset($response['error_description']));
}

public function get_access_token() {
    $startTime = new \DateTime();
    $post_fields = "grant_type=refresh_token&client_id=" . urlencode(self::CLIENT_ID) . "&client_secret=" . urlencode(self::CLIENT_SECRET) . "&refresh_token=" . urlencode($this->refresh_token);

    error_log('[' . $startTime->format('Y-m-d h:i:s') . '] Getting access token for refresh token ' . urlencode($this->refresh_token) . ' ...');
    //error_log($post_fields);

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, "https://www.googleapis.com/oauth2/v4/token");
    curl_setopt($ch, CURLOPT_PORT , 443);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_HEADER, false);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded"));
    $response = curl_exec($ch);
    $response = json_decode($response, true);

    if ($response === false) {
        throw new \Exception("Fetching access token triggered cURL error " + curl_errno($ch) . ": " . curl_error($ch));
    }

    if (!isset($response['access_token'])) {
        throw new \Exception("Error fetching access token: " . json_encode($response));
    }
    $this->access_token = $response['access_token'];
    file_put_contents($this->token_filename, $this->access_token);

    return $this->access_token;
}

public function download_file() {
    $startTime = new \DateTime();
    $url = "https://www.googleapis.com/drive/v3/files/{$this->file_id}/export?mimeType=text/csv";

    error_log('[' . $startTime->format('Y-m-d h:i:s') . '] Downloading CSV with URL ' . $url . ' ...');

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_PORT , 443);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_HEADER, false);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: Bearer " . $this->access_token));
    $response = curl_exec($ch);

    if (curl_getinfo($ch, CURLINFO_HTTP_CODE) != 200) {
        $response = json_decode($response);
        throw new \Exception("CSV download was not successful: " + json_encode($response));
    }

    $tmp = tmpfile();
    $path = stream_get_meta_data($tmp)['uri'];
    file_put_contents($path, $response);

    error_log('[' . $startTime->format('Y-m-d h:i:s') . '] Saved URL to ' . $path . ' ...');

    return $path;
}

// ...

if (!$this->is_token_valid()) {
    $this->get_access_token();
}
$this->download_file();