I want to find the list of friends of Google+ user who have authorized the app without asking for authorization again.
For example: Once the user login using the Google+ to my website, I store the auth token, code, Google+ user id in the db. So once that is done I want to find the list of users friends in his circle. I managed to get the first part working and it saves the auth token, code, Google+ user id in the db. But in the second case i.e. finding the list of users friends, I again get a the screen where user have to authorize the app.
Can someone please help me in this?
Also is it possible to get all the user details in offline mode like using the auth token, code, Google+ user id which is in the db?
Initial code(login):
require_once __DIR__.'/social-api/google/Google_Client.php';
require_once __DIR__.'/social-api/google/contrib/Google_PlusService.php';
$this->sn_obj = new Google_Client($google_app_id, $google_secret_key, $call_back_url);
$this->plus_obj = new Google_PlusService($this->sn_obj);
$this->sn_obj->setRedirectUri($call_back_url);
$this->sn_obj->setState($redirect_url);
$requestVisibleActions = array('http://schemas.google.com/AddActivity','http://schemas.google.com/ReviewActivity');
$this->sn_obj->setRequestVisibleActions($requestVisibleActions);
$this->sn_obj->setAccessType('offline');
$this->sn_obj->setScopes(array('https://www.googleapis.com/auth/userinfo.profile','https://www.googleapis.com/auth/userinfo.email','https://www.googleapis.com/auth/plus.login'));
$this->sn_obj->createAuthUrl();
In callback page:
require_once __DIR__.'/social-api/google/Google_Client.php';
require_once __DIR__.'/social-api/google/contrib/Google_PlusService.php';
$this->sn_obj = new Google_Client($google_app_id, $google_secret_key, $call_back_url);
$this->plus_obj = new Google_PlusService($this->sn_obj);
$this->sn_obj->setRedirectUri($call_back_url);
$this->sn_obj->setState($redirect_url);
$requestVisibleActions = array('http://schemas.google.com/AddActivity','http://schemas.google.com/ReviewActivity');
$this->sn_obj->setRequestVisibleActions($requestVisibleActions);
$this->sn_obj->setAccessType('offline');
$this->sn_obj->setScopes(array('https://www.googleapis.com/auth/userinfo.profile','https://www.googleapis.com/auth/userinfo.email','https://www.googleapis.com/auth/plus.login'));
$this->sn_obj->authenticate();
$google_auth_token = $this->sn_obj->getAccessToken();
$google_user_info = $this->plus_obj->people->get('me');
Friends listing page:
require_once __DIR__.'/social-api/google/Google_Client.php';
require_once __DIR__.'/social-api/google/contrib/Google_PlusService.php';
$this->sn_obj = new Google_Client($google_app_id, $google_secret_key, $call_back_url);
$this->plus_obj = new Google_PlusService($this->sn_obj);
$this->sn_obj->setRedirectUri($call_back_uri);
$this->sn_obj->authenticate();
$user_info = $this->plus_obj->people->listPeople($token['oauth_uid'],'visible');
Finally managed to get get it done
On Friends listing page:
require_once __DIR__.'/social-api/google/Google_Client.php';
require_once __DIR__.'/social-api/google/contrib/Google_PlusService.php';
$this->sn_obj = new Google_Client($google_app_id, $google_secret_key, $call_back_url);
$this->plus_obj = new Google_PlusService($this->sn_obj);
if(!$this->sn_obj->getAccessToken()){
$this->sn_obj->refreshToken($refresh_token_from_db);
}
$google_auth_token = $this->sn_obj->getAccessToken();
$google_auth_token_arr = json_decode($google_auth_token,true);
$url = 'https://www.googleapis.com/plus/v1/people/'.$uid_from_db.'/people/visible?access_token='.$google_auth_token_arr['access_token'].'&format=json';
$c = curl_init($url);
curl_setopt($c, CURLINFO_HEADER_OUT, 1);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_HEADER, 0);
$contents = curl_exec($c);
curl_close($c);
$user_info = json_decode($contents, true);
In general, when working in offline mode, you need to store the entire object that comes back from the server - not just the auth token. This object includes the long-lived refresh token as well as information about when it needs to do a refresh. Passing this entire token to the service allows it to refresh the token for you.
The answer you came up with looks like you do the refresh yourself manually - which is fine, but shouldn't be necessary in general.
In some cases, if a user authorizes your app before you have requested offline mode, and you later request offline mode, you still won't get the refresh token. Google will only give a refresh token when asked if there is no auth token, current or expired, that was issued. There are two ways around this: