-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.php
130 lines (110 loc) · 5.12 KB
/
auth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
<?php
/*
* Copyright 2018 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\AdsApi\Examples\Authentication;
require __DIR__ . '/../../vendor/autoload.php';
use Google\Auth\CredentialsLoader;
use Google\Auth\OAuth2;
/**
* This example will create an OAuth2 refresh token for the Google Ads API
* using the Desktop application flow. You can then use this refresh token
* to generate access tokens to authenticate against the Google Ads API you're
* using.
*
* This example is meant to be run from the command line and requires user
* input.
*/
class AuthenticateInDesktopApplication
{
/**
* @var string the OAuth2 scope for the Google Ads API
* @see https://developers.google.com/google-ads/api/docs/oauth/internals#scope
*/
private const SCOPE = 'https://www.googleapis.com/auth/adwords';
/**
* @var string the Google OAuth2 authorization URI for OAuth2 requests
* @see https://developers.google.com/identity/protocols/oauth2/native-app#step-2:-send-a-request-to-googles-oauth-2.0-server
*/
private const AUTHORIZATION_URI = 'https://accounts.google.com/o/oauth2/v2/auth';
/**
* @var string the redirect URI for OAuth2 Desktop application flows
* @see https://developers.google.com/identity/protocols/oauth2/native-app#request-parameter-redirect_uri
*/
private const REDIRECT_URI = 'INSERT_REDIRECT_URL_HERE';
public static function main()
{
$stdin = fopen('php://stdin', 'r');
print 'Enter your OAuth2 client ID here: ';
$clientId = trim(fgets($stdin));
print 'Enter your OAuth2 client secret here: ';
$clientSecret = trim(fgets($stdin));
print '[OPTIONAL] enter any additional OAuth2 scopes as a space '
. 'delimited string here (the Google Ads API scope is already included): ';
$scopes = self::SCOPE . ' ' . trim(fgets($stdin));
$oauth2 = new OAuth2(
[
'clientId' => $clientId,
'clientSecret' => $clientSecret,
'authorizationUri' => self::AUTHORIZATION_URI,
'redirectUri' => self::REDIRECT_URI,
'tokenCredentialUri' => CredentialsLoader::TOKEN_CREDENTIAL_URI,
'scope' => self::SCOPE,
// Create a 'state' token to prevent request forgery. See
// https://developers.google.com/identity/protocols/OpenIDConnect#createxsrftoken
// for details.
'state' => sha1(openssl_random_pseudo_bytes(1024))
]
);
printf(
'Log into the Google account you use for Google Ads and visit the following URL:'
. '%1$s%2$s%1$s%1$s',
PHP_EOL,
$oauth2->buildFullAuthorizationUri()
);
// Exit if the state is invalid to prevent request forgery.
print 'After approving the application, Enter the state variable: ';
$state = trim(fgets($stdin));
if (empty($state) || ($state !== $oauth2->getState())) {
throw new UnexpectedValueException(
"The state is empty or doesn't match expected one." . PHP_EOL
);
};
print 'After entering the state variable, enter the authorization code here: ';
$code = trim(fgets($stdin));
fclose($stdin);
print PHP_EOL;
$oauth2->setCode($code);
$authToken = $oauth2->fetchAuthToken();
print "Your refresh token is: {$authToken['refresh_token']}" . PHP_EOL . PHP_EOL;
$propertiesToCopy = '[GOOGLE_ADS]' . PHP_EOL;
$propertiesToCopy .= 'developerToken = "INSERT_DEVELOPER_TOKEN_HERE"' . PHP_EOL;
$propertiesToCopy .= <<<EOD
; Required for manager accounts only: Specify the login customer ID used to authenticate API calls.
; This will be the customer ID of the authenticated manager account. You can also specify this later
; in code if your application uses multiple manager account + OAuth pairs.
; loginCustomerId = "INSERT_LOGIN_CUSTOMER_ID_HERE"
EOD;
$propertiesToCopy .= PHP_EOL . '[OAUTH2]' . PHP_EOL;
$propertiesToCopy .= "clientId = \"$clientId\"" . PHP_EOL;
$propertiesToCopy .= "clientSecret = \"$clientSecret\"" . PHP_EOL;
$propertiesToCopy .= "refreshToken = \"{$authToken['refresh_token']}\"" . PHP_EOL;
print 'Copy the text below into a file named "google_ads_php.ini" in your home '
. 'directory, and replace "INSERT_DEVELOPER_TOKEN_HERE" with your developer '
. 'token:' . PHP_EOL;
print PHP_EOL . $propertiesToCopy;
}
}
AuthenticateInDesktopApplication::main();