网站用户与他们的 gmail 帐户永久连接如果用户允许访问他们的数据

Question

我正在探索谷歌日历 api，以将用户谷歌事件与我的网站事件同步。首先，我完成了使用 gmail 登录并获得用户帐户离线访问权限。我的代码是

<?php
require_once __DIR__.'/vendor/autoload.php';

session_start();

$client = new Google_Client();
$client->setAuthConfigFile(__DIR__.'/client_secrets.json');
$client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . '/google4/oauth2callback.php');
$client->addScope(Google_Service_Calendar::CALENDAR_READONLY);
$client->setAccessType('offline');
$client->setApprovalPrompt('force');
$client->setIncludeGrantedScopes(true);
//echo $_GET['access_token'].' '.$_GET['code'];
if (!isset($_GET['code']) && !isset($_SESSION['access_token'])) { //echo "werwe";exit;
  $auth_url = $client->createAuthUrl();
  header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
} else {
  $db = mysql_connect('localhost','root','');
  mysql_select_db('google',$db);
  //echo $_SESSION['refresh_token'];
  $client->refreshToken($_SESSION['refresh_token']);
  $client->authenticate($_GET['code']);
  // $client()->getRefreshToken();
  $_SESSION['access_token'] = $client->getAccessToken();
  //print_r($_SESSION['access_token']);exit;
  //
  $sql = "update google set access_token='".$_SESSION['access_token']['refresh_token']."' WHERE userId = '".$_SESSION['userId']."'";
  mysql_query($sql);
   $_SESSION['refresh_token']=$_SESSION['access_token']['refresh_token'];
  $redirect_uri = 'http://' . $_SERVER['HTTP_HOST'] . '/google4';
  header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
?>

当用户允许从 api 访问他们的数据时，谷歌返回数组，如

[
  access_token => xxx,
  token_type => bearer,
  created => xxx,
  expires_in => 3600,
  refresh_token => xxx
] 

使用这个访问令牌我得到事件数据，我的代码是

<?php
require_once __DIR__.'/vendor/autoload.php';
//error_reporting(E_PARSE);
session_start();

$client = new Google_Client();
$client->setAuthConfig(__DIR__.'/client_secrets.json');
$client->addScope(Google_Service_Drive::DRIVE_METADATA_READONLY);
$client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . '/google4/oauth2callback.php');
$client->setAccessType('offline');
echo "<a href='logout.php'> logout </a>";

if (isset($_SESSION['access_token']) &&           $_SESSION['refresh_token']) {
    $client->refreshToken($_SESSION['refresh_token']);
    $client->setAccessToken($_SESSION['access_token']);
    $service = new Google_Service_Calendar($client);

    $calendarId = 'primary';
    $optParams = array(
       'maxResults' => 10,
       'orderBy' => 'startTime',
       'singleEvents' => TRUE,
       'timeMin' => date('c'),
     );
$results = $service->events->listEvents($calendarId, $optParams);

   if (count($results->getItems()) == 0) {
     print "No upcoming events found.\n";
   } else {
  print "Upcoming events:\n";
  foreach ($results->getItems() as $event) {
    $start = $event->start->dateTime;
    if (empty($start)) {
      $start = $event->start->date;
    }
    printf("%s (%s)\n", $event->getSummary(), $start);
  }
}

} else {
  $redirect_uri = 'http://' . $_SERVER['HTTP_HOST'] . '/google4/oauth2callback.php';
  header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}

我获取了事件数据，但是当会话过期时如何获取用户数据？

如果我有权离线访问，我必须为该用户存储什么，以便我可以离线访问用户日历数据，以便网站直接连接到他们的帐户？

如果会话过期，我如何使用保存的用户数据每次从用户日历中获取数据？

Answer 1

Google 允许离线访问 60 天（请确保 google.com 的当前政策） 要获得离线访问，您需要在 oAuth 请求中传递以下标志

access_type=offline

请注意，当您想强制要求离线访问用户时，以下标志很有用

approval_prompt=force

因此，每次您需要访问谷歌数据时，您都需要使用以前的访问令牌数据请求刷新令牌。您必须将访问令牌数据保存到数据库中。