谷歌日历403禁止PHP服务器到服务器通信

时间:2017-02-05 22:52:17

标签: php google-api google-calendar-api google-oauth google-api-php-client

  <?php

    include('lead1.php');
    require_once __DIR__ . '/vendor/autoload.php';

    global $link;

        $emailmsgsql =  "SELECT *
                        FROM psleads WHERE agreeid = '6'";
        $msgreqsres = mysqli_query($link, $emailmsgsql); // or die(mysql_error()0);
        $msgreqs = $msgreqsres->fetch_assoc();

        $start = $msgreqs['contractbegindate'] . ' ' . $msgreqs['contractbegintime'];
        $end = $msgreqs['contractenddate'] . ' ' . $msgreqs['contractendtime'];

        $startDT = new DateTime($start, new DateTimeZone('Pacific/Honolulu'));
        $endDT = new DateTime($end, new DateTimeZone('Pacific/Honolulu'));

        $startDTw3c = $startDT->format(DateTime::W3C);
        $endDTw3c = $endDT->format(DateTime::W3C);

        putenv('GOOGLE_APPLICATION_CREDENTIALS=./service-account.json');

        define('CREDENTIALS_PATH', '~/calendar-php.json');
        define('CLIENT_SECRET_PATH', './client_secret.json');
        //define('CLIENT_SECRET_PATH', __DIR__ . '/client_secret.json');

        $client = new Google_Client();
        $client->setApplicationName("Paradise_Sound_Booking_Calendar");
        $client->addScope('https://www.googleapis.com/auth/calendar');
        $client->setAuthConfig(CLIENT_SECRET_PATH);
        $client->setClientId('532085378494-s908fs5mu4rf2e2s60cecgaprg9pem1p.apps.googleusercontent.com');

        $client->setDeveloperKey("XXXXX");//flo.gd

        $client->useApplicationDefaultCredentials();

        // Load previously authorized credentials from a file.
        function expandHomeDirectory($path) {
          $homeDirectory = getenv('HOME');
          if (empty($homeDirectory)) {
            $homeDirectory = getenv('HOMEDRIVE') . getenv('HOMEPATH');
          }
          return str_replace('~', realpath($homeDirectory), $path);
        }

$credentialsPath = expandHomeDirectory(CREDENTIALS_PATH);
if (file_exists($credentialsPath)) {
    $accessToken = json_decode(file_get_contents($credentialsPath), true);
} else {
    // Request authorization from the user.
    $authUrl = $client->createAuthUrl();
    printf("Open the following link in your browser:\n%s\n", $authUrl);
    print 'Enter verification code: ';
    //$authCode = trim(fgets(STDIN));
    $authCode = 'Manually pasted return code into script here';

    // Exchange authorization code for an access token.
    $accessToken = $client->fetchAccessTokenWithAuthCode($authCode);

    // Store the credentials to disk.
    if(!file_exists(dirname($credentialsPath))) {
      mkdir(dirname($credentialsPath), 0700, true);
    }
    file_put_contents($credentialsPath, json_encode($accessToken));
    printf("Credentials saved to %s\n", $credentialsPath);
}

$client->setAccessToken($accessToken);

// Refresh the token if it's expired.
if ($client->isAccessTokenExpired()) {
    $client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
    file_put_contents($credentialsPath, json_encode($client->getAccessToken()));
}



        $service = new Google_Service_Calendar($client);

        $event = new Google_Service_Calendar_Event(array(
          'summary' => 'Booked Event ' . $msgreqs['contractbegindate'],
          'start' => array(
            'dateTime' => $startDTw3c,
            //'dateTime' => '2015-05-28T09:00:00-07:00',
            'timeZone' => 'Pacific/Honolulu',
          ),
          'end' => array(
            'dateTime' => $endDTw3c,
            'timeZone' => 'Pacific/Honolulu',
          )
        ));

        $calendarId = 'iddnpsbinrifod2826eqo1kmoo@group.calendar.google.com';
        $eventres = $service->events->insert($calendarId, $event);

        echo json_encode($eventres);
?>

所以这是我用来测试事件插入到我的谷歌日历中的PHP代码。

我认为我只能使用一个API密钥,但谷歌似乎有这种令人费解的OAUTH方式我无法理解。我可以在API开发者控制台中看到所有403错误。

是否有人有工作代码在我的日历中插入简单的事件。

背景:

我将从paypal(已完成)接收IPN,这将触发此脚本,该事件将在我的日历中插入事件,而不是用户。任何人都可以帮助我,而不是指向我的谷歌开发人员文档?他们看起来很稀疏,我一遍又一遍地阅读它们,无法解决我的问题。

以下是我遇到的错误:

  

致命错误:未捕获的异常&#39; Google_Service_Exception&#39;同   消息&#39; {&#34;错误&#34;:{&#34;错误&#34;:[{&#34;域&#34;:&#34;全球&#34;,&#34;原因& #34 ;:   &#34;禁止&#34;,&#34;消息&#34;:&#34;禁止&#34; }],&#34;代码&#34;:403,&#34;消息&#34;:   &#34;禁止&#34; }&#39;在   /home/dahfrench/flo.gd/src/Google/Http/REST.php:118堆栈追踪:#0   /home/dahfrench/flo.gd/src/Google/Http/REST.php(94):   Google_Http_REST :: decodeHttpResponse(对象(GuzzleHttp \ PSR7 \响应),   对象(GuzzleHttp \ Psr7 \ Request),&#39; Google_Service _...&#39;)#1 [内部   功能]:Google_Http_REST :: doExecute(对象(GuzzleHttp \ Client),   对象(GuzzleHttp \ Psr7 \ Request),&#39; Google_Service _...&#39;)#2   /home/dahfrench/flo.gd/src/Google/Task/Runner.php(181):   call_user_func_array(Array,Array)#3   /home/dahfrench/flo.gd/src/Google/Http/REST.php(58):   Google_Task_Runner-&gt; run()#4   /home/dahfrench/flo.gd/src/Google/Client.php(789):   Google_Http_REST ::执行(对象(GuzzleHttp \客户端),   对象(GuzzleHttp \ Psr7 \ Request),&#39; Google_Service _...&#39;,数组)#5   /home/dahfrench/flo.gd/src/Google/Service/Resource.php(232):Goo in   第118行/home/dahfrench/flo.gd/src/Google/Http/REST.php

1 个答案:

答案 0 :(得分:2)

您可能希望最终确定要实施的身份验证:用户需要登录才能执行/请求Google服务或将域范围的权限委派给服务帐户。

如果您将使用OAuth 2.0:

  

您的应用必须使用OAuth 2.0来授权请求​​。

Sample Code from Google

<?php
require_once __DIR__ . '/vendor/autoload.php';


define('APPLICATION_NAME', 'Google Calendar API PHP Quickstart');
define('CREDENTIALS_PATH', '~/.credentials/calendar-php-quickstart.json');
define('CLIENT_SECRET_PATH', __DIR__ . '/client_secret.json');
// If modifying these scopes, delete your previously saved credentials
// at ~/.credentials/calendar-php-quickstart.json
define('SCOPES', implode(' ', array(
  Google_Service_Calendar::CALENDAR_READONLY)
));

if (php_sapi_name() != 'cli') {
  throw new Exception('This application must be run on the command line.');
}

/**
 * Returns an authorized API client.
 * @return Google_Client the authorized client object
 */
function getClient() {
  $client = new Google_Client();
  $client->setApplicationName(APPLICATION_NAME);
  $client->setScopes(SCOPES);
  $client->setAuthConfig(CLIENT_SECRET_PATH);
  $client->setAccessType('offline');

  // Load previously authorized credentials from a file.
  $credentialsPath = expandHomeDirectory(CREDENTIALS_PATH);
  if (file_exists($credentialsPath)) {
    $accessToken = json_decode(file_get_contents($credentialsPath), true);
  } else {
    // Request authorization from the user.
    $authUrl = $client->createAuthUrl();
    printf("Open the following link in your browser:\n%s\n", $authUrl);
    print 'Enter verification code: ';
    $authCode = trim(fgets(STDIN));

    // Exchange authorization code for an access token.
    $accessToken = $client->fetchAccessTokenWithAuthCode($authCode);

    // Store the credentials to disk.
    if(!file_exists(dirname($credentialsPath))) {
      mkdir(dirname($credentialsPath), 0700, true);
    }
    file_put_contents($credentialsPath, json_encode($accessToken));
    printf("Credentials saved to %s\n", $credentialsPath);
  }
  $client->setAccessToken($accessToken);

  // Refresh the token if it's expired.
  if ($client->isAccessTokenExpired()) {
    $client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
    file_put_contents($credentialsPath, json_encode($client->getAccessToken()));
  }
  return $client;
}

/**
 * Expands the home directory alias '~' to the full path.
 * @param string $path the path to expand.
 * @return string the expanded path.
 */
function expandHomeDirectory($path) {
  $homeDirectory = getenv('HOME');
  if (empty($homeDirectory)) {
    $homeDirectory = getenv('HOMEDRIVE') . getenv('HOMEPATH');
  }
  return str_replace('~', realpath($homeDirectory), $path);
}

// Get the API client and construct the service object.
$client = getClient();
$service = new Google_Service_Calendar($client);

// Print the next 10 events on the user's calendar.
$calendarId = 'primary';
$optParams = array(
  'maxResults' => 10,
  'orderBy' => 'startTime',
  'singleEvents' => TRUE,
  'timeMin' => date('c'),
);
$results = $service->events->listEvents($calendarId, $optParams);

if (count($results->getItems()) == 0) {
  print "No upcoming events found.\n";
} else {
  print "Upcoming events:\n";
  foreach ($results->getItems() as $event) {
    $start = $event->start->dateTime;
    if (empty($start)) {
      $start = $event->start->date;
    }
    printf("%s (%s)\n", $event->getSummary(), $start);
  }
}

如果您将使用Google Apps域范围的授权:

  

授权服务帐户代表域中的用户访问数据有时被称为&#34;委派域范围的权限&#34;到服务帐户。

来自SO post的示例代码:     

function calendarize ($title, $desc, $ev_date, $cal_id) {

    session_start();

    /************************************************
    Make an API request authenticated with a service
    account.
    ************************************************/
    set_include_path( '../google-api-php-client/src/');

    require_once 'Google/Client.php';
    require_once 'Google/Service/Calendar.php';

    //obviously, insert your own credentials from the service account in the Google Developer's console
    $client_id = '843319906820-xxxxxxxxxxxxxxxxxxxdcqal54p1he6.apps.googleusercontent.com';
    $service_account_name = '843319906820-xxxxxxxxxxxxxxxxxxxdcqal54p1he6@developer.gserviceaccount.com';
    $key_file_location = '../google-api-php-client/calendar-xxxxxxxxxxxx.p12';

    if (!strlen($service_account_name) || !strlen($key_file_location))
        echo missingServiceAccountDetailsWarning();

    $client = new Google_Client();
    $client->setApplicationName("Whatever the name of your app is");

    if (isset($_SESSION['service_token'])) {
        $client->setAccessToken($_SESSION['service_token']);
    }

    $key = file_get_contents($key_file_location);
    $cred = new Google_Auth_AssertionCredentials(
        $service_account_name, 
        array('https://www.googleapis.com/auth/calendar'), 
        $key
    );
    $client->setAssertionCredentials($cred);
    if($client->getAuth()->isAccessTokenExpired()) {
        $client->getAuth()->refreshTokenWithAssertion($cred);
    }
    $_SESSION['service_token'] = $client->getAccessToken();

    $calendarService = new Google_Service_Calendar($client);
    $calendarList = $calendarService->calendarList;

    //Set the Event data
    $event = new Google_Service_Calendar_Event();
    $event->setSummary($title);
    $event->setDescription($desc);

    $start = new Google_Service_Calendar_EventDateTime();
    $start->setDateTime($ev_date);
    $event->setStart($start);

    $end = new Google_Service_Calendar_EventDateTime();
    $end->setDateTime($ev_date);
    $event->setEnd($end);

    $createdEvent = $calendarService->events->insert($cal_id, $event);

    echo $createdEvent->getId();
} 

?>

注意:如果您打算只使用一个日历,我建议您使用服务帐户,然后将日历分享到该帐户,以避免403:Forbidden,如相关{{3 }}

希望这有帮助。