1

I'm trying to get a refresh token from Google's authentication server for use with the Google Analytics API in a server side authentication with a Service Account Credential using the official Google PHP client library.

I'm able to create a access token and use that but currently I create a new token every time a user enters the page. I would like to decrease our traffic and get a refresh token to pass it to my JavaScript function.

gapi.analytics.auth.authorize({
    serverAuth: {
        access_token: accessToken <-refresh token is that even possible?
    }
});

My current PHP code is:

$client = new \Google_Client();
$client->setApplicationName("Craft CMS Plugin");
$client->setAuthConfig($credentialPath);
$client->setAccessType('offline');
$client->setScopes(['https://www.googleapis.com/auth/analytics.readonly']);

$client->refreshTokenWithAssertion();

$this->analyticsAccount = new \Google_Service_Analytics($client);
$token = $client->getAccessToken();
$accessToken = $token['access_token'];

But there is no refresh_token. I can var_dumpeverything but I only find the access token. I already tried this Refresh Token for Google Api Php Client but it didn't work.

Can you please help me? How can I get one. Thank you very much

Improve this question

1 Answer 1

Reset to default
1
  1. Service accounts work differently than Oauth2. They don't have refresh Tokens.
  2. JavaScript doesn't have the power to use Refresh Tokens.
  3. Why are you worried about traffic the service account should only be requesting authentication when it needs it once an hour. As far as traffic is concerned I would think this is minor.

Answer what you want to do is not possible if the service account is working leave it.

Improve this answer
9
  • Thank you very much, so I'll store my access token and use that one. Could you please tell me if there is a better way to check if the token is still valid than comparing the times? I would store my token + the current time in my database and check if 3600s have passed. Sorry if that is a stupid question but I'm relative new to this
    – Robin Schambach
    Commented Oct 20, 2016 at 13:38
  • you shouldn't be the client library takes care of that for you.
    – Linda Lawton - DaImTo
    Commented Oct 20, 2016 at 13:47
  • what do you mean by that? I have to check if the access token is still valid if I get it from my database before I send it to my javascript function. If I don't do that there will be an error.
    – Robin Schambach
    Commented Oct 20, 2016 at 14:01
  • Seems overkill storing an access token in the database. But I guess I don't know how you system is set up
    – Linda Lawton - DaImTo
    Commented Oct 20, 2016 at 14:10
  • I'm using Craft CMS and create a plugin if that helps you and my boss said I should store the token
    – Robin Schambach
    Commented Oct 20, 2016 at 14:26

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.