AuthClient -> token expired immediately after fetched

Yii 2.0 General Discussions
1

Hello,

I’m using AuthClient to authenticate users with Google.

I have some scopes set and so on. Everything is working.

However, I’m facing one weird issue.

Immediately after I enter the "successCallback" method and I try to create new client (\Google_Client) like this:




public function successCallback($client)

{

	$googleClient = new \Google_Client(); //from composer.json -> google/apiclient

	$googleClient->setClientId($client->clientId);

	$googleClient->setClientSecret($client->clientSecret);

	$googleClient->setAccessToken(json_encode($client->accessToken->params));

	var_dump($googleClient->isAccessTokenExpired());

	die;

}

This returns "true" always.

By default it should have 3600 secs expiration interval and I have some memories it was working that way perfectly without refreshing it.

So pretty much I can authenticate, but cannot use after it for further API calls.

In case I have “offline access” with refresh_token fetched it’s OK, but I don’t want to get this permission from the users.

Any ideas is the problem is in my side or… somewhere else?

Best,

Simeon

2

If I don’t use Yii2 authentication method but just use \Google_Client class and methods for that it’s working perfectly.

Which, at least for cases that not only login is needed - built-in auth technique is useless. :(

3

I can say that it works with Yii2-user, so check how they do it in that extension.

4

Not sure an extension is needed since it’s working really nice with Google apiclient library (composer: google/apiclient)

And only several lines of code are needed.




	public function actionAuthenticate()

	{

		$scriptUri = Yii::$app->urlManager->createAbsoluteUrl(['site/authenticate']);


		$client = new \Google_Client();

		$client->setAccessType('online');

		$client->setClientId(Yii::$app->params['googleOauth']['clientId']);

		$client->setClientSecret(Yii::$app->params['googleOauth']['clientSecret']);

		$client->setRedirectUri($scriptUri);

		$client->setScopes(Yii::$app->params['googleOauth']['scopes']);


		if (isset($_GET['code'])) { // we received the positive auth callback, get the token and store it in session

			$client->authenticate($_GET['code']);

			Yii::$app->session->set('token', $client->getAccessToken());

		}


		if (Yii::$app->session->get('token')) { // extract token from session and configure client

			$client->setAccessToken(Yii::$app->session->get('token'));

		}


		if (!$client->getAccessToken() || $client->isAccessTokenExpired()) { // auth call to google

			$authUrl = $client->createAuthUrl();

			header("Location: ".$authUrl);

			die;

		}


		//do some API call with the given $client

		//...

	}
5

Did I say that you should use an extension?

I said: look how they are doing it, you might get some ideas, or even better ways of doing what you’re doing now.

That’s what I do: look at other people’s code. :)

6

Sure, but in this context - I also didn’t asked how to do it alternatively, just searched for the problem with the built-in way. :)

And it took me too much time to debug with it… so no more spare time.

PS - Yii2-user is using… Auth only, which is pretty much working, but further API calls are not present (AFAIK), so same problem.

7

Sorry, I must have misunderstood you - it happens :)