google-api-php-client: Invalid client secret JSON file

Question

Seems that the latest version of the google-api-php-client for PHP doesn't line up with the docs @ https://developers.google.com/drive/web/examples/php

Looking at the src code I'm seeing that it's looking for keys in the downloaded JSON that the setAuthConfigFile() method can't find: client_secret, installed, web, redirect_uris (others?) are not present in the downloaded JSON. Only private_key_id, private_key, client_email, client_id, and type are present.

The code and docs seem really disorganized and out of sync... wouldn't be the first for Google. Has anyone gotten OAuth working recently using that library?

Answer 1

There is a difference between a "service account" and a "web apllication" to make calls to the API. When you created a "service account" you will get the file described above, a JSON file with private_key, client_email, client_id etc.

When you create a web application you will be given a client_id, client_secret, redirect_uri etc.

I would suggest reading these pages to choose which key and login you need (on both pages you find examples to integrate it in PHP):

You can use the Google APIs Client Library for PHP to create web server applications that use OAuth 2.0 authorization to access Google APIs. OAuth 2.0 allows users to share specific data with an application while keeping their usernames, passwords, and other information private. For example, a web application can use OAuth 2.0 to obtain permission from users to store files in their Google Drives.

https://developers.google.com/api-client-library/php/auth/web-app

Typically, an application uses a service account when the application uses Google APIs to work with its own data rather than a user's data. For example, an application that uses Google Cloud Datastore for data persistence would use a service account to authenticate its calls to the Google Cloud Datastore API.

https://developers.google.com/api-client-library/php/auth/service-accounts