request Google Analytics data from a local server

Question

I want to write a PHP script that imports web stats data from GA. The script is accessible through a web front end (for triggering the import) and resides on a local server (127.0.0.1).

As I understood from the documentation is that there are two options for authenticating and using the core API:

1. API key - grants only access to statistics
2. OAuth2 - full authorization

If I understand the mechanics of OAuth2 correctly then this is not an option in my scenario because I cannot specify a callback URL. Hacky solutions come to my mind - like establishing a web profile authentication directly connecting to GA from the browser and then fetching the data by JavaScript and feeding it to the import script - but I would prefer to refrain from such solutions. Also because the browser interaction triggering the import process might be substituted with a cron job in the future.

The API key seems to be exactly what I want but the GET request from the browser fails.

GET request:

https://www.googleapis.com/analytics/v3/data/ga
  ?ids=ga:[profile ID]
  &start-date=2013-01-01&end-date=2013-01-05
  &metrics=ga:visits
  &key=[the API key]

Response:

{
  error: {
  errors: [
    {
      domain: "global",
      reason: "required",
      message: "Login Required",
      locationType: "header",
      location: "Authorization"
    }
  ],
  code: 401,
  message: "Login Required"
  }
}

The URL though should be fine. Except for the key parameter it is the same as the one generated with http://ga-dev-tools.appspot.com/explorer/ which is also working (AOuth2 is used in that case). The API key is fresh.

Then again generating a new API key confronts me with the next inconveniency which is that apparently the key is only valid for a day.

---

So at the end of the day my question is this:

Is it possible to fetch data in the above described scenario without having to authenticate manually or generate API keys on a daily basis?

Answer 1

As already suggested, use this library: https://code.google.com/p/google-api-php-client/ but, instead of using oauth, create a service account from the api console (just select server application). This will provide you with a client id, an email that identify the service account, and *.p12 file holding the private key.

You then have to add the service account (the email) to your analytics as an admin user in order to get the data you need.

To use the service:

$client = new Google_Client();
$client->setApplicationName('test');

$client->setAssertionCredentials(
    new Google_AssertionCredentials(
        EMAIL,
        array('https://www.googleapis.com/auth/analytics.readonly'),
        file_get_contents(PRIVATE_KEY_FILEPATH)
    )
);
$client->setClientId(CLIENT_ID);
$client->setAccessType('offline_access');

$analytics = new Google_AnalyticsService($client);

To get some data:

$analytics->data_ga->get(PROFILE_ID, $date_from, $date_to, $metrics, $optParams)

For the details check api docs. Also, be careful, there is a query cap (unless you pay)

Answer 2

I think to get this working, you need to use OAuth but with a slight modification to run it from server. Google calls this auth method "Using OAuth 2.0 for Web Server Applications"

As described on that page, you can use a PHP client library to get the authentication done. The client library is located here.

An example example on how to use this client library are on the same project's help pages. Note that you'll have to make some modifications to the code as the comments say to store the token in db and to refresh it regularly.

<?php
require_once 'google-api-php-client/src/Google_Client.php';
require_once 'google-api-php-client/src/contrib/Google_PlusService.php';

// Set your cached access token. Remember to replace $_SESSION with a
// real database or memcached.
session_start();

$client = new Google_Client();
$client->setApplicationName('Google+ PHP Starter Application');
// Visit https://code.google.com/apis/console?api=plus to generate your
// client id, client secret, and to register your redirect uri.
$client->setClientId('insert_your_oauth2_client_id');
$client->setClientSecret('insert_your_oauth2_client_secret');
$client->setRedirectUri('insert_your_oauth2_redirect_uri');
$client->setDeveloperKey('insert_your_simple_api_key');
$plus = new Google_PlusService($client);

if (isset($_GET['code'])) {
  $client->authenticate();
  $_SESSION['token'] = $client->getAccessToken();
  $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
  header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
}

if (isset($_SESSION['token'])) {
  $client->setAccessToken($_SESSION['token']);
}

if ($client->getAccessToken()) {
  $activities = $plus->activities->listActivities('me', 'public');
  print 'Your Activities: <pre>' . print_r($activities, true) . '</pre>';

  // We're not done yet. Remember to update the cached access token.
  // Remember to replace $_SESSION with a real database or memcached.
  $_SESSION['token'] = $client->getAccessToken();
} else {
  $authUrl = $client->createAuthUrl();
  print "<a href='$authUrl'>Connect Me!</a>";
}