1<?php
2
3namespace OAuth\OAuth2\Service;
4
5use OAuth\Common\Consumer\CredentialsInterface;
6use OAuth\Common\Http\Client\ClientInterface;
7use OAuth\Common\Http\Uri\UriInterface;
8use OAuth\Common\Storage\TokenStorageInterface;
9use OAuth\OAuth2\Token\StdOAuth2Token;
10use OAuth\Common\Http\Exception\TokenResponseException;
11use OAuth\OAuth2\Service\Exception\InvalidAccessTypeException;
12use OAuth\Common\Http\Uri\Uri;
13
14class Google extends AbstractService
15{
16    /**
17     * Defined scopes - More scopes are listed here:
18     * https://developers.google.com/oauthplayground/
19     *
20     * Make a pull request if you need more scopes.
21     */
22
23    // Basic
24    const SCOPE_EMAIL                       = 'email';
25    const SCOPE_PROFILE                     = 'profile';
26
27    const SCOPE_USERINFO_EMAIL              = 'https://www.googleapis.com/auth/userinfo.email';
28    const SCOPE_USERINFO_PROFILE            = 'https://www.googleapis.com/auth/userinfo.profile';
29
30    // Google+
31    const SCOPE_GPLUS_ME                    = 'https://www.googleapis.com/auth/plus.me';
32    const SCOPE_GPLUS_LOGIN                 = 'https://www.googleapis.com/auth/plus.login';
33    const SCOPE_GPLUS_CIRCLES_READ          = 'https://www.googleapis.com/auth/plus.circles.read';
34    const SCOPE_GPLUS_CIRCLES_WRITE         = 'https://www.googleapis.com/auth/plus.circles.write';
35    const SCOPE_GPLUS_STREAM_READ           = 'https://www.googleapis.com/auth/plus.stream.read';
36    const SCOPE_GPLUS_STREAM_WRITE          = 'https://www.googleapis.com/auth/plus.stream.write';
37    const SCOPE_GPLUS_MEDIA                 = 'https://www.googleapis.com/auth/plus.media.upload';
38    const SCOPE_EMAIL_PLUS                  = 'https://www.googleapis.com/auth/plus.profile.emails.read';
39
40    // Google Drive
41    const SCOPE_DOCUMENTSLIST               = 'https://docs.google.com/feeds/';
42    const SCOPE_SPREADSHEETS                = 'https://spreadsheets.google.com/feeds/';
43    const SCOPE_GOOGLEDRIVE                 = 'https://www.googleapis.com/auth/drive';
44    const SCOPE_DRIVE_APPS                  = 'https://www.googleapis.com/auth/drive.appdata';
45    const SCOPE_DRIVE_APPS_READ_ONLY        = 'https://www.googleapis.com/auth/drive.apps.readonly';
46    const SCOPE_GOOGLEDRIVE_FILES           = 'https://www.googleapis.com/auth/drive.file';
47    const SCOPE_DRIVE_METADATA_READ_ONLY    = 'https://www.googleapis.com/auth/drive.metadata.readonly';
48    const SCOPE_DRIVE_READ_ONLY             = 'https://www.googleapis.com/auth/drive.readonly';
49    const SCOPE_DRIVE_SCRIPTS               = 'https://www.googleapis.com/auth/drive.scripts';
50
51    // Adwords
52    const SCOPE_ADSENSE                     = 'https://www.googleapis.com/auth/adsense';
53    const SCOPE_ADWORDS                     = 'https://www.googleapis.com/auth/adwords';
54    const SCOPE_ADWORDS_DEPRECATED          = 'https://www.googleapis.com/auth/adwords/'; //deprecated in v201406 API version
55    const SCOPE_GAN                         = 'https://www.googleapis.com/auth/gan'; // google affiliate network...?
56
57    //Doubleclick for Publishers
58    const SCOPE_DFP                         = 'https://www.googleapis.com/auth/dfp';
59    const SCOPE_DFP_TRAFFICKING             = 'https://www.googleapis.com/auth/dfatrafficking';
60    const SCOPE_DFP_REPORTING               = 'https://www.googleapis.com/auth/dfareporting';
61
62    // Google Analytics
63    const SCOPE_ANALYTICS                   = 'https://www.googleapis.com/auth/analytics';
64    const SCOPE_ANALYTICS_EDIT              = 'https://www.googleapis.com/auth/analytics.edit';
65    const SCOPE_ANALYTICS_MANAGE_USERS      = 'https://www.googleapis.com/auth/analytics.manage.users';
66    const SCOPE_ANALYTICS_READ_ONLY         = 'https://www.googleapis.com/auth/analytics.readonly';
67
68    //Gmail
69    const SCOPE_GMAIL_MODIFY                = 'https://www.googleapis.com/auth/gmail.modify';
70    const SCOPE_GMAIL_READONLY              = 'https://www.googleapis.com/auth/gmail.readonly';
71    const SCOPE_GMAIL_COMPOSE               = 'https://www.googleapis.com/auth/gmail.compose';
72    const SCOPE_GMAIL_SEND                  = 'https://www.googleapis.com/auth/gmail.send';
73    const SCOPE_GMAIL_INSERT                = 'https://www.googleapis.com/auth/gmail.insert';
74    const SCOPE_GMAIL_LABELS                = 'https://www.googleapis.com/auth/gmail.labels';
75    const SCOPE_GMAIL_FULL                  = 'https://mail.google.com/';
76
77    // Other services
78    const SCOPE_BOOKS                       = 'https://www.googleapis.com/auth/books';
79    const SCOPE_BLOGGER                     = 'https://www.googleapis.com/auth/blogger';
80    const SCOPE_CALENDAR                    = 'https://www.googleapis.com/auth/calendar';
81    const SCOPE_CALENDAR_READ_ONLY          = 'https://www.googleapis.com/auth/calendar.readonly';
82    const SCOPE_CONTACT                     = 'https://www.google.com/m8/feeds/';
83    const SCOPE_CONTACTS_RO                 = 'https://www.googleapis.com/auth/contacts.readonly';
84    const SCOPE_CHROMEWEBSTORE              = 'https://www.googleapis.com/auth/chromewebstore.readonly';
85    const SCOPE_GMAIL                       = 'https://mail.google.com/mail/feed/atom';
86    const SCOPE_GMAIL_IMAP_SMTP             = 'https://mail.google.com';
87    const SCOPE_PICASAWEB                   = 'https://picasaweb.google.com/data/';
88    const SCOPE_SITES                       = 'https://sites.google.com/feeds/';
89    const SCOPE_URLSHORTENER                = 'https://www.googleapis.com/auth/urlshortener';
90    const SCOPE_WEBMASTERTOOLS              = 'https://www.google.com/webmasters/tools/feeds/';
91    const SCOPE_TASKS                       = 'https://www.googleapis.com/auth/tasks';
92
93    // Cloud services
94    const SCOPE_CLOUDSTORAGE                = 'https://www.googleapis.com/auth/devstorage.read_write';
95    const SCOPE_CONTENTFORSHOPPING          = 'https://www.googleapis.com/auth/structuredcontent'; // what even is this
96    const SCOPE_USER_PROVISIONING           = 'https://apps-apis.google.com/a/feeds/user/';
97    const SCOPE_GROUPS_PROVISIONING         = 'https://apps-apis.google.com/a/feeds/groups/';
98    const SCOPE_NICKNAME_PROVISIONING       = 'https://apps-apis.google.com/a/feeds/alias/';
99
100    // Old
101    const SCOPE_ORKUT                       = 'https://www.googleapis.com/auth/orkut';
102    const SCOPE_GOOGLELATITUDE =
103        'https://www.googleapis.com/auth/latitude.all.best https://www.googleapis.com/auth/latitude.all.city';
104    const SCOPE_OPENID                      = 'openid';
105
106    // YouTube
107    const SCOPE_YOUTUBE_GDATA               = 'https://gdata.youtube.com';
108    const SCOPE_YOUTUBE_ANALYTICS_MONETARY  = 'https://www.googleapis.com/auth/yt-analytics-monetary.readonly';
109    const SCOPE_YOUTUBE_ANALYTICS           = 'https://www.googleapis.com/auth/yt-analytics.readonly';
110    const SCOPE_YOUTUBE                     = 'https://www.googleapis.com/auth/youtube';
111    const SCOPE_YOUTUBE_READ_ONLY           = 'https://www.googleapis.com/auth/youtube.readonly';
112    const SCOPE_YOUTUBE_UPLOAD              = 'https://www.googleapis.com/auth/youtube.upload';
113    const SCOPE_YOUTUBE_PARTNER             = 'https://www.googleapis.com/auth/youtubepartner';
114    const SCOPE_YOUTUBE_PARTNER_AUDIT       = 'https://www.googleapis.com/auth/youtubepartner-channel-audit';
115
116    // Google Glass
117    const SCOPE_GLASS_TIMELINE              = 'https://www.googleapis.com/auth/glass.timeline';
118    const SCOPE_GLASS_LOCATION              = 'https://www.googleapis.com/auth/glass.location';
119
120    // Android Publisher
121    const SCOPE_ANDROID_PUBLISHER           = 'https://www.googleapis.com/auth/androidpublisher';
122
123    // Google Classroom
124    const SCOPE_CLASSROOM_COURSES           = 'https://www.googleapis.com/auth/classroom.courses';
125    const SCOPE_CLASSROOM_COURSES_READONLY  = 'https://www.googleapis.com/auth/classroom.courses.readonly';
126    const SCOPE_CLASSROOM_PROFILE_EMAILS    = 'https://www.googleapis.com/auth/classroom.profile.emails';
127    const SCOPE_CLASSROOM_PROFILE_PHOTOS    = 'https://www.googleapis.com/auth/classroom.profile.photos';
128    const SCOPE_CLASSROOM_ROSTERS           = 'https://www.googleapis.com/auth/classroom.rosters';
129    const SCOPE_CLASSROOM_ROSTERS_READONLY  = 'https://www.googleapis.com/auth/classroom.rosters.readonly';
130
131    protected $accessType = 'online';
132
133    public function __construct(
134        CredentialsInterface $credentials,
135        ClientInterface $httpClient,
136        TokenStorageInterface $storage,
137        $scopes = array(),
138        UriInterface $baseApiUri = null
139    ) {
140        parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri, true);
141
142        if (null === $baseApiUri) {
143            $this->baseApiUri = new Uri('https://www.googleapis.com/oauth2/v1/');
144        }
145    }
146
147    public function setAccessType($accessType)
148    {
149        if (!in_array($accessType, array('online', 'offline'), true)) {
150            throw new InvalidAccessTypeException('Invalid accessType, expected either online or offline');
151        }
152        $this->accessType = $accessType;
153    }
154
155    /**
156     * {@inheritdoc}
157     */
158    public function getAuthorizationEndpoint()
159    {
160        return new Uri('https://accounts.google.com/o/oauth2/auth?access_type=' . $this->accessType);
161    }
162
163    /**
164     * {@inheritdoc}
165     */
166    public function getAccessTokenEndpoint()
167    {
168        return new Uri('https://accounts.google.com/o/oauth2/token');
169    }
170
171    /**
172     * {@inheritdoc}
173     */
174    protected function parseAccessTokenResponse($responseBody)
175    {
176        $data = json_decode($responseBody, true);
177
178        if (null === $data || !is_array($data)) {
179            throw new TokenResponseException('Unable to parse response.');
180        } elseif (isset($data['error'])) {
181            throw new TokenResponseException('Error in retrieving token: "' . $data['error'] . '"');
182        }
183
184        $token = new StdOAuth2Token();
185        $token->setAccessToken($data['access_token']);
186        $token->setLifetime($data['expires_in']);
187
188        if (isset($data['refresh_token'])) {
189            $token->setRefreshToken($data['refresh_token']);
190            unset($data['refresh_token']);
191        }
192
193        unset($data['access_token']);
194        unset($data['expires_in']);
195
196        $token->setExtraParams($data);
197
198        return $token;
199    }
200}
201