ee

@@ -200,9 +200,8 @@ public function isGoogleFolderCreated($cust_id)
 
 	public function GoogleToken()
 	{
-
-		session_start();
-
+session_start();
+        require_once realpath(dirname(__FILE__) . '/../autoload.php');
 
 
 		$client = new \Google_Client();
@@ -215,55 +214,85 @@ public function isGoogleFolderCreated($cust_id)
 	
         $client->setApprovalPrompt('force');
 
-		if (isset($_GET['code'])) {
+		if (isset($_REQUEST['logout'])) {
+  unset($_SESSION['access_token']);
+  $client->revokeToken();
+}
+
+/************************************************
+  If we have a code back from the OAuth 2.0 flow,
+  we need to exchange that with the authenticate()
+  function. We store the resultant access token
+  bundle in the session, and redirect to ourself.
+ ************************************************/
+if (isset($_GET['code'])) {
   $client->authenticate($_GET['code']);
-			$_SESSION['token'] = $client->getAccessToken();
+  $_SESSION['access_token'] = $client->getAccessToken();
   $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
   header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
-			return;
-		}
-
-		if (isset($_SESSION['token'])) {
-			$client->setAccessToken($_SESSION['token']);
-		}
+}
 
-		if (isset($_REQUEST['logout'])) {
-			unset($_SESSION['token']);
-			$client->revokeToken();
-		}
-		?>
-		<!doctype html>
-		<html>
-		<head>
-			<meta charset="utf-8">
-		</head>
-		<body>
-		<header><h1>Get Token</h1></header>
-		<?php
-		if ($client->getAccessToken()) {
-			$_SESSION['token'] = $client->getAccessToken();
-			$token = json_decode($_SESSION['token']);
-			echo "Access Token = " . $token->access_token . '<br/>';
-			echo "Refresh Token = " . $token->refresh_token . '<br/>';
-			echo "Token type = " . $token->token_type . '<br/>';
-			echo "Expires in = " . $token->expires_in . '<br/>';
-			//echo "ID Token = " . $token->id_token . '<br/>';
-			echo "Created = " . $token->created . '<br/>';
-			echo "<a class='logout' href='?logout'>Logout</a>";
-		} else {
+/************************************************
+  If we have an access token, we can make
+  requests, else we generate an authentication URL.
+ ************************************************/
+if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
+  $client->setAccessToken($_SESSION['access_token']);
+} else {
   $authUrl = $client->createAuthUrl();
-			print "<a class='login' href='$authUrl'>Connect Me!</a><br/>";
+}
+
+/************************************************
+  If we're signed in we can go ahead and retrieve
+  the ID token, which is part of the bundle of
+  data that is exchange in the authenticate step
+  - we only need to do a network call if we have
+  to retrieve the Google certificate to verify it,
+  and that can be cached.
+ ************************************************/
+if ($client->getAccessToken()) {
+  $_SESSION['access_token'] = $client->getAccessToken();
+  $token_data = $client->verifyIdToken()->getAttributes();
+}
+
+echo pageHeader("User Query - Retrieving An Id Token");
+if (
+    $client_id == '206523860143-kgs80emhfm1sof79nggd48gnhbl1j6ei.apps.googleusercontent.com'
+    || $client_secret == 'ZzEE02Dqz7AKJLSklmL30LNd'
+    || $redirect_uri == 'http://localhost:8888/pdf-customizer/public/auth/google/tokenCallback') {
+  echo missingClientSecretsWarning();
+}
+?>
+<div class="box">
+  <div class="request">
+<?php
+if (isset($authUrl)) {
+  echo "<a class='login' href='" . $authUrl . "'>Connect Me!</a>";
+} else {
   echo "<a class='logout' href='?logout'>Logout</a>";
-		}
+}
+?>
+  </div>
+
+  <div class="data">
+<?php 
+if (isset($token_data)) {
+  var_dump($token_data);
+}
+?>
+  </div>
+</div>
+<?php
+echo pageFooter(__FILE__);
+
 	
 	}
 
 
-	public function GoogleTokenCode($code)
+	public function GoogleTokenCode()
 	{
-
 		session_start();
-
+        require_once realpath(dirname(__FILE__) . '/../autoload.php');
 
 
 		$client = new \Google_Client();
@@ -276,39 +305,76 @@ public function isGoogleFolderCreated($cust_id)
 	
         $client->setApprovalPrompt('force');
 
+		if (isset($_REQUEST['logout'])) {
+  unset($_SESSION['access_token']);
+  $client->revokeToken();
+}
 
+/************************************************
+  If we have a code back from the OAuth 2.0 flow,
+  we need to exchange that with the authenticate()
+  function. We store the resultant access token
+  bundle in the session, and redirect to ourself.
+ ************************************************/
+if (isset($_GET['code'])) {
   $client->authenticate($_GET['code']);
-			$_SESSION['token'] = $client->getAccessToken();
+  $_SESSION['access_token'] = $client->getAccessToken();
+  $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
+  header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
+}
 
+/************************************************
+  If we have an access token, we can make
+  requests, else we generate an authentication URL.
+ ************************************************/
+if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
+  $client->setAccessToken($_SESSION['access_token']);
+} else {
+  $authUrl = $client->createAuthUrl();
+}
 
-		if (isset($_SESSION['token'])) {
-			$client->setAccessToken($_SESSION['token']);
-		}
+/************************************************
+  If we're signed in we can go ahead and retrieve
+  the ID token, which is part of the bundle of
+  data that is exchange in the authenticate step
+  - we only need to do a network call if we have
+  to retrieve the Google certificate to verify it,
+  and that can be cached.
+ ************************************************/
+if ($client->getAccessToken()) {
+  $_SESSION['access_token'] = $client->getAccessToken();
+  $token_data = $client->verifyIdToken()->getAttributes();
+}
 
-		if (isset($_REQUEST['logout'])) {
-			unset($_SESSION['token']);
-			$client->revokeToken();
-		}
-		?>
-		<!doctype html>
-		<html>
-		<head>
-			<meta charset="utf-8">
-		</head>
-		<body>
-		<header><h1>Get Token</h1></header>
-		<?php
-		
-			$_SESSION['token'] = $client->getAccessToken();
-			$token = json_decode($_SESSION['token']);
-			echo "Access Token = " . $token->access_token . '<br/>';
-			echo "Refresh Token = " . $token->refresh_token . '<br/>';
-			echo "Token type = " . $token->token_type . '<br/>';
-			echo "Expires in = " . $token->expires_in . '<br/>';
-			//echo "ID Token = " . $token->id_token . '<br/>';
-			echo "Created = " . $token->created . '<br/>';
+echo pageHeader("User Query - Retrieving An Id Token");
+if (
+    $client_id == '206523860143-kgs80emhfm1sof79nggd48gnhbl1j6ei.apps.googleusercontent.com'
+    || $client_secret == 'ZzEE02Dqz7AKJLSklmL30LNd'
+    || $redirect_uri == 'http://localhost:8888/pdf-customizer/public/auth/google/tokenCallback') {
+  echo missingClientSecretsWarning();
+}
+?>
+<div class="box">
+  <div class="request">
+<?php
+if (isset($authUrl)) {
+  echo "<a class='login' href='" . $authUrl . "'>Connect Me!</a>";
+} else {
   echo "<a class='logout' href='?logout'>Logout</a>";
+}
+?>
+  </div>
 
+  <div class="data">
+<?php 
+if (isset($token_data)) {
+  var_dump($token_data);
+}
+?>
+  </div>
+</div>
+<?php
+echo pageFooter(__FILE__);
 
 	}
 

@@ -50,4 +50,4 @@ Route::post('fileentry/add',[ 'as' => 'addentry', 'uses' => 'FileEntryController
 Route::get('api/googlePdfUpload/{folder}/{filename}/{pdfid}/{id}', 'GoogledriveuploadpdfController@google_drive_upload');
 Route::get('auth/google/callback', 'GoogledriveuploadpdfController@google_drive_upload');
 Route::get('auth/google/token', 'GoogledriveuploadpdfController@GoogleToken');
-Route::get('auth/google/tokenCallback?{code}', 'GoogledriveuploadpdfController@GoogleTokenCode');
\ No newline at end of file
+Route::get('auth/google/tokenCallback', 'GoogledriveuploadpdfController@GoogleTokenCode');
\ No newline at end of file