2

I have been using the Blogger V3 api for many years. I use the official googleapis.com PHP library to retreive data and take care of the oAUth2 flow. Since a couple of days I cannot let users authorize my app anymore.

I did a lot of debugging and reading on the internet and here are my findings:

  • The access_token that I receive after a user has authorized us through the oAuth permission screen, is valid. I can use the Google library to fetch the userinformation with it.
$oauth = new Google_Service_Oauth2($client); 
$userinfo = $oauth->userinfo->get();    

stdClass#1
(
    [access_token] => '{TOKEN}'
    [expires_in] => 3599
    [refresh_token] => '{REFRESH_TOKEN}'
    [scope] => 'https://www.googleapis.com/auth/blogger https://www.googleapis.com/auth/userinfo.profile'
    [token_type] => 'Bearer'
    [id_token] => '{ID_TOKEN}'
)

I can perfectly fetch Blogger information and content in the Google Playground when I enter the access_token that I have retrieved using the OAuth flow on my server. So the access_token seems to work within the Google environment itself.

However, when I try to request the Blogger V3 API from my server, I keep bumping into an 403 error. For example:

Your client does not have permission to get URL /v3/blogs/byurl from this server. That's all we know.

Here is my (Yii 1) PHP code for the oAuth2 flow:

Start authentication process:

$client = new \Google_Client();
        $client->setClientId({ID});
        $client->setClientSecret({SECRET});
        $client->setRedirectUri({CALLBACK_URL});
        $client->setAccessType('offline');
        $client->setPrompt('consent'); 
        $client->addScope([
            'https://www.googleapis.com/auth/blogger',
            'https://www.googleapis.com/auth/userinfo.profile',
        ]);

        $authUrl = $client->createAuthUrl();
        $this->redirect($authUrl);

Callback handling:


if (!isset($_GET['code'])) {
            throw new CHttpException(400, 'No code provided');
        }


        $client->setClientId({ID});
        $client->setClientSecret({SECRET});
        $client->setRedirectUri({CALLBACK_URL});
        $client->setAccessType('offline');

        $token = $client->fetchAccessTokenWithAuthCode($_GET['code']);

        if (isset($token['error'])) {
            throw new CHttpException(400, 'Google auth error: ' . $token['error_description']);
        }

        // For test purposes the token is just saved to session instead of DB
        Yii::app()->session['google_token'] = $token;

  
        $client->setAccessToken($token);

        $oauth = new Google_Service_Oauth2($client);

        // This works. An object with the user information is returned
        $userinfo = $oauth->userinfo->get();

 
        $service = new Google_Service_Blogger($client);
  
        // this doesn't work and returns the 403 error
        $blogs = $service->blogs->getByUrl([
            'url'=> '{BLOG_URL}'
        ]);

Sending direct Guzzle requests with the access_token as bearer in the Authorization header returns the same error:

$client = new \GuzzleHttp\Client();
$res = $client->get('https://www.googleapis.com/blogger/v3/users/self/blogs', [
    'headers' => [
        'Authorization' => 'Bearer {ACCESS_TOKEN}'
    ]
]);

/// returns 403
echo $res->getBody();

I'm really lost. There are no notifications in my Google Cloud Console dashboard. It seems that the Blogger API just broke without a warning.

Anybody else have the same experience or can offer help? Thanks!

Improve this question
2
Related questions
1
Need help in Obtaining google OAuth 2.0 access tokens
0
How to retrieve a list of the current user's blogs using Blogger API?
0
How to print UserInfo with google Oauth2.0 in Php
Load 3 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.