Search code examples

laravel - Google Analytics API Authentication

I am trying to create a web-app with a simple dashboard with Analytics data for the accounts who logged in with Google. I am using Laravel with Socialite package, and I can log the users in with Google currently. I have my developer client-key and client-secret. I set scopes for Analytics read-only, and offline access, and I store customer name, email, Google ID, access token and refresh token in my database. I can log the user in without any problem.

What I want to do is for now, just access the profiles an Analytics account currently has. I followed Analytics API documentation examples but could not get it working. Since I am storing an access token and a refresh token, I think I should be able to authenticate the current user and get their Analytics data, but I could not find any simple methods from the Client and Analytics libraries. I will need to access their Analytics data offline, and this is why I think I should be able to authorize my requests with access token and refresh token, but I do not get any Analytics specific data from user login process. I am completely lost now, how do I authorize my requests to Anayltics API? I have been using AdWords API for more than 8 months, and everything is crystal clear in AdWords API documentation, but I could not get anything working with Analytics API.

These are my user login methods:

public function redirectToProvider()
    $parameters = ['access_type' => 'offline'];
    return Socialite::driver('google')

 * Obtain the user information from Google.
 * @return Response
public function handleProviderCallback()
    $outsiderLogin = Socialite::driver('google')->stateless()->user();

    $user = User::where('googleID', $outsiderLogin->id)->first();

    // Register the user if there is no user with that id.
    if (!$user) {
        $user = new User;
        $user->name         = $outsiderLogin->name;
        $user->googleID     = $outsiderLogin->id;
        $user->email        = $outsiderLogin->email;
        $user->token        = $outsiderLogin->token;
        $user->refreshToken = $outsiderLogin->refreshToken;
    // Log the user in.

    return redirect('/home');

Thank you very much.


  • I have found the solution for now. At first, I figured that I needed the code that returns with authentication URL from Google, and when I inspect the Socialite package, I have found a protected method getCode() in \vendor\laravel\socialite\src\Two\AbstractProvider.php, which returns the code from the URL. I edited the source file of the package and changed the method type from protected to public, and that made it possible to use that method outside of the class, which allowed me to access the code from the URL, then store it in DB for further authentication requirements. But there were issues with this setup, first of all, I should find a way to keep that package without any update, since any update will rollback the changes I made to the source file. The second problem I faced was the way I store tokens. By default, Google Client API returns an array which contains the fields access_token, refresh_token, expires_in, id and created, and with these fields, it authenticates the requests to Analytics server. In my scenario, there were no standard array returning from the basic Socialite login process. There were access_token, refresh_token and expires variables and I stored them all in my database as well. This caused an issue with Google library, it asked for a structured array and I did not even have the variables expires_in and created, this is why I setup a fake array which tells Google to refresh token with every request, and this was not a good practice either.

    At the end, I could not understand how to use any package online and I wrote my own simple authentication, and I do not know if it has any vulnerabilities, but it works for me, it may also work for those who needs it.

    Here are my routes lines:

    Route::get('auth/google', [
                'as' => 'googleLogin',   
                'uses' => 'Auth\AuthController@redirectToProvider'
    Route::get('auth/google/callback', [
                'as' => 'googleLoginCallback',   
                'uses' => 'Auth\AuthController@handleProviderCallback'

    And these are the AuthController methods:

     * Redirect the user to the Google authentication 
    public function redirectToProvider()
        // Create the client object and set the authorization configuration from JSON file.
        $client = new Google_Client();
        $client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . '/auth/google/callback');
        $auth_url = $client->createAuthUrl();
        return redirect($auth_url);
     * Obtain the user information from Google.
     * @return redirect to the app.
    public function handleProviderCallback()
        // Handle authorization flow from the server.
        if (! isset($_GET['code'])) {
            return redirect('auth/google');
        } else {
            // Authenticate the client, and get required informations.
            $client = new Google_Client();
            // Store the tokens in the session.
            Session::put('token', $client->getAccessToken());
            $service = new Google_Service_Oauth2($client);
            $userInfo = $service->userinfo->get();
            $user = User::where('googleID', $userInfo->id)->first();
            // If no match, register the user.
            if(!$user) {
                $user = new User;
                $user->name = $userInfo->name;
                $user->googleID = $userInfo->id;
                $user->email = $userInfo->email;
                $user->refreshToken = $client->getRefreshToken();
                $user->code = $_GET['code'];
            return redirect('/home');

    I have placed the client_secret.json file I have downloaded from Google API Console into the specified folder, this may be different for you. I have also modified the migration file in order to match the required segemnts. After these steps, I am able treat that user as it is a simple user that registered with the basic Laravel auth.

    Now I can query, say, the accounts in the user's Google Analytics account like this:

     * @var $client to be authorized by Google.
    private $client;
     * @var $analytics Analytics object to be used.
    private $analytics;
    public function __construct()
        $this->client = $this->AuthenticateCurrentClient();
        $this->analytics = new Google_Service_Analytics($this->client);
    private function AuthenticateCurrentClient(){
        $user = Auth::user();
        $token = Session::get('token');
        // Authenticate the client.
        $client = new Google_Client();
        return $client;
    public function GetAccounts(){
        try {
            $accountsObject = $this->analytics->management_accounts->listManagementAccounts();
            $accounts = $accountsObject->getItems();
            return $accounts;
        } catch (apiServiceException $e) {
            print 'There was an Analytics API service error '
                . $e->getCode() . ':' . $e->getMessage();
        } catch (apiException $e) {
            print 'There was a general API error '
                . $e->getCode() . ':' . $e->getMessage();

    There were thousands of times Stack Overflow has helped me, I hope this helps someone to get things working.