OAUTH2 signing error in Google Analytics API using Google_Client
-
25-06-2021 - |
Вопрос
I'm getting the following errors when trying to use OATH2 to authenticate against the Google Analytics API (v3):
Warning: openssl_sign() expects parameter 4 to be long, string given in google-api-php-client/src/auth/Google_P12Signer.php on line 60
Google_AuthException: Unable to sign data in google-api-php-client/src/auth/Google_P12Signer.php on line 61
Here's my PHP code:
// api dependencies
require_once(dirname(__FILE__) . '/../../vendor/google-api-php-client/src/Google_Client.php');
require_once(dirname(__FILE__) . '/../../vendor/google-api-php-client/src/contrib/Google_AnalyticsService.php');
session_start();
// create client object and set app name
$client = new Google_Client();
$client->setApplicationName(APP_NAME);
// set assertion credentials
$client->setAssertionCredentials(
new Google_AssertionCredentials(
'xxxxxxx@developer.gserviceaccount.com',
array('https://www.googleapis.com/auth/analytics.readonly'),
file_get_contents('xxxxxxxxxx-privatekey.p12') // keyfile
));
// other settings
$client->setClientId('xxxxxxx.apps.googleusercontent.com');
$client->setAccessType('offline_access');
// create service
$service = new Google_AnalyticsService($client);
$properties = $service->management_webproperties->listManagementWebproperties("~all");
print_r($properties);
if I print_r($service) I get a valid object with no errors. It is the listManagementWebproperties() call that generates the errors.
Does anyone please have a solution? It looks like the Google_Client might be in flux, since it was edited just a couple of days ago. I obtained it from trunk via SVN, NOT via the download page which I believe has an older version that does not support service accounts. Thanks.
Решение
According to the openssl_sign()
PHP documentation, the 4th parameter should be an int.
http://php.net/manual/en/function.openssl-sign.php
bool openssl_sign ( string $data , string &$signature , mixed $priv_key_id [, int $signature_alg = OPENSSL_ALGO_SHA1 ] )
In the code for Google_P12Signer they are using it like this:
if (!openssl_sign($data, $signature, $this->privateKey, "sha256")) {
throw new Google_AuthException("Unable to sign data");
}
Passing "sha256" which is obviously not an INT. There isn't an OPENSSL_ALGO_* defined for sha256 according to this: http://www.php.net/manual/en/openssl.signature-algos.php which means it won't work.
What you will have to do is define your own OPENSSL_ALGO_SHA256, sort of like you see in this code: http://pastebin.com/qdCyC0Pe
Someone wrote a patch to help also: http://php.it2y.info/missing-sha256-sha512-families-of-signature-algorithms.html