I got oauth2 working - when a user logs into my application, they have to log into their Google account. Then they can make manually sync all events from my website's calendar to their Google Calendar.
BUT, how can I make it so that my server will be able to modify their Google Calendar (add, edit, delete) events without them actually being present at the computer? Because right now, it uses $_SESSION
to check if the user is logged into their Google account.
For example, here is how to insert/add an event via API into Google Calendar:
$client = new Google_Client();
$client->setAuthConfig('client_secrets.json');
$client->addScope(Google_Service_Calendar::CALENDAR);
$client->setAccessType("offline");
$service = new Google_Service_Calendar($client);
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$event = new Google_Service_Calendar_Event(array(
'summary' => 'Google I/O 2015',
'location' => '800 Howard St., San Francisco, CA 94103',
'description' => 'A chance to hear more about Google\'s developer products.',
'start' => array(
'dateTime' => '2015-05-28T09:00:00-07:00',
'timeZone' => 'America/Los_Angeles',
),
'end' => array(
'dateTime' => '2015-05-28T17:00:00-07:00',
'timeZone' => 'America/Los_Angeles',
),
));
$event = $service->events->insert('primary', $event);
} else {
$redirect_uri = '/oauth.php';
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
exit();
}
But as you can see, that requires an access_token which is stored in $_SESSION
, and if there is no access token, then it will redirect them to login into their Google Account.
How can my server access their Google Calendar account in the background and add/edit/remove events?