Before I ask this question. I search and see the topic "Using OAuth 2.0 to Access Google APIs - PHP Code Example" from http://rscavilla.blogspot.com/2011/06/using-oauth-20-with-php-to-authenticate.html
This example when I get access token from blogger. I must allow access. But I don't want to access permission the Google Account.
My purpose is I want to get access token via php curl without access permission the Google Account for create new post to blogger.
UPDATE
header('Content-Type: text/html; charset=utf-8');
$USERNAME = 'MYGMAIL';
$PASSWORD = 'PASSWORD';
$url = "https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/blogger&response_type=code&redirect_uri=myredirecturl&client_id=myclientid&hl=th&from_login=1&as=7be77b7f509833ee&pli=1";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_COOKIESESSION, true );
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie/blogger.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie/blogger.txt');
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,false);
$data = curl_exec($ch);
preg_match_all('/^Location:(.*)$/mi', $data, $matches);
!empty($matches[1]) ? $url = trim($matches[1][0]) : 'No redirect found';
curl_setopt($ch, CURLOPT_URL,$url);
$data = curl_exec($ch);
$formFields = getFormFields($data);
$formFields['Email'] = $USERNAME;
$formFields['Passwd'] = $PASSWORD;
$post_string = "";
$post_string .= "ltmpl=".$formFields['ltmpl']."&GALX=".urlencode($formFields['GALX'])."&continue=".urlencode($formFields['continue'])."&service=".urlencode($formFields['service'])."";
$post_string .= "&shdf=".urlencode($formFields['shdf'])."&scc=1&sarp=1&_utf8=".urlencode($formFields['_utf8'])."&bgresponse=js_disabled&pstMsg=0&dnConn=&checkConnection=&checkedDomains=youtube";
$post_string .= "&Email=".urlencode($formFields['Email'])."&Passwd=".urlencode($formFields['Passwd'])."&signIn=SignIn";
curl_setopt ($ch, CURLOPT_POSTFIELDS, $post_string);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_URL,"https://accounts.google.com/ServiceLoginAuth");
$data = curl_exec($ch);
preg_match_all('/^Location:(.*)$/mi', $data, $matches);
!empty($matches[1]) ? $url = trim($matches[1][0]) : 'No redirect found';
curl_setopt($ch, CURLOPT_URL,$url);
$data = curl_exec($ch);
preg_match_all('/^Location:(.*)$/mi', $data, $matches);
!empty($matches[1]) ? $url = trim($matches[1][0]) : 'No redirect found';
preg_match_all("/auth\=(.*)/", $url, $auMatch);
$params = array(
"from_login" => 0,
"response_type" => "code",
"scope" => "https://www.googleapis.com/auth/blogger", // Request Blogger authentication
"redirect_uri" => "myredirecturl",
"client_id" => "myclientid",
"authuser" => 0,
"hl" => "th",
"auth" =>trim($auMatch[1][0])
);
$postvars='';
foreach($params as $key=>$value) {
$postvars .= $key . "=" . $value . "&";
}
$postvars = substr($postvars, 0, -1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postvars);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_URL,"https://accounts.google.com/o/oauth2/auth");
echo $data = curl_exec($ch);
preg_match_all("<form id=\"connect-approve\" action=\"(.*)\" method=\"POST\" style=\"display: inline;\">", $data, $urlaction);
!empty($urlaction[1]) ? $urlaction = trim($urlaction[1][0]) : 'No redirect found';
preg_match_all("<input id=\"state_wrapper\" type=\"hidden\" name=\"state_wrapper\" value=\"(.*)\">", $data, $state_wrapper);
!empty($state_wrapper[1]) ? $state_wrapper = trim($state_wrapper[1][0]) : 'No redirect found';
preg_match_all("<input type=\"hidden\" id=\"bgresponse\" name=\"bgresponse\" value=\"(.*)\">", $data, $bgresponse);
echo !empty($bgresponse[1]) ? $bgresponse = trim($bgresponse[1][0]) : 'No redirect found';
$poststring = "bgresponse=&_utf8=☃&state_wrapper=".$state_wrapper."&submit_access=true";
curl_setopt ($ch, CURLOPT_POSTFIELDS, $poststring);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_URL,$urlaction);
echo $data = curl_exec($ch);
curl_close($ch);
function getFormFields($data){
if (preg_match('/(<form.*?id=.?gaia_loginform.*?<\/form>)/is', $data, $matches)) {
$inputs = getInputs($matches[1]);
return $inputs;
} else {
die('didnt find login form');
}
}
function getInputs($form)
{
$inputs = array();
$elements = preg_match_all('/(<input[^>]+>)/is', $form, $matches);
if ($elements > 0) {
for($i = 0; $i < $elements; $i++) {
$el = preg_replace('/\s{2,}/', ' ', $matches[1][$i]);
if (preg_match('/name=(?:["\'])?([^"\'\s]*)/i', $el, $name)) {
$name = $name[1];
$value = '';
if (preg_match('/value=(?:["\'])?([^"\'\s]*)/i', $el, $value)) {
$value = $value[1];
}
$inputs[$name] = $value;
}
}
}
return $inputs;
}
Now, I can access to approve application page for get code from redirect url.
But I can't get value of element id bgresponse. The bgresponse value will create after click accept button. What should I do?
