在 Rails 上使用 Google OAuth2 API 和 Ruby
Using Google OAuth2 API with Ruby on Rails
我的系统有多个客户账户,每个账户至少有一个网站有一个 Google Analytics 账户。
我需要我的客户授权我的系统访问 Google Analytics 帐户,以便我可以生成自动月度报告页面视图,并将此信息与我系统的其他信息一起呈现给他们。我想在不需要客户再次授权我的应用程序访问他们的 Google Analytics 帐户的情况下执行此操作。
当客户端授权访问 Google Analytics 时,它会运行大约 1 小时(我认为这是会话时间令牌 expires_in: 3600)。这段时间之后我无法访问 Google Analytics 客户端。正如您在代码中看到的那样,我已经尝试使用 access_type:: offline 并使用 client.update_token! 更新客户端令牌,但我不知道如何执行此操作。谁能告诉我我正在尝试做的事情是否可行,并告诉我如何做到这一点,这样我就可以在没有客户再次授权我的应用程序的情况下生成月度报告?
我在我的控制器中创建了一些方法(我知道代码不好,这只是一个测试,也许我应该在将访问令牌写入我的数据库之前对其进行加密)。
class ContractedProductsController < ApplicationController
def analytics_connection
client_info = {
client_id: Rails.configuration.x.google_api['client_id'],
client_secret: Rails.configuration.x.google_api['client_secret'],
authorization_uri: Rails.configuration.x.google_api['authorization_uri'],
scope: Google::Apis::AnalyticsV3::AUTH_ANALYTICS_READONLY,
redirect_uri: url_for(action: :analytics_callback),
state: Base64.encode64('{ "account": ' + params[:account_id] + ', "contracted_product": ' + params[:id] + ' }'),
additional_parameters: { access_type: :offline, approval_prompt: :force }
}
client = Signet::OAuth2::Client.new(client_info)
redirect_to client.authorization_uri.to_s
end
def analytics_callback
client_info = {
client_id: Rails.configuration.x.google_api['client_id'],
client_secret: Rails.configuration.x.google_api['client_secret'],
token_credential_uri: Rails.configuration.x.google_api['token_credential_uri'],
redirect_uri: url_for(action: :analytics_callback),
code: params[:code]
}
client = Signet::OAuth2::Client.new(client_info)
response = client.fetch_access_token!
session[:google_api] = response
state = JSON.parse(Base64.decode64(params[:state]), object_class: OpenStruct)
redirect_to account_contracted_product_analytics_list_path(state.account, state.contracted_product)
end
def analytics_list
client = Signet::OAuth2::Client.new(access_token: session[:google_api]['access_token'])
service = Google::Apis::AnalyticsV3::AnalyticsService.new
service.authorization = client
@account_summaries = service.list_account_summaries
end
def analytics_save
api_integrations = [
{
entity_type: ContractedProduct.name,
entity_id: @contracted_product.id,
key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:access_token],
value: session[:google_api]['access_token']
},
{
entity_type: ContractedProduct.name,
entity_id: @contracted_product.id,
key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:refresh_token],
value: session[:google_api]['refresh_token']
},
{
entity_type: ContractedProduct.name,
entity_id: @contracted_product.id,
key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:profile_id],
value: params[:profile_id]
}
]
@api_integration = ApiIntegration.create(api_integrations)
respond_to do |format|
if @api_integration
format.html { redirect_to [@account, @contracted_product], notice: I18n.t('controllers.contracted_products.analytics_data_successfully_saved', default: 'Analytics data was successfully saved.') }
format.json { render :show, status: :ok, location: [@account, @contracted_product] }
else
format.html { render :analytics_save, status: :ok, location: [@account, @contracted_product] }
format.json { render json: @contracted_products_service.errors, status: :unprocessable_entity }
end
end
end
def analytics_report
entity_conditions = { entity_type: ContractedProduct.name, entity_id: @contracted_product.id }
api_integration_access_token = ApiIntegration.find_by entity_conditions.merge(key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:access_token])
# api_integration_refresh_token = ApiIntegration.find_by entity_conditions.merge(key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:refresh_token])
api_integration_profile_id = ApiIntegration.find_by entity_conditions.merge(key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:profile_id])
client = Signet::OAuth2::Client.new(access_token: api_integration_access_token.value)
service = Google::Apis::AnalyticsV3::AnalyticsService.new
service.authorization = client
profile_id = 'ga:' + api_integration_profile_id.value
start_date = Date.today.at_beginning_of_month.last_month.to_s
end_date = Date.today.at_beginning_of_month.last_month.to_s
metrics = 'ga:pageviews'
dimensions = {
dimensions: 'ga:date'
}
@report = service.get_ga_data(profile_id, start_date, end_date, metrics, dimensions)
end
end
这很简单,但我认为我在测试中没有将 token_credential_uri 放在对 API 的调用中。
正在观察这个答案“How do I refresh my google_oauth2 access token using my refresh token?
" 我找到了正确的方法。
我刚刚在 API 调用中添加了以下参数:client_id、client_secret、token_credential_uri 和 refresh_token。
def analytics_report
entity_conditions = { entity_type: ContractedProduct.name, entity_id: @contracted_product.id }
api_integration_refresh_token = ApiIntegration.find_by entity_conditions.merge(key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:refresh_token])
api_integration_profile_id = ApiIntegration.find_by entity_conditions.merge(key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:profile_id])
client_info = {
client_id: Rails.configuration.x.google_api['client_id'],
client_secret: Rails.configuration.x.google_api['client_secret'],
token_credential_uri: Rails.configuration.x.google_api['token_credential_uri'],
refresh_token: api_integration_refresh_token.value
}
client = Signet::OAuth2::Client.new(client_info)
service = Google::Apis::AnalyticsV3::AnalyticsService.new
service.authorization = client
profile_id = 'ga:' + api_integration_profile_id.value
start_date = Date.today.at_beginning_of_month.last_month.to_s
end_date = Date.today.at_beginning_of_month.last_month.to_s
metrics = 'ga:pageviews'
dimensions = {
dimensions: 'ga:date'
}
@report = service.get_ga_data(profile_id, start_date, end_date, metrics, dimensions)
end
我的系统有多个客户账户,每个账户至少有一个网站有一个 Google Analytics 账户。 我需要我的客户授权我的系统访问 Google Analytics 帐户,以便我可以生成自动月度报告页面视图,并将此信息与我系统的其他信息一起呈现给他们。我想在不需要客户再次授权我的应用程序访问他们的 Google Analytics 帐户的情况下执行此操作。
当客户端授权访问 Google Analytics 时,它会运行大约 1 小时(我认为这是会话时间令牌 expires_in: 3600)。这段时间之后我无法访问 Google Analytics 客户端。正如您在代码中看到的那样,我已经尝试使用 access_type:: offline 并使用 client.update_token! 更新客户端令牌,但我不知道如何执行此操作。谁能告诉我我正在尝试做的事情是否可行,并告诉我如何做到这一点,这样我就可以在没有客户再次授权我的应用程序的情况下生成月度报告?
我在我的控制器中创建了一些方法(我知道代码不好,这只是一个测试,也许我应该在将访问令牌写入我的数据库之前对其进行加密)。
class ContractedProductsController < ApplicationController
def analytics_connection
client_info = {
client_id: Rails.configuration.x.google_api['client_id'],
client_secret: Rails.configuration.x.google_api['client_secret'],
authorization_uri: Rails.configuration.x.google_api['authorization_uri'],
scope: Google::Apis::AnalyticsV3::AUTH_ANALYTICS_READONLY,
redirect_uri: url_for(action: :analytics_callback),
state: Base64.encode64('{ "account": ' + params[:account_id] + ', "contracted_product": ' + params[:id] + ' }'),
additional_parameters: { access_type: :offline, approval_prompt: :force }
}
client = Signet::OAuth2::Client.new(client_info)
redirect_to client.authorization_uri.to_s
end
def analytics_callback
client_info = {
client_id: Rails.configuration.x.google_api['client_id'],
client_secret: Rails.configuration.x.google_api['client_secret'],
token_credential_uri: Rails.configuration.x.google_api['token_credential_uri'],
redirect_uri: url_for(action: :analytics_callback),
code: params[:code]
}
client = Signet::OAuth2::Client.new(client_info)
response = client.fetch_access_token!
session[:google_api] = response
state = JSON.parse(Base64.decode64(params[:state]), object_class: OpenStruct)
redirect_to account_contracted_product_analytics_list_path(state.account, state.contracted_product)
end
def analytics_list
client = Signet::OAuth2::Client.new(access_token: session[:google_api]['access_token'])
service = Google::Apis::AnalyticsV3::AnalyticsService.new
service.authorization = client
@account_summaries = service.list_account_summaries
end
def analytics_save
api_integrations = [
{
entity_type: ContractedProduct.name,
entity_id: @contracted_product.id,
key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:access_token],
value: session[:google_api]['access_token']
},
{
entity_type: ContractedProduct.name,
entity_id: @contracted_product.id,
key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:refresh_token],
value: session[:google_api]['refresh_token']
},
{
entity_type: ContractedProduct.name,
entity_id: @contracted_product.id,
key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:profile_id],
value: params[:profile_id]
}
]
@api_integration = ApiIntegration.create(api_integrations)
respond_to do |format|
if @api_integration
format.html { redirect_to [@account, @contracted_product], notice: I18n.t('controllers.contracted_products.analytics_data_successfully_saved', default: 'Analytics data was successfully saved.') }
format.json { render :show, status: :ok, location: [@account, @contracted_product] }
else
format.html { render :analytics_save, status: :ok, location: [@account, @contracted_product] }
format.json { render json: @contracted_products_service.errors, status: :unprocessable_entity }
end
end
end
def analytics_report
entity_conditions = { entity_type: ContractedProduct.name, entity_id: @contracted_product.id }
api_integration_access_token = ApiIntegration.find_by entity_conditions.merge(key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:access_token])
# api_integration_refresh_token = ApiIntegration.find_by entity_conditions.merge(key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:refresh_token])
api_integration_profile_id = ApiIntegration.find_by entity_conditions.merge(key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:profile_id])
client = Signet::OAuth2::Client.new(access_token: api_integration_access_token.value)
service = Google::Apis::AnalyticsV3::AnalyticsService.new
service.authorization = client
profile_id = 'ga:' + api_integration_profile_id.value
start_date = Date.today.at_beginning_of_month.last_month.to_s
end_date = Date.today.at_beginning_of_month.last_month.to_s
metrics = 'ga:pageviews'
dimensions = {
dimensions: 'ga:date'
}
@report = service.get_ga_data(profile_id, start_date, end_date, metrics, dimensions)
end
end
这很简单,但我认为我在测试中没有将 token_credential_uri 放在对 API 的调用中。
正在观察这个答案“How do I refresh my google_oauth2 access token using my refresh token? " 我找到了正确的方法。
我刚刚在 API 调用中添加了以下参数:client_id、client_secret、token_credential_uri 和 refresh_token。
def analytics_report
entity_conditions = { entity_type: ContractedProduct.name, entity_id: @contracted_product.id }
api_integration_refresh_token = ApiIntegration.find_by entity_conditions.merge(key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:refresh_token])
api_integration_profile_id = ApiIntegration.find_by entity_conditions.merge(key: ApiIntegration::GOOGLE_ANALYTICS_KEYS[:profile_id])
client_info = {
client_id: Rails.configuration.x.google_api['client_id'],
client_secret: Rails.configuration.x.google_api['client_secret'],
token_credential_uri: Rails.configuration.x.google_api['token_credential_uri'],
refresh_token: api_integration_refresh_token.value
}
client = Signet::OAuth2::Client.new(client_info)
service = Google::Apis::AnalyticsV3::AnalyticsService.new
service.authorization = client
profile_id = 'ga:' + api_integration_profile_id.value
start_date = Date.today.at_beginning_of_month.last_month.to_s
end_date = Date.today.at_beginning_of_month.last_month.to_s
metrics = 'ga:pageviews'
dimensions = {
dimensions: 'ga:date'
}
@report = service.get_ga_data(profile_id, start_date, end_date, metrics, dimensions)
end