Merge pull request googleglass#6 from googleglass/reauth

Bug fixes and improved MyGlass 'off' handling

Author: mimming

index.php

@@ -29,6 +29,7 @@
   header('Location: ' . $base_url . '/oauth2callback.php');
   exit;
 } else {
+  verify_credentials(get_credentials($_SESSION['userid']));
   $client->setAccessToken(get_credentials($_SESSION['userid']));
 }
 
@@ -170,11 +171,6 @@
   <div class="navbar-inner">
     <div class="container">
       <a class="brand" href="#">Glassware Starter Project: PHP Edition</a>
-      <div class="nav-collapse collapse">
-        <form class="navbar-form pull-right" action="signout.php" method="post">
-          <button type="submit" class="btn">Sign out</button>
-        </form>
-      </div>
     </div>
   </div>
 </div>

mirror-client.php

@@ -22,6 +22,8 @@
 // found at https://developers.google.com/glass/v1/reference
 
 require_once 'config.php';
+require_once 'google-api-php-client/src/Google_Client.php';
+require_once 'google-api-php-client/src/contrib/Google_Oauth2Service.php';
 
 // Returns an unauthenticated service
 function get_google_api_client() {
@@ -49,6 +51,38 @@ function get_google_api_client() {
   return $client;
 }
 
+/*
+ * Verify the credentials. If they're broken, attempt to re-auth
+ * This will only work if you haven't printed anything yet (since
+ * it uses an HTTP header for the redirect)
+ */
+function verify_credentials($credentials) {
+  //TODO: Use the oauth2.tokeninfo() method instead once it's
+  //      exposed by the PHP client library
+  global $base_url;
+
+  $client = get_google_api_client();
+  $client->setAccessToken($credentials);
+
+  $token_checker = new Google_Oauth2Service($client);
+  try {
+    $token_checker->userinfo->get();
+  } catch (Google_ServiceException $e) {
+    if($e->getCode() == 401) {
+      // This user may have disabled the Glassware on MyGlass.
+      // Clean up the mess and attempt to re-auth.
+      unset($_SESSION['userid']);
+      header('Location: ' . $base_url . '/oauth2callback.php');
+      exit;
+
+    } else {
+      // Let it go...
+      throw $e;
+    }
+  }
+
+}
+
 function insert_timeline_item($service, $timeline_item, $content_type, $attachment)
 {
   try {

util.php

@@ -28,7 +28,7 @@ function store_credentials($user_id, $credentials) {
   $user_id = sqlite_escape_string(strip_tags($user_id));
   $credentials = sqlite_escape_string(strip_tags($credentials));
 
-  $insert = "insert into credentials values ('$user_id', '$credentials')";
+  $insert = "insert or replace into credentials values ('$user_id', '$credentials')";
   sqlite_exec($db, $insert);
 
 }
@@ -59,7 +59,8 @@ function init_db() {
   $db = sqlite_open($sqlite_database);
   $test_query = "select count(*) from sqlite_master where name = 'credentials'";
   if (sqlite_fetch_single(sqlite_query($db, $test_query)) == 0) {
-    $create_table = "create table credentials (userid text, credentials text);";
+    $create_table = "create table credentials (userid text not null unique, " .
+        "credentials text not null);";
     sqlite_exec($db, $create_table);
   }
   return $db;