GA integration on Dashboard used deprecated auth methods, must use oauth2.0 now

[mamarmite]

The library used in pyrocms 2.2.5 use a deprecated API (https://developers.google.com/identity/protocols/AuthForInstalledApps).

We should use oauth 2.0.

thephpleague oauth 2.0 lib seem perfect to replace the swis.nl one.

I need feedback for a fix:
My first dev plan is to:
Make the thephpleague oauth2.0 into a pyrocms library
Call the appropriate calls, indeed, on load of the dash board and use the config.
We may need to add a field to the config like API Key (or morph a field into that info) (didn't dig yet in the perequist of Google).

Thanks in advance for fix feedback.

[RyanThompson]

Sounds like a lot of work trying to smush a PSR package into a traditional library setting. Rewriting probably won't be fun. What about just writing the bare essentials in cURL to get the path in? It doesn't do a whole lot and could probably put into a single patching class.

Minimal overhead and straight to the point is my thought on this particular 2.2 problem.

[ikoniqoz]

@mamarmite - Thanks for posting! This has been a problem all thru Pyro2.2 I hope we can get a resolution to this as Pyro2.2 will be around for a while.....

[RyanThompson]

@ikoniqoz would you mind taking a gander at: #3503

If not, I should be able to test it tomorrow or so - got a ton of 3.0 stuff I am trying to plow though for Beta

[ikoniqoz]

@RyanThompson Thanks for the tip. - I did find that after I posted - but its all greek to me as a "non-dev" as Marco says.... Not sure what version Marco is referring to - assumed it was for 3.0. Sorry I cant be of any help. Maybe we can get other more capable devs to participate with Marco. Anyways, its been like this for yonks - I mentioned it because I am going thru all the niggles I have with 2.2.5, so it can wait til 3.0 is further down the track....

[marcogrueter]

Don't worry @ikoniqoz, it's not THAT hard.

Just follow the steps outlined in the OAuth2 docs: https://developers.google.com/identity/protocols/OAuth2ServiceAccount (Creating a service account)

• Then click "Generate New P12 Key", save the file to system/cms/config/ga-key.p12
• add the e-mail address that was generated for you to the list of users that are allowed to access your google analytics (https://support.google.com/analytics/answer/1009702?hl=en), read&analyze permissions are enough

This takes 15 minutes at most.

[ikoniqoz]

@marcogrueter OK - Thanks for the tip. That I can try.

[mamarmite]

I tried it on localhost with a fresh 2.2/develop branch and it work! (apache 2, php 5.6 windows)

[ikoniqoz]

Firstly, much kudos to @marcogrueter for getting this issue addressed. Thanks Marco.
Whilst I was grateful for the help text above, it really was a daunting task thanks to the above being very brief and differs from what is presented on #3503.
Here is what (I think) I have done so far:

1. Logged in to the Google Developer Console
2. Created a new Project
3. In the Project Home screen I selected Enable Google APIs
4. From the list of APIs that appeared, I selected Analytics API
5. On the Credentials Screen there is a choice of 3 options. I selected Service Account.
6. Then I selected the P12 option for the type of Key.
7. Finally, my new Key was downloaded.

So far so good. The thing I am not clear on is this Is this key good for just one site, or do I need a new key for each client site ? And what about the Private Key's password "notasecret" ?

Now that I have the key and added it to the system/cms/config folder, I see that the path is shown as an editable field (Google Analytic Password field) in the Integration tab of the Site's Settings page. I am wondering why this field is editable .. Perhaps it should be Read Only input type and the label changed to read "Google API Key Path" ?

[RyanThompson]

I've merged this in.

[RyanThompson]

Might need tweaking but at least it is moving!