I need to be able to programmatically set email filters (something that gmail API doesn't support), so...
I signed up today for a Google apps for Work 30 days trial, I read the docs over here and I found this PHP code (adapted for my needs, code running on a dedicated box running PHP Version 5.4.30 + CentOS 6.4):
<?php
$user_email = 'super-admin@my-domain.com';
$user_passwd = 'admin-password';
$email_label = 'my-label';
// ================================================================== //
function getEmailXML($is_label)
{
global $user_email, $email_label;
list($username, $domain) = split('@', $user_email);
$result = "<?xml version='1.0' encoding='utf-8'?>" . "\n";
if ($is_label)
{
$result .= "<atom:entry xmlns:atom='http://www.w3.org/2005/Atom' xmlns:apps='http://schemas.google.com/apps/2006'>";
$result .= "<apps:property name=\"label\" value=\"$email_label\" />";
}
else
{
$result .= "<atom:entry xmlns:atom='http://www.w3.org/2005/Atom' xmlns:apps='http://schemas.google.com/apps/2006'>";
$result .= " <apps:property name='to' value='$username+$email_label@$domain' />";
$result .= " <apps:property name='label' value='$email_label' />";
$result .= " <apps:property name='neverSpam' value='true' />";
}
$result .= "</atom:entry>";
return $result;
}
// ================================================================== //
function getAuthToken($account)
{
// Getting the google authentication token
$tk_ch = curl_init();
curl_setopt($tk_ch, CURLOPT_URL, "https://www.google.com/accounts/ClientLogin");
curl_setopt($tk_ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($tk_ch, CURLOPT_POST, true);
curl_setopt($tk_ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($tk_ch, CURLOPT_POSTFIELDS, $account);
curl_setopt($tk_ch, CURLOPT_VERBOSE, true);
$response = curl_exec($tk_ch);
curl_close($tk_ch);
$str_split = split('=', $response);
$token = $str_split[3];
return $token;
}
// ================================================================== //
function email_New_Filter_Or_Label($token, $action)
{
global $user_email;
list($username, $domain) = split('@', $user_email);
$ch = curl_init();
$url_feed = "https://apps-apis.google.com/a/feeds/emailsettings/2.0/$domain/$username/$action";
curl_setopt($ch, CURLOPT_URL, $url_feed);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FAILONERROR, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: GoogleLogin auth="' . trim($token) . '"',
'Content-type: application/atom+xml'
));
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, getEmailXML(($action == 'label'))); // getEmailXML($is_label)
$result = curl_exec($ch);
curl_close($ch);
if ($result) {
return true;
}
return false;
}
// ================================================================== //
$my_acc = array(
'accountType' => 'GOOGLE',
'Email' => $user_email,
'Passwd' => $user_passwd,
'service' => 'apps',
);
$auth_token = getAuthToken($my_acc);
$test = email_New_Filter_Or_Label($auth_token, "label");
// $test = email_New_Filter_Or_Label($auth_token, "filter");
var_dump($test);
?>
Login does work just fine, but creating a label return a 500 error. Running php /my-script/path/public_html/my-script.php via putty gives me this output:
* About to connect() to www.google.com port 443 (#0)
* Trying 2a00:1450:4001:805::1012... * connected
* Connected to www.google.com (2a00:1450:4001:805::1012) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* SSL connection using SSL_RSA_WITH_RC4_128_SHA
* Server certificate:
* subject: CN=www.google.com,O=Google Inc,L=Mountain View,ST=California,C=US
* start date: Sep 10 13:49:36 2014 GMT
* expire date: Dec 09 00:00:00 2014 GMT
* common name: www.google.com
* issuer: CN=Google Internet Authority G2,O=Google Inc,C=US
> POST /accounts/ClientLogin HTTP/1.1
Host: www.google.com
Accept: */*
Content-Length: 476
Expect: 100-continue
Content-Type: multipart/form-data; boundary=----------------------------6f31c3e84eeb
* Done waiting for 100-continue
< HTTP/1.1 200 OK
< Content-Type: text/plain
< X-Frame-Options: DENY
< Cache-control: no-cache, no-store
< Pragma: no-cache
< Expires: Mon, 01-Jan-1990 00:00:00 GMT
< Date: Fri, 19 Sep 2014 23:22:35 GMT
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Content-Length: 1139
< Server: GSE
< Alternate-Protocol: 443:quic,p=0.002
<
* Connection #0 to host www.google.com left intact
* Closing connection #0
* About to connect() to apps-apis.google.com port 443 (#0)
* Trying 2a00:1450:4010:c04::76... * connected
* Connected to apps-apis.google.com (2a00:1450:4010:c04::76) port 443 (#0)
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* SSL connection using SSL_RSA_WITH_RC4_128_SHA
* Server certificate:
* subject: CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US
* start date: Sep 10 14:03:47 2014 GMT
* expire date: Dec 09 00:00:00 2014 GMT
* common name: *.google.com
* issuer: CN=Google Internet Authority G2,O=Google Inc,C=US
> POST /a/feeds/emailsettings/2.0/my-domain.com/super-admin/label HTTP/1.1
Host: apps-apis.google.com
Accept: */*
Authorization: GoogleLogin auth="DQAAAA8BAABE0TPBcstbG31ry47v9WUzihACSe6j11mMXTMNMiiFN09vtCqbMFr0lv_Y2tPJtavYyJdcI0mGsJLJDuC1_q15q6FgdNbO-mAPfOEg4Q8ybk4V_8CUSQNBFSUByC_CAfbwR2gWMw10wqfo9S8afU0LOfX4PrOAWnpA8Dy-3ZMJi-EkipLZlsehZTuW0WS3zkml1uYHTczYRyyH28Ns27ql8OtCW8KOmxvdgpWGYGAR20Z1kbqj3TUBGwE2j4r37qc25_Lj9sjdczmMuBZT8Fr_8SQSzcQaB_U08_NJcueaY4eUoSJfouxh_OqOjE5OTgrqywIzXDEO5K3kNP3o7egmj4p_p2s3k6ZVl2eowhYVqg"
Content-type: application/atom+xml
Content-Length: 201
* The requested URL returned error: 500 Internal Server Error
* Closing connection #0
bool(false)
I've spent the whole trying to make this work, I googled a lot (all in vain), can someone tell me what's wrong with my code?
Thanks in advance!
OK, I was able to properly(?) create a label and filter using this code (let's call it email-api.php):
<?php
error_reporting(E_ALL);
require_once 'consts.php';
global $username, $google_app_domain, $user_email, $label_dir;
global $client_id, $client_secret, $redirect_uri, $developer_key, $app_name;
$action = $_GET['action'];
if ( ($action !== NEW_LABEL) && ($action !== NEW_FILTER) && ($action !== NEW_LABEL_FILTER) ) { die('Error #1'); }
$email_label = trim( $_GET['label'] ); // TODO: Sanitize passed data!
session_start();
set_include_path(GOOGLE_API_PHP_CLIENT_SRC . PATH_SEPARATOR . get_include_path());
require_once 'Google/Client.php';
require_once 'Google/Service/Gmail.php';
/* =========================
Use OAuth2 to authenticate
======================== */
$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->setApplicationName($app_name);
$client->setDeveloperKey($developer_key);
// $client->addScope("https://www.googleapis.com/auth/gmail.modify");
$client->addScope("https://apps-apis.google.com/a/feeds/emailsettings/2.0/");
$client->addScope("https://mail.google.com/");
$service = new Google_Service_Gmail($client);
if (isset($_REQUEST['logout'])) {
unset($_SESSION['access_token']);
}
if (isset($_GET['code']))
{
$client->authenticate($_GET['code']);
$_SESSION['access_token'] = $client->getAccessToken();
$redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
}
if (isset($_SESSION['access_token']) && $_SESSION['access_token'])
{
$client->setAccessToken($_SESSION['access_token']);
if ($client->isAccessTokenExpired())
{
echo "Access Token expired :(<br />\n";
unset($_SESSION['access_token']);
}
}
else
{
$authUrl = $client->createAuthUrl();
header('Location: ' . filter_var($authUrl, FILTER_SANITIZE_URL));
}
if (!$client->getAccessToken()) { die("Invalid Access Token :(\n<br />"); }
/* =========================================================
We're signed in so let's proceed with the specified action
========================================================= */
$authObj = json_decode( $client->getAccessToken() );
switch ($action)
{
case NEW_LABEL:
DoURL( $google_app_domain, $username, NEW_LABEL, GetData(NEW_LABEL) );
break;
case NEW_FILTER:
DoURL( $google_app_domain, $username, NEW_FILTER, GetData(NEW_FILTER) );
break;
case NEW_LABEL_FILTER:
DoURL( $google_app_domain, $username, NEW_LABEL, GetData(NEW_LABEL) );
DoURL( $google_app_domain, $username, NEW_FILTER, GetData(NEW_FILTER) );
break;
}
// ============================================================== //
function GetData($action)
{
global $username, $email_label, $label_dir, $google_app_domain;
if ($action == NEW_LABEL)
{
$data = '<?xml version="1.0" encoding="utf-8"?>
<atom:entry xmlns:atom="http://www.w3.org/2005/Atom" xmlns:apps="http://schemas.google.com/apps/2006">
<apps:property name="label" value="' . $email_label . '" />
</atom:entry>';
}
else if ($action == NEW_FILTER)
{
$data = "<atom:entry xmlns:atom='http://www.w3.org/2005/Atom' xmlns:apps='http://schemas.google.com/apps/2006'>";
$data .= " <apps:property name='to' value='$username+$email_label@$google_app_domain' />";
$data .= " <apps:property name='label' value='$label_dir/$email_label' />";
$data .= " <apps:property name='neverSpam' value='true' />";
$data .= "</atom:entry>";
}
return $data;
}
// ============================================================== //
function DoURL($google_app_domain, $username, $action, $data)
{
global $authObj;
$headers = array(
"Content-type: application/atom+xml",
"Content-length: " . strlen($data),
"Authorization: " . $authObj->token_type . " " . $authObj->access_token,
"X-HTTP-Method-Override: POST"
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://apps-apis.google.com/a/feeds/emailsettings/2.0/$google_app_domain/$username/$action");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
print_r($response = curl_exec($ch));
}
// ============================================================== //
?>
This file needs another file (consts.php), which looks like this:
<?php
// =====================
// Constants
// =====================
define('GOOGLE_API_PHP_CLIENT_SRC', '/full/path/to/google-api-php-client/src/');
define('NEW_LABEL', 'label');
define('NEW_FILTER', 'filter');
define('NEW_LABEL_FILTER', 'both');
$username = 'john.doe';
$google_app_domain = "super-domain.com";
$user_email = "$username@$google_app_domain";
$client_id = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.apps.googleusercontent.com';
$client_secret = 'YYYYYYYYYYYYYYYYYYYYYYYY';
// $redirect_uri should point to the main PHP file. Register a projet in https://console.developers.google.com/ and make sure redirect url points to this file, too
$redirect_uri = "http://www.$google_app_domain/email-api.php";
$developer_key = "AIzaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
$app_name = 'Application name, as defined in https://console.developers.google.com/';
$label_dir = 'Work'; // Optional, purely to organize mailbox, ie. "Work/Boss" or "Work/HR", etc...
?>
I basically switched to OAuth2, refactored my code, made a lot of cleanup and...it seems to be working just fine!