Become Zend Certified

Prepare for the ZCE exam using our quizzes (web or iPad/iPhone). More info...

When you're ready get 7.5% off your exam voucher using voucher CJQNOV23 at the Zend Store

Connect To The Base Service

The Google Base API, like all GData APIs, is based off of the Atom Publishing Protocol (APP), an XML based format for managing web-based resources. Traffic between a client and the Google Base servers occurs over HTTP and allows for both authenticated and unauthenticated connections.

Before any transactions can occur, this connection needs to be made. Creating a connection to the base servers involves two steps: creating an HTTP client and binding a Zend_Gdata_Gbase service instance to that client.


The Google Base API allows access to both public and private base feeds. Public feeds do not require authentication, but are read-only and offer reduced functionality. Private feeds offers the most complete functionality but requires an authenticated connection to the base servers. There are three authentication schemes that are supported by Google Base:

  • ClientAuth provides direct username/password authentication to the base servers. Since this scheme requires that users provide your application with their password, this authentication is only recommended when other authentication schemes are insufficient.

  • AuthSub allows authentication to the base servers via a Google proxy server. This provides the same level of convenience as ClientAuth but without the security risk, making this an ideal choice for web-based applications.

The Zend_Gdata library provides support for all three authentication schemes. The rest of this chapter will assume that you are familiar the authentication schemes available and how to create an appropriate authenticated connection. For more information, please see the authentication section or the Authentication Overview in the Google Data API Developer's Guide.

Create A Service Instance

In order to interact with Google Base, this library provides the Zend_Gdata_Gbase service class. This class provides a common interface to the Google Data and Atom Publishing Protocol models and assists in marshaling requests to and from the base servers.

Once deciding on an authentication scheme, the next step is to create an instance of Zend_Gdata_Gbase. This class takes in an instance of Zend_Http_Client as a single argument. This provides an interface for AuthSub and ClientAuth authentication, as both of these creation of a special authenticated HTTP client. If no arguments are provided, an unauthenticated instance of Zend_Http_Client will be automatically created.

The example below shows how to create a Base service class using ClientAuth authentication:

// Parameters for ClientAuth authentication
$service Zend_Gdata_Gbase::AUTH_SERVICE_NAME;
$user "";
$pass "pa$$w0rd";

// Create an authenticated HTTP client
$client Zend_Gdata_ClientLogin::getHttpClient($user$pass$service);

// Create an instance of the Base service
$service = new Zend_Gdata_Gbase($client);

A Base service using AuthSub can be created in a similar, though slightly more lengthy fashion:

 * Retrieve the current URL so that the AuthSub server knows where to
 * redirect the user after authentication is complete.
function getCurrentUrl()

// Filter php_self to avoid a security vulnerability.
$php_request_uri =
strcspn($_SERVER['REQUEST_URI'], "\n\r")),

    if (isset(
strtolower($_SERVER['HTTPS']) == 'on') {
$protocol 'https://';
    } else {
$protocol 'http://';
$host $_SERVER['HTTP_HOST'];
    if (
$_SERVER['HTTP_PORT'] != '' &&
$protocol == 'http://' && $_SERVER['HTTP_PORT'] != '80') ||
$protocol == 'https://' && $_SERVER['HTTP_PORT'] != '443'))) {
$port ':' $_SERVER['HTTP_PORT'];
    } else {
$port '';
$protocol $host $port $php_request_uri;

 * Obtain an AuthSub authenticated HTTP client, redirecting the user
 * to the AuthSub server to login if necessary.
function getAuthSubHttpClient()

// If there is no AuthSub session or one-time token waiting for us,
    // redirect the user to the AuthSub server to get one.
if (!isset($_SESSION['sessionToken']) && !isset($_GET['token'])) {
// Parameters to give to AuthSub server
$next getCurrentUrl();
$scope "";
$secure false;
$session true;

// Redirect the user to the AuthSub server to sign in

$authSubUrl Zend_Gdata_AuthSub::getAuthSubTokenUri($next,
header("HTTP/1.0 307 Temporary redirect");

header("Location: " $authSubUrl);


// Convert an AuthSub one-time token into a session token if needed
if (!isset($_SESSION['sessionToken']) && isset($_GET['token'])) {
$_SESSION['sessionToken'] =

// At this point we are authenticated via AuthSub and can obtain an
    // authenticated HTTP client instance

    // Create an authenticated HTTP client
$client Zend_Gdata_AuthSub::getHttpClient($_SESSION['sessionToken']);

// -> Script execution begins here <-

// Make sure
// the user has a valid session, so we can record the
// AuthSub session token once it is available.

// Create an instance of the Base service, redirecting the user
// to the AuthSub server if necessary.
$service = new Zend_Gdata_Gbase(getAuthSubHttpClient());

Finally, an unauthenticated server can be created for use with snippets feeds:

// Create an instance of the Base service using an unauthenticated HTTP client
$service = new Zend_Gdata_Gbase();

Zend Framework