PluginProbe ʕ •ᴥ•ʔ
Booking for Appointments and Events Calendar – Amelia / 2.4.4
Booking for Appointments and Events Calendar – Amelia v2.4.4
2.4.4 2.4.3 2.4.2 2.4.1 2.4 trunk 1.2.1 1.2.10 1.2.11 1.2.12 1.2.13 1.2.14 1.2.15 1.2.16 1.2.17 1.2.18 1.2.19 1.2.2 1.2.20 1.2.21 1.2.22 1.2.23 1.2.24 1.2.25 1.2.26 1.2.27 1.2.28 1.2.29 1.2.3 1.2.30 1.2.31 1.2.32 1.2.33 1.2.34 1.2.35 1.2.36 1.2.37 1.2.38 1.2.4 1.2.5 1.2.6 1.2.7 1.2.8 1.2.9 2.0 2.0.1 2.0.2 2.1 2.1.1 2.1.2 2.1.3 2.2 2.2.1 2.3
ameliabooking / vendor / google / auth / src / ApplicationDefaultCredentials.php
ameliabooking / vendor / google / auth / src Last commit date
Cache 6 months ago CredentialSource 6 months ago Credentials 6 months ago HttpHandler 6 months ago Middleware 1 week ago AccessToken.php 6 months ago ApplicationDefaultCredentials.php 6 months ago CacheTrait.php 6 months ago CredentialsLoader.php 6 months ago ExternalAccountCredentialSourceInterface.php 6 months ago FetchAuthTokenCache.php 6 months ago FetchAuthTokenInterface.php 6 months ago GCECache.php 6 months ago GetQuotaProjectInterface.php 6 months ago GetUniverseDomainInterface.php 6 months ago Iam.php 6 months ago IamSignerTrait.php 6 months ago OAuth2.php 6 months ago ProjectIdProviderInterface.php 6 months ago ServiceAccountSignerTrait.php 6 months ago SignBlobInterface.php 6 months ago UpdateMetadataInterface.php 6 months ago UpdateMetadataTrait.php 6 months ago
ApplicationDefaultCredentials.php
357 lines
1 <?php
2 /*
3 * Copyright 2015 Google Inc.
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18 namespace AmeliaVendor\Google\Auth;
19
20 use DomainException;
21 use AmeliaVendor\Google\Auth\Credentials\AppIdentityCredentials;
22 use AmeliaVendor\Google\Auth\Credentials\GCECredentials;
23 use AmeliaVendor\Google\Auth\Credentials\ServiceAccountCredentials;
24 use AmeliaVendor\Google\Auth\HttpHandler\HttpClientCache;
25 use AmeliaVendor\Google\Auth\HttpHandler\HttpHandlerFactory;
26 use AmeliaVendor\Google\Auth\Middleware\AuthTokenMiddleware;
27 use AmeliaVendor\Google\Auth\Middleware\ProxyAuthTokenMiddleware;
28 use AmeliaVendor\Google\Auth\Subscriber\AuthTokenSubscriber;
29 use AmeliaVendor\GuzzleHttp\Client;
30 use InvalidArgumentException;
31 use AmeliaVendor\Psr\Cache\CacheItemPoolInterface;
32
33 /**
34 * ApplicationDefaultCredentials obtains the default credentials for
35 * authorizing a request to a Google service.
36 *
37 * Application Default Credentials are described here:
38 * https://developers.google.com/accounts/docs/application-default-credentials
39 *
40 * This class implements the search for the application default credentials as
41 * described in the link.
42 *
43 * It provides three factory methods:
44 * - #get returns the computed credentials object
45 * - #getSubscriber returns an AuthTokenSubscriber built from the credentials object
46 * - #getMiddleware returns an AuthTokenMiddleware built from the credentials object
47 *
48 * This allows it to be used as follows with AmeliaVendor\GuzzleHttp\Client:
49 *
50 * ```
51 * use AmeliaVendor\Google\Auth\ApplicationDefaultCredentials;
52 * use AmeliaVendor\GuzzleHttp\Client;
53 * use AmeliaVendor\GuzzleHttp\HandlerStack;
54 *
55 * $middleware = ApplicationDefaultCredentials::getMiddleware(
56 * 'https://www.googleapis.com/auth/taskqueue'
57 * );
58 * $stack = HandlerStack::create();
59 * $stack->push($middleware);
60 *
61 * $client = new Client([
62 * 'handler' => $stack,
63 * 'base_uri' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/',
64 * 'auth' => 'google_auth' // authorize all requests
65 * ]);
66 *
67 * $res = $client->get('myproject/taskqueues/myqueue');
68 * ```
69 */
70 class ApplicationDefaultCredentials
71 {
72 /**
73 * @deprecated
74 *
75 * Obtains an AuthTokenSubscriber that uses the default FetchAuthTokenInterface
76 * implementation to use in this environment.
77 *
78 * If supplied, $scope is used to in creating the credentials instance if
79 * this does not fallback to the compute engine defaults.
80 *
81 * @param string|string[] $scope the scope of the access request, expressed
82 * either as an Array or as a space-delimited String.
83 * @param callable $httpHandler callback which delivers psr7 request
84 * @param array<mixed> $cacheConfig configuration for the cache when it's present
85 * @param CacheItemPoolInterface $cache A cache implementation, may be
86 * provided if you have one already available for use.
87 * @return AuthTokenSubscriber
88 * @throws DomainException if no implementation can be obtained.
89 */
90 public static function getSubscriber(// @phpstan-ignore-line
91 $scope = null,
92 ?callable $httpHandler = null,
93 ?array $cacheConfig = null,
94 ?CacheItemPoolInterface $cache = null
95 ) {
96 $creds = self::getCredentials($scope, $httpHandler, $cacheConfig, $cache);
97
98 /** @phpstan-ignore-next-line */
99 return new AuthTokenSubscriber($creds, $httpHandler);
100 }
101
102 /**
103 * Obtains an AuthTokenMiddleware that uses the default FetchAuthTokenInterface
104 * implementation to use in this environment.
105 *
106 * If supplied, $scope is used to in creating the credentials instance if
107 * this does not fallback to the compute engine defaults.
108 *
109 * @param string|string[] $scope the scope of the access request, expressed
110 * either as an Array or as a space-delimited String.
111 * @param callable $httpHandler callback which delivers psr7 request
112 * @param array<mixed> $cacheConfig configuration for the cache when it's present
113 * @param CacheItemPoolInterface $cache A cache implementation, may be
114 * provided if you have one already available for use.
115 * @param string $quotaProject specifies a project to bill for access
116 * charges associated with the request.
117 * @return AuthTokenMiddleware
118 * @throws DomainException if no implementation can be obtained.
119 */
120 public static function getMiddleware(
121 $scope = null,
122 ?callable $httpHandler = null,
123 ?array $cacheConfig = null,
124 ?CacheItemPoolInterface $cache = null,
125 $quotaProject = null
126 ) {
127 $creds = self::getCredentials($scope, $httpHandler, $cacheConfig, $cache, $quotaProject);
128
129 return new AuthTokenMiddleware($creds, $httpHandler);
130 }
131
132 /**
133 * Obtains the default FetchAuthTokenInterface implementation to use
134 * in this environment.
135 *
136 * @param string|string[] $scope the scope of the access request, expressed
137 * either as an Array or as a space-delimited String.
138 * @param callable $httpHandler callback which delivers psr7 request
139 * @param array<mixed> $cacheConfig configuration for the cache when it's present
140 * @param CacheItemPoolInterface $cache A cache implementation, may be
141 * provided if you have one already available for use.
142 * @param string $quotaProject specifies a project to bill for access
143 * charges associated with the request.
144 * @param string|string[] $defaultScope The default scope to use if no
145 * user-defined scopes exist, expressed either as an Array or as a
146 * space-delimited string.
147 * @param string $universeDomain Specifies a universe domain to use for the
148 * calling client library
149 *
150 * @return FetchAuthTokenInterface
151 * @throws DomainException if no implementation can be obtained.
152 */
153 public static function getCredentials(
154 $scope = null,
155 ?callable $httpHandler = null,
156 ?array $cacheConfig = null,
157 ?CacheItemPoolInterface $cache = null,
158 $quotaProject = null,
159 $defaultScope = null,
160 ?string $universeDomain = null
161 ) {
162 $creds = null;
163 $jsonKey = CredentialsLoader::fromEnv()
164 ?: CredentialsLoader::fromWellKnownFile();
165 $anyScope = $scope ?: $defaultScope;
166
167 if (!$httpHandler) {
168 if (!($client = HttpClientCache::getHttpClient())) {
169 $client = new Client();
170 HttpClientCache::setHttpClient($client);
171 }
172
173 $httpHandler = HttpHandlerFactory::build($client);
174 }
175
176 if (is_null($quotaProject)) {
177 // if a quota project isn't specified, try to get one from the env var
178 $quotaProject = CredentialsLoader::quotaProjectFromEnv();
179 }
180
181 if (!is_null($jsonKey)) {
182 if ($quotaProject) {
183 $jsonKey['quota_project_id'] = $quotaProject;
184 }
185 if ($universeDomain) {
186 $jsonKey['universe_domain'] = $universeDomain;
187 }
188 $creds = CredentialsLoader::makeCredentials(
189 $scope,
190 $jsonKey,
191 $defaultScope
192 );
193 } elseif (AppIdentityCredentials::onAppEngine() && !GCECredentials::onAppEngineFlexible()) {
194 $creds = new AppIdentityCredentials($anyScope);
195 } elseif (self::onGce($httpHandler, $cacheConfig, $cache)) {
196 $creds = new GCECredentials(null, $anyScope, null, $quotaProject, null, $universeDomain);
197 $creds->setIsOnGce(true); // save the credentials a trip to the metadata server
198 }
199
200 if (is_null($creds)) {
201 throw new DomainException(self::notFound());
202 }
203 if (!is_null($cache)) {
204 $creds = new FetchAuthTokenCache($creds, $cacheConfig, $cache);
205 }
206 return $creds;
207 }
208
209 /**
210 * Obtains an AuthTokenMiddleware which will fetch an ID token to use in the
211 * Authorization header. The middleware is configured with the default
212 * FetchAuthTokenInterface implementation to use in this environment.
213 *
214 * If supplied, $targetAudience is used to set the "aud" on the resulting
215 * ID token.
216 *
217 * @param string $targetAudience The audience for the ID token.
218 * @param callable $httpHandler callback which delivers psr7 request
219 * @param array<mixed> $cacheConfig configuration for the cache when it's present
220 * @param CacheItemPoolInterface $cache A cache implementation, may be
221 * provided if you have one already available for use.
222 * @return AuthTokenMiddleware
223 * @throws DomainException if no implementation can be obtained.
224 */
225 public static function getIdTokenMiddleware(
226 $targetAudience,
227 ?callable $httpHandler = null,
228 ?array $cacheConfig = null,
229 ?CacheItemPoolInterface $cache = null
230 ) {
231 $creds = self::getIdTokenCredentials($targetAudience, $httpHandler, $cacheConfig, $cache);
232
233 return new AuthTokenMiddleware($creds, $httpHandler);
234 }
235
236 /**
237 * Obtains an ProxyAuthTokenMiddleware which will fetch an ID token to use in the
238 * Authorization header. The middleware is configured with the default
239 * FetchAuthTokenInterface implementation to use in this environment.
240 *
241 * If supplied, $targetAudience is used to set the "aud" on the resulting
242 * ID token.
243 *
244 * @param string $targetAudience The audience for the ID token.
245 * @param callable $httpHandler callback which delivers psr7 request
246 * @param array<mixed> $cacheConfig configuration for the cache when it's present
247 * @param CacheItemPoolInterface $cache A cache implementation, may be
248 * provided if you have one already available for use.
249 * @return ProxyAuthTokenMiddleware
250 * @throws DomainException if no implementation can be obtained.
251 */
252 public static function getProxyIdTokenMiddleware(
253 $targetAudience,
254 ?callable $httpHandler = null,
255 ?array $cacheConfig = null,
256 ?CacheItemPoolInterface $cache = null
257 ) {
258 $creds = self::getIdTokenCredentials($targetAudience, $httpHandler, $cacheConfig, $cache);
259
260 return new ProxyAuthTokenMiddleware($creds, $httpHandler);
261 }
262
263 /**
264 * Obtains the default FetchAuthTokenInterface implementation to use
265 * in this environment, configured with a $targetAudience for fetching an ID
266 * token.
267 *
268 * @param string $targetAudience The audience for the ID token.
269 * @param callable $httpHandler callback which delivers psr7 request
270 * @param array<mixed> $cacheConfig configuration for the cache when it's present
271 * @param CacheItemPoolInterface $cache A cache implementation, may be
272 * provided if you have one already available for use.
273 * @return FetchAuthTokenInterface
274 * @throws DomainException if no implementation can be obtained.
275 * @throws InvalidArgumentException if JSON "type" key is invalid
276 */
277 public static function getIdTokenCredentials(
278 $targetAudience,
279 ?callable $httpHandler = null,
280 ?array $cacheConfig = null,
281 ?CacheItemPoolInterface $cache = null
282 ) {
283 $creds = null;
284 $jsonKey = CredentialsLoader::fromEnv()
285 ?: CredentialsLoader::fromWellKnownFile();
286
287 if (!$httpHandler) {
288 if (!($client = HttpClientCache::getHttpClient())) {
289 $client = new Client();
290 HttpClientCache::setHttpClient($client);
291 }
292
293 $httpHandler = HttpHandlerFactory::build($client);
294 }
295
296 if (!is_null($jsonKey)) {
297 if (!array_key_exists('type', $jsonKey)) {
298 throw new \InvalidArgumentException('json key is missing the type field');
299 }
300
301 if ($jsonKey['type'] == 'authorized_user') {
302 throw new InvalidArgumentException('ID tokens are not supported for end user credentials');
303 }
304
305 if ($jsonKey['type'] != 'service_account') {
306 throw new InvalidArgumentException('invalid value in the type field');
307 }
308
309 $creds = new ServiceAccountCredentials(null, $jsonKey, null, $targetAudience);
310 } elseif (self::onGce($httpHandler, $cacheConfig, $cache)) {
311 $creds = new GCECredentials(null, null, $targetAudience);
312 $creds->setIsOnGce(true); // save the credentials a trip to the metadata server
313 }
314
315 if (is_null($creds)) {
316 throw new DomainException(self::notFound());
317 }
318 if (!is_null($cache)) {
319 $creds = new FetchAuthTokenCache($creds, $cacheConfig, $cache);
320 }
321 return $creds;
322 }
323
324 /**
325 * @return string
326 */
327 private static function notFound()
328 {
329 $msg = 'Your default credentials were not found. To set up ';
330 $msg .= 'Application Default Credentials, see ';
331 $msg .= 'https://cloud.google.com/docs/authentication/external/set-up-adc';
332
333 return $msg;
334 }
335
336 /**
337 * @param callable $httpHandler
338 * @param array<mixed> $cacheConfig
339 * @param CacheItemPoolInterface $cache
340 * @return bool
341 */
342 private static function onGce(
343 ?callable $httpHandler = null,
344 ?array $cacheConfig = null,
345 ?CacheItemPoolInterface $cache = null
346 ) {
347 $gceCacheConfig = [];
348 foreach (['lifetime', 'prefix'] as $key) {
349 if (isset($cacheConfig['gce_' . $key])) {
350 $gceCacheConfig[$key] = $cacheConfig['gce_' . $key];
351 }
352 }
353
354 return (new GCECache($gceCacheConfig, $cache))->onGce($httpHandler);
355 }
356 }
357