PluginProbe ʕ •ᴥ•ʔ
SEOPress – AI SEO Plugin & On-site SEO / 9.3.0.3
SEOPress – AI SEO Plugin & On-site SEO v9.3.0.3
10.0 9.9.2 9.9.1 9.9 9.8.5 9.8.4 9.8.3 9.8.2 9.8.1 trunk 7.0 7.0.1 7.0.2 7.0.3 7.1 7.1.1 7.1.2 7.2 7.3 7.3.1 7.3.2 7.4 7.5 7.5.0.1 7.5.0.2 7.5.0.3 7.5.1 7.5.2 7.5.2.1 7.6 7.6.1 7.7 7.7.1 7.7.2 7.8 7.9 7.9.1 7.9.2 8.0 8.0.1 8.1 8.1.1 8.2 8.3 8.3.1 8.4 8.4.1 8.5 8.5.0.2 8.5.1 8.5.1.1 8.6 8.6.1 8.7 8.7.0.1 8.7.0.2 8.8 8.8.1 8.9 8.9.0.1 8.9.0.2 9.0 9.0.1 9.1 9.2 9.3 9.3.0.1 9.3.0.2 9.3.0.3 9.3.0.4 9.4 9.4.1 9.5 9.6 9.7 9.7.1 9.7.2 9.7.3 9.7.4 9.8
wp-seopress / vendor / google / auth / README.md
wp-seopress / vendor / google / auth Last commit date
src 7 months ago COPYING 7 months ago LICENSE 7 months ago README.md 7 months ago SECURITY.md 7 months ago VERSION 7 months ago autoload.php 7 months ago composer.json 7 months ago
README.md
310 lines
1 # Google Auth Library for PHP
2
3 <dl>
4 <dt>Homepage</dt><dd><a href="http://www.github.com/google/google-auth-library-php">http://www.github.com/google/google-auth-library-php</a></dd>
5 <dt>Reference Docs</dt><dd><a href="https://googleapis.github.io/google-auth-library-php/main/">https://googleapis.github.io/google-auth-library-php/main/</a></dd>
6 <dt>Authors</dt>
7 <dd><a href="mailto:temiola@google.com">Tim Emiola</a></dd>
8 <dd><a href="mailto:stanleycheung@google.com">Stanley Cheung</a></dd>
9 <dd><a href="mailto:betterbrent@google.com">Brent Shaffer</a></dd>
10 <dt>Copyright</dt><dd>Copyright © 2015 Google, Inc.</dd>
11 <dt>License</dt><dd>Apache 2.0</dd>
12 </dl>
13
14 ## Description
15
16 This is Google's officially supported PHP client library for using OAuth 2.0
17 authorization and authentication with Google APIs.
18
19 ### Installing via Composer
20
21 The recommended way to install the google auth library is through
22 [](http://getcomposer.orgComposer](http://getcomposer.org](http://getcomposer.org).
23
24 ```bash
25 # Install Composer
26 curl -sS https://getcomposer.org/installer | php
27 ```
28
29 Next, run the Composer command to install the latest stable version:
30
31 ```bash
32 composer.phar require google/auth
33 ```
34
35 ## Application Default Credentials
36
37 This library provides an implementation of
38 [Application Default Credentials (ADC)][application default credentials] for PHP.
39
40 Application Default Credentials provides a simple way to get authorization
41 credentials for use in calling Google APIs, and is
42 the recommended approach to authorize calls to Cloud APIs.
43
44 ### Set up ADC
45
46 To use ADC, you must set it up by providing credentials.
47 How you set up ADC depends on the environment where your code is running,
48 and whether you are running code in a test or production environment.
49
50 For more information, see [Set up Application Default Credentials][set-up-adc].
51
52 ### Enable the API you want to use
53
54 Before making your API call, you must be sure the API you're calling has been
55 enabled. Go to **APIs & Auth** > **APIs** in the
56 [Google Developers Console][developer console] and enable the APIs you'd like to
57 call. For the example below, you must enable the `Drive API`.
58
59 ### Call the APIs
60
61 As long as you update the environment variable below to point to *your* JSON
62 credentials file, the following code should output a list of your Drive files.
63
64 ```php
65 use Google\Auth\ApplicationDefaultCredentials;
66 use GuzzleHttp\Client;
67 use GuzzleHttp\HandlerStack;
68
69 // specify the path to your application credentials
70 putenv('GOOGLE_APPLICATION_CREDENTIALS=/path/to/my/credentials.json');
71
72 // define the scopes for your API call
73 $scopes = ['https://www.googleapis.com/auth/drive.readonly'];
74
75 // create middleware
76 $middleware = ApplicationDefaultCredentials::getMiddleware($scopes);
77 $stack = HandlerStack::create();
78 $stack->push($middleware);
79
80 // create the HTTP client
81 $client = new Client([
82 'handler' => $stack,
83 'base_uri' => 'https://www.googleapis.com',
84 'auth' => 'google_auth' // authorize all requests
85 ]);
86
87 // make the request
88 $response = $client->get('drive/v2/files');
89
90 // show the result!
91 print_r((string) $response->getBody());
92 ```
93
94 ##### Guzzle 5 Compatibility
95
96 If you are using [Guzzle 5][Guzzle 5], replace the `create middleware` and
97 `create the HTTP Client` steps with the following:
98
99 ```php
100 // create the HTTP client
101 $client = new Client([
102 'base_url' => 'https://www.googleapis.com',
103 'auth' => 'google_auth' // authorize all requests
104 ]);
105
106 // create subscriber
107 $subscriber = ApplicationDefaultCredentials::getSubscriber($scopes);
108 $client->getEmitter()->attach($subscriber);
109 ```
110
111 #### Call using an ID Token
112 If your application is running behind Cloud Run, or using Cloud Identity-Aware
113 Proxy (IAP), you will need to fetch an ID token to access your application. For
114 this, use the static method `getIdTokenMiddleware` on
115 `ApplicationDefaultCredentials`.
116
117 ```php
118 use Google\Auth\ApplicationDefaultCredentials;
119 use GuzzleHttp\Client;
120 use GuzzleHttp\HandlerStack;
121
122 // specify the path to your application credentials
123 putenv('GOOGLE_APPLICATION_CREDENTIALS=/path/to/my/credentials.json');
124
125 // Provide the ID token audience. This can be a Client ID associated with an IAP application,
126 // Or the URL associated with a CloudRun App
127 // $targetAudience = 'IAP_CLIENT_ID.apps.googleusercontent.com';
128 // $targetAudience = 'https://service-1234-uc.a.run.app';
129 $targetAudience = 'YOUR_ID_TOKEN_AUDIENCE';
130
131 // create middleware
132 $middleware = ApplicationDefaultCredentials::getIdTokenMiddleware($targetAudience);
133 $stack = HandlerStack::create();
134 $stack->push($middleware);
135
136 // create the HTTP client
137 $client = new Client([
138 'handler' => $stack,
139 'auth' => 'google_auth',
140 // Cloud Run, IAP, or custom resource URL
141 'base_uri' => 'https://YOUR_PROTECTED_RESOURCE',
142 ]);
143
144 // make the request
145 $response = $client->get('/');
146
147 // show the result!
148 print_r((string) $response->getBody());
149 ```
150
151 For invoking Cloud Run services, your service account will need the
152 [](https://cloud.google.com/run/docs/authenticating/service-to-service`Cloud Run Invoker`](https://cloud.google.com/run/docs/authenticating/service-to-service](https://cloud.google.com/run/docs/authenticating/service-to-service)
153 IAM permission.
154
155 For invoking Cloud Identity-Aware Proxy, you will need to pass the Client ID
156 used when you set up your protected resource as the target audience. See how to
157 [](https://cloud.google.com/iap/docs/signed-headers-howtosecure your IAP app with signed headers](https://cloud.google.com/iap/docs/signed-headers-howto](https://cloud.google.com/iap/docs/signed-headers-howto).
158
159 #### Call using a specific JSON key
160 If you want to use a specific JSON key instead of using `GOOGLE_APPLICATION_CREDENTIALS` environment variable, you can
161 do this:
162
163 ```php
164 use Google\Auth\CredentialsLoader;
165 use Google\Auth\Middleware\AuthTokenMiddleware;
166 use GuzzleHttp\Client;
167 use GuzzleHttp\HandlerStack;
168
169 // Define the Google Application Credentials array
170 $jsonKey = ['key' => 'value'];
171
172 // define the scopes for your API call
173 $scopes = ['https://www.googleapis.com/auth/drive.readonly'];
174
175 // Load credentials
176 $creds = CredentialsLoader::makeCredentials($scopes, $jsonKey);
177
178 // optional caching
179 // $creds = new FetchAuthTokenCache($creds, $cacheConfig, $cache);
180
181 // create middleware
182 $middleware = new AuthTokenMiddleware($creds);
183 $stack = HandlerStack::create();
184 $stack->push($middleware);
185
186 // create the HTTP client
187 $client = new Client([
188 'handler' => $stack,
189 'base_uri' => 'https://www.googleapis.com',
190 'auth' => 'google_auth' // authorize all requests
191 ]);
192
193 // make the request
194 $response = $client->get('drive/v2/files');
195
196 // show the result!
197 print_r((string) $response->getBody());
198
199 ```
200
201 #### Call using Proxy-Authorization Header
202 If your application is behind a proxy such as [Google Cloud IAP][iap-proxy-header],
203 and your application occupies the `Authorization` request header,
204 you can include the ID token in a `Proxy-Authorization: Bearer`
205 header instead. If a valid ID token is found in a `Proxy-Authorization` header,
206 IAP authorizes the request with it. After authorizing the request, IAP passes
207 the Authorization header to your application without processing the content.
208 For this, use the static method `getProxyIdTokenMiddleware` on
209 `ApplicationDefaultCredentials`.
210
211 ```php
212 use Google\Auth\ApplicationDefaultCredentials;
213 use GuzzleHttp\Client;
214 use GuzzleHttp\HandlerStack;
215
216 // specify the path to your application credentials
217 putenv('GOOGLE_APPLICATION_CREDENTIALS=/path/to/my/credentials.json');
218
219 // Provide the ID token audience. This can be a Client ID associated with an IAP application
220 // $targetAudience = 'IAP_CLIENT_ID.apps.googleusercontent.com';
221 $targetAudience = 'YOUR_ID_TOKEN_AUDIENCE';
222
223 // create middleware
224 $middleware = ApplicationDefaultCredentials::getProxyIdTokenMiddleware($targetAudience);
225 $stack = HandlerStack::create();
226 $stack->push($middleware);
227
228 // create the HTTP client
229 $client = new Client([
230 'handler' => $stack,
231 'auth' => ['username', 'pass'], // auth option handled by your application
232 'proxy_auth' => 'google_auth',
233 ]);
234
235 // make the request
236 $response = $client->get('/');
237
238 // show the result!
239 print_r((string) $response->getBody());
240 ```
241
242 [iap-proxy-header]: https://cloud.google.com/iap/docs/authentication-howto#authenticating_from_proxy-authorization_header
243
244 #### External credentials (Workload identity federation)
245
246 Using workload identity federation, your application can access Google Cloud resources from Amazon Web Services (AWS),
247 Microsoft Azure or any identity provider that supports OpenID Connect (OIDC).
248
249 Traditionally, applications running outside Google Cloud have used service account keys to access Google Cloud
250 resources. Using identity federation, you can allow your workload to impersonate a service account. This lets you access
251 Google Cloud resources directly, eliminating the maintenance and security burden associated with service account keys.
252
253 Follow the detailed instructions on how to
254 [](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-cloudsConfigure Workload Identity Federation](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-clouds](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-clouds).
255
256 #### Verifying JWTs
257
258 If you are [using Google ID tokens to authenticate users][google-id-tokens], use
259 the `Google\Auth\AccessToken` class to verify the ID token:
260
261 ```php
262 use Google\Auth\AccessToken;
263
264 $auth = new AccessToken();
265 $auth->verify($idToken);
266 ```
267
268 If your app is running behind [Google Identity-Aware Proxy][iap-id-tokens]
269 (IAP), you can verify the ID token coming from the IAP server by pointing to the
270 appropriate certificate URL for IAP. This is because IAP signs the ID
271 tokens with a different key than the Google Identity service:
272
273 ```php
274 use Google\Auth\AccessToken;
275
276 $auth = new AccessToken();
277 $auth->verify($idToken, [
278 'certsLocation' => AccessToken::IAP_CERT_URL
279 ]);
280 ```
281
282 [google-id-tokens]: https://developers.google.com/identity/sign-in/web/backend-auth
283 [iap-id-tokens]: https://cloud.google.com/iap/docs/signed-headers-howto
284
285 ## License
286
287 This library is licensed under Apache 2.0. Full license text is
288 available in [COPYING][copying].
289
290 ## Contributing
291
292 See [CONTRIBUTING][contributing].
293
294 ## Support
295
296 Please
297 [](https://github.com/google/google-auth-library-php/issuesreport bugs at the project on Github](https://github.com/google/google-auth-library-php/issues](https://github.com/google/google-auth-library-php/issues). Don't
298 hesitate to
299 [](http://stackoverflow.com/questions/tagged/google-auth-library-phpask questions](http://stackoverflow.com/questions/tagged/google-auth-library-php](http://stackoverflow.com/questions/tagged/google-auth-library-php)
300 about the client or APIs on [](http://stackoverflow.comStackOverflow](http://stackoverflow.com](http://stackoverflow.com).
301
302 [google-apis-php-client]: https://github.com/google/google-api-php-client
303 [application default credentials]: https://cloud.google.com/docs/authentication/application-default-credentials
304 [contributing]: https://github.com/google/google-auth-library-php/tree/main/.github/CONTRIBUTING.md
305 [copying]: https://github.com/google/google-auth-library-php/tree/main/COPYING
306 [Guzzle]: https://github.com/guzzle/guzzle
307 [Guzzle 5]: http://docs.guzzlephp.org/en/5.3
308 [developer console]: https://console.developers.google.com
309 [set-up-adc]: https://cloud.google.com/docs/authentication/provide-credentials-adc
310