lars/accred
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Caribana
2017-05-26 11:41:26 +02:00
commit 61c24500af
6264 changed files with 645934 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

173
vendor/google/auth/src/ApplicationDefaultCredentials.php vendored Normal file
View File

@@ -0,0 +1,173 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth;
use DomainException;
use Google\Auth\Credentials\AppIdentityCredentials;
use Google\Auth\Credentials\GCECredentials;
use Google\Auth\Middleware\AuthTokenMiddleware;
use Google\Auth\Subscriber\AuthTokenSubscriber;
use Psr\Cache\CacheItemPoolInterface;
/**
* ApplicationDefaultCredentials obtains the default credentials for
* authorizing a request to a Google service.
*
* Application Default Credentials are described here:
* https://developers.google.com/accounts/docs/application-default-credentials
*
* This class implements the search for the application default credentials as
* described in the link.
*
* It provides three factory methods:
* - #get returns the computed credentials object
* - #getSubscriber returns an AuthTokenSubscriber built from the credentials object
* - #getMiddleware returns an AuthTokenMiddleware built from the credentials object
*
* This allows it to be used as follows with GuzzleHttp\Client:
*
* use Google\Auth\ApplicationDefaultCredentials;
* use GuzzleHttp\Client;
* use GuzzleHttp\HandlerStack;
*
* $middleware = ApplicationDefaultCredentials::getMiddleware(
* 'https://www.googleapis.com/auth/taskqueue'
* );
* $stack = HandlerStack::create();
* $stack->push($middleware);
*
* $client = new Client([
* 'handler' => $stack,
* 'base_uri' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/',
* 'auth' => 'google_auth' // authorize all requests
* ]);
*
* $res = $client->get('myproject/taskqueues/myqueue');
*/
class ApplicationDefaultCredentials
{
/**
* Obtains an AuthTokenSubscriber that uses the default FetchAuthTokenInterface
* implementation to use in this environment.
*
* If supplied, $scope is used to in creating the credentials instance if
* this does not fallback to the compute engine defaults.
*
* @param string|array scope the scope of the access request, expressed
* either as an Array or as a space-delimited String.
* @param callable $httpHandler callback which delivers psr7 request
* @param array $cacheConfig configuration for the cache when it's present
* @param CacheItemPoolInterface $cache an implementation of CacheItemPoolInterface
*
* @return AuthTokenSubscriber
*
* @throws DomainException if no implementation can be obtained.
*/
public static function getSubscriber(
$scope = null,
callable $httpHandler = null,
array $cacheConfig = null,
CacheItemPoolInterface $cache = null
) {
$creds = self::getCredentials($scope, $httpHandler, $cacheConfig, $cache);
return new AuthTokenSubscriber($creds, $cacheConfig);
}
/**
* Obtains an AuthTokenMiddleware that uses the default FetchAuthTokenInterface
* implementation to use in this environment.
*
* If supplied, $scope is used to in creating the credentials instance if
* this does not fallback to the compute engine defaults.
*
* @param string|array scope the scope of the access request, expressed
* either as an Array or as a space-delimited String.
* @param callable $httpHandler callback which delivers psr7 request
* @param array $cacheConfig configuration for the cache when it's present
* @param CacheItemPoolInterface $cache
*
* @return AuthTokenMiddleware
*
* @throws DomainException if no implementation can be obtained.
*/
public static function getMiddleware(
$scope = null,
callable $httpHandler = null,
array $cacheConfig = null,
CacheItemPoolInterface $cache = null
) {
$creds = self::getCredentials($scope, $httpHandler, $cacheConfig, $cache);
return new AuthTokenMiddleware($creds, $cacheConfig);
}
/**
* Obtains the default FetchAuthTokenInterface implementation to use
* in this environment.
*
* If supplied, $scope is used to in creating the credentials instance if
* this does not fallback to the Compute Engine defaults.
*
* @param string|array scope the scope of the access request, expressed
* either as an Array or as a space-delimited String.
* @param callable $httpHandler callback which delivers psr7 request
* @param array $cacheConfig configuration for the cache when it's present
* @param CacheItemPoolInterface $cache
*
* @return CredentialsLoader
*
* @throws DomainException if no implementation can be obtained.
*/
public static function getCredentials(
$scope = null,
callable $httpHandler = null,
array $cacheConfig = null,
CacheItemPoolInterface $cache = null
) {
$creds = null;
$jsonKey = CredentialsLoader::fromEnv()
?: CredentialsLoader::fromWellKnownFile();
if (!is_null($jsonKey)) {
$creds = CredentialsLoader::makeCredentials($scope, $jsonKey);
} elseif (AppIdentityCredentials::onAppEngine() && !GCECredentials::onAppEngineFlexible()) {
$creds = new AppIdentityCredentials($scope);
} elseif (GCECredentials::onGce($httpHandler)) {
$creds = new GCECredentials();
}
if (is_null($creds)) {
throw new \DomainException(self::notFound());
}
if (!is_null($cache)) {
$creds = new FetchAuthTokenCache($creds, $cacheConfig, $cache);
}
return $creds;
}
private static function notFound()
{
$msg = 'Could not load the default credentials. Browse to ';
$msg .= 'https://developers.google.com';
$msg .= '/accounts/docs/application-default-credentials';
$msg .= ' for more information';
return $msg;
}
}

24
vendor/google/auth/src/Cache/InvalidArgumentException.php vendored Normal file
View File

@@ -0,0 +1,24 @@
<?php
/*
* Copyright 2016 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Cache;
use Psr\Cache\InvalidArgumentException as PsrInvalidArgumentException;
class InvalidArgumentException extends \InvalidArgumentException implements PsrInvalidArgumentException
{
}

185
vendor/google/auth/src/Cache/Item.php vendored Normal file
View File

@@ -0,0 +1,185 @@
<?php
/*
* Copyright 2016 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Cache;
use Psr\Cache\CacheItemInterface;
/**
* A cache item.
*/
final class Item implements CacheItemInterface
{
/**
* @var string
*/
private $key;
/**
* @var mixed
*/
private $value;
/**
* @var \DateTime
*/
private $expiration;
/**
* @var bool
*/
private $isHit = false;
/**
* @param string $key
*/
public function __construct($key)
{
$this->key = $key;
}
/**
* {@inheritdoc}
*/
public function getKey()
{
return $this->key;
}
/**
* {@inheritdoc}
*/
public function get()
{
return $this->isHit() ? $this->value : null;
}
/**
* {@inheritdoc}
*/
public function isHit()
{
if (!$this->isHit) {
return false;
}
if ($this->expiration === null) {
return true;
}
return new \DateTime() < $this->expiration;
}
/**
* {@inheritdoc}
*/
public function set($value)
{
$this->isHit = true;
$this->value = $value;
return $this;
}
/**
* {@inheritdoc}
*/
public function expiresAt($expiration)
{
if ($this->isValidExpiration($expiration)) {
$this->expiration = $expiration;
return $this;
}
$implementationMessage = interface_exists('DateTimeInterface')
? 'implement interface DateTimeInterface'
: 'be an instance of DateTime';
$error = sprintf(
'Argument 1 passed to %s::expiresAt() must %s, %s given',
get_class($this),
$implementationMessage,
gettype($expiration)
);
$this->handleError($error);
}
/**
* {@inheritdoc}
*/
public function expiresAfter($time)
{
if (is_int($time)) {
$this->expiration = new \DateTime("now + $time seconds");
} elseif ($time instanceof \DateInterval) {
$this->expiration = (new \DateTime())->add($time);
} elseif ($time === null) {
$this->expiration = $time;
} else {
$message = 'Argument 1 passed to %s::expiresAfter() must be an ' .
'instance of DateInterval or of the type integer, %s given';
$error = sprintf($message, get_class($this), gettype($expiration));
$this->handleError($error);
}
return $this;
}
/**
* Handles an error.
*
* @param string $error
* @throws \TypeError
*/
private function handleError($error)
{
if (class_exists('TypeError')) {
throw new \TypeError($error);
}
trigger_error($error, E_USER_ERROR);
}
/**
* Determines if an expiration is valid based on the rules defined by PSR6.
*
* @param mixed $expiration
* @return bool
*/
private function isValidExpiration($expiration)
{
if ($expiration === null) {
return true;
}
// We test for two types here due to the fact the DateTimeInterface
// was not introduced until PHP 5.5. Checking for the DateTime type as
// well allows us to support 5.4.
if ($expiration instanceof \DateTimeInterface) {
return true;
}
if ($expiration instanceof \DateTime) {
return true;
}
return false;
}
}

155
vendor/google/auth/src/Cache/MemoryCacheItemPool.php vendored Normal file
View File

@@ -0,0 +1,155 @@
<?php
/*
* Copyright 2016 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Cache;
use Psr\Cache\CacheItemInterface;
use Psr\Cache\CacheItemPoolInterface;
/**
* Simple in-memory cache implementation.
*/
final class MemoryCacheItemPool implements CacheItemPoolInterface
{
/**
* @var CacheItemInterface[]
*/
private $items;
/**
* @var CacheItemInterface[]
*/
private $deferredItems;
/**
* {@inheritdoc}
*/
public function getItem($key)
{
return current($this->getItems([$key]));
}
/**
* {@inheritdoc}
*/
public function getItems(array $keys = [])
{
$items = [];
foreach ($keys as $key) {
$this->isValidKey($key);
$items[$key] = $this->hasItem($key) ? clone $this->items[$key] : new Item($key);
}
return $items;
}
/**
* {@inheritdoc}
*/
public function hasItem($key)
{
$this->isValidKey($key);
return isset($this->items[$key]) && $this->items[$key]->isHit();
}
/**
* {@inheritdoc}
*/
public function clear()
{
$this->items = [];
$this->deferred = [];
return true;
}
/**
* {@inheritdoc}
*/
public function deleteItem($key)
{
return $this->deleteItems([$key]);
}
/**
* {@inheritdoc}
*/
public function deleteItems(array $keys)
{
array_walk($keys, [$this, 'isValidKey']);
foreach ($keys as $key) {
unset($this->items[$key]);
}
return true;
}
/**
* {@inheritdoc}
*/
public function save(CacheItemInterface $item)
{
$this->items[$item->getKey()] = $item;
return true;
}
/**
* {@inheritdoc}
*/
public function saveDeferred(CacheItemInterface $item)
{
$this->deferredItems[$item->getKey()] = $item;
return true;
}
/**
* {@inheritdoc}
*/
public function commit()
{
foreach ($this->deferredItems as $item) {
$this->save($item);
}
$this->deferredItems = [];
return true;
}
/**
* Determines if the provided key is valid.
*
* @param string $key
* @return bool
* @throws InvalidArgumentException
*/
private function isValidKey($key)
{
$invalidCharacters = '{}()/\\\\@:';
if (!is_string($key) || preg_match("#[$invalidCharacters]#", $key)) {
throw new InvalidArgumentException('The provided key is not valid: ' . var_export($key, true));
}
return true;
}
}

72
vendor/google/auth/src/CacheTrait.php vendored Normal file
View File

@@ -0,0 +1,72 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth;
trait CacheTrait
{
/**
* Gets the cached value if it is present in the cache when that is
* available.
*/
private function getCachedValue($k)
{
if (is_null($this->cache)) {
return;
}
$key = $this->getFullCacheKey($k);
if (is_null($key)) {
return;
}
$cacheItem = $this->cache->getItem($key);
return $cacheItem->get();
}
/**
* Saves the value in the cache when that is available.
*/
private function setCachedValue($k, $v)
{
if (is_null($this->cache)) {
return;
}
$key = $this->getFullCacheKey($k);
if (is_null($key)) {
return;
}
$cacheItem = $this->cache->getItem($key);
$cacheItem->set($v);
$cacheItem->expiresAfter($this->cacheConfig['lifetime']);
return $this->cache->save($cacheItem);
}
private function getFullCacheKey($key)
{
if (is_null($key)) {
return;
}
$key = $this->cacheConfig['prefix'] . $key;
// ensure we do not have illegal characters
return preg_replace('|[^a-zA-Z0-9_\.!]|', '', $key);
}
}

149
vendor/google/auth/src/Credentials/AppIdentityCredentials.php vendored Normal file
View File

@@ -0,0 +1,149 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Credentials;
/*
* The AppIdentityService class is automatically defined on App Engine,
* so including this dependency is not necessary, and will result in a
* PHP fatal error in the App Engine environment.
*/
use google\appengine\api\app_identity\AppIdentityService;
use Google\Auth\CredentialsLoader;
/**
* AppIdentityCredentials supports authorization on Google App Engine.
*
* It can be used to authorize requests using the AuthTokenMiddleware or
* AuthTokenSubscriber, but will only succeed if being run on App Engine:
*
* use Google\Auth\Credentials\AppIdentityCredentials;
* use Google\Auth\Middleware\AuthTokenMiddleware;
* use GuzzleHttp\Client;
* use GuzzleHttp\HandlerStack;
*
* $gae = new AppIdentityCredentials('https://www.googleapis.com/auth/books');
* $middleware = new AuthTokenMiddleware($gae);
* $stack = HandlerStack::create();
* $stack->push($middleware);
*
* $client = new Client([
* 'handler' => $stack,
* 'base_uri' => 'https://www.googleapis.com/books/v1',
* 'auth' => 'google_auth'
* ]);
*
* $res = $client->get('volumes?q=Henry+David+Thoreau&country=US');
*/
class AppIdentityCredentials extends CredentialsLoader
{
/**
* Result of fetchAuthToken.
*
* @array
*/
protected $lastReceivedToken;
/**
* Array of OAuth2 scopes to be requested.
*/
private $scope;
public function __construct($scope = array())
{
$this->scope = $scope;
}
/**
* Determines if this an App Engine instance, by accessing the SERVER_SOFTWARE
* environment variable.
*
* @return true if this an App Engine Instance, false otherwise
*/
public static function onAppEngine()
{
return isset($_SERVER['SERVER_SOFTWARE']) &&
strpos($_SERVER['SERVER_SOFTWARE'], 'Google App Engine') !== false;
}
/**
* Implements FetchAuthTokenInterface#fetchAuthToken.
*
* Fetches the auth tokens using the AppIdentityService if available.
* As the AppIdentityService uses protobufs to fetch the access token,
* the GuzzleHttp\ClientInterface instance passed in will not be used.
*
* @param callable $httpHandler callback which delivers psr7 request
*
* @return array the auth metadata:
* array(2) {
* ["access_token"]=>
* string(3) "xyz"
* ["expiration_time"]=>
* string(10) "1444339905"
* }
*
* @throws \Exception
*/
public function fetchAuthToken(callable $httpHandler = null)
{
if (!self::onAppEngine()) {
return array();
}
if (!class_exists('google\appengine\api\app_identity\AppIdentityService')) {
throw new \Exception(
'This class must be run in App Engine, or you must include the AppIdentityService '
. 'mock class defined in tests/mocks/AppIdentityService.php'
);
}
// AppIdentityService expects an array when multiple scopes are supplied
$scope = is_array($this->scope) ? $this->scope : explode(' ', $this->scope);
$token = AppIdentityService::getAccessToken($scope);
$this->lastReceivedToken = $token;
return $token;
}
/**
* @return array|null
*/
public function getLastReceivedToken()
{
if ($this->lastReceivedToken) {
return [
'access_token' => $this->lastReceivedToken['access_token'],
'expires_at' => $this->lastReceivedToken['expiration_time'],
];
}
return null;
}
/**
* Caching is handled by the underlying AppIdentityService, return empty string
* to prevent caching.
*
* @return string
*/
public function getCacheKey()
{
return '';
}
}

219
vendor/google/auth/src/Credentials/GCECredentials.php vendored Normal file
View File

@@ -0,0 +1,219 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Credentials;
use Google\Auth\CredentialsLoader;
use Google\Auth\HttpHandler\HttpHandlerFactory;
use GuzzleHttp\Exception\ClientException;
use GuzzleHttp\Exception\RequestException;
use GuzzleHttp\Exception\ServerException;
use GuzzleHttp\Psr7\Request;
/**
* GCECredentials supports authorization on Google Compute Engine.
*
* It can be used to authorize requests using the AuthTokenMiddleware, but will
* only succeed if being run on GCE:
*
* use Google\Auth\Credentials\GCECredentials;
* use Google\Auth\Middleware\AuthTokenMiddleware;
* use GuzzleHttp\Client;
* use GuzzleHttp\HandlerStack;
*
* $gce = new GCECredentials();
* $middleware = new AuthTokenMiddleware($gce);
* $stack = HandlerStack::create();
* $stack->push($middleware);
*
* $client = new Client([
* 'handler' => $stack,
* 'base_uri' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/',
* 'auth' => 'google_auth'
* ]);
*
* $res = $client->get('myproject/taskqueues/myqueue');
*/
class GCECredentials extends CredentialsLoader
{
const cacheKey = 'GOOGLE_AUTH_PHP_GCE';
/**
* The metadata IP address on appengine instances.
*
* The IP is used instead of the domain 'metadata' to avoid slow responses
* when not on Compute Engine.
*/
const METADATA_IP = '169.254.169.254';
/**
* The metadata path of the default token.
*/
const TOKEN_URI_PATH = 'v1/instance/service-accounts/default/token';
/**
* The header whose presence indicates GCE presence.
*/
const FLAVOR_HEADER = 'Metadata-Flavor';
/**
* Flag used to ensure that the onGCE test is only done once;.
*
* @var bool
*/
private $hasCheckedOnGce = false;
/**
* Flag that stores the value of the onGCE check.
*
* @var bool
*/
private $isOnGce = false;
/**
* Result of fetchAuthToken.
*/
protected $lastReceivedToken;
/**
* The full uri for accessing the default token.
*
* @return string
*/
public static function getTokenUri()
{
$base = 'http://' . self::METADATA_IP . '/computeMetadata/';
return $base . self::TOKEN_URI_PATH;
}
/**
* Determines if this an App Engine Flexible instance, by accessing the
* GAE_VM environment variable.
*
* @return true if this an App Engine Flexible Instance, false otherwise
*/
public static function onAppEngineFlexible()
{
return isset($_SERVER['GAE_VM']) && 'true' === $_SERVER['GAE_VM'];
}
/**
* Determines if this a GCE instance, by accessing the expected metadata
* host.
* If $httpHandler is not specified a the default HttpHandler is used.
*
* @param callable $httpHandler callback which delivers psr7 request
*
* @return true if this a GCEInstance false otherwise
*/
public static function onGce(callable $httpHandler = null)
{
if (is_null($httpHandler)) {
$httpHandler = HttpHandlerFactory::build();
}
$checkUri = 'http://' . self::METADATA_IP;
try {
// Comment from: oauth2client/client.py
//
// Note: the explicit `timeout` below is a workaround. The underlying
// issue is that resolving an unknown host on some networks will take
// 20-30 seconds; making this timeout short fixes the issue, but
// could lead to false negatives in the event that we are on GCE, but
// the metadata resolution was particularly slow. The latter case is
// "unlikely".
$resp = $httpHandler(
new Request('GET', $checkUri),
['timeout' => 0.3]
);
return $resp->getHeaderLine(self::FLAVOR_HEADER) == 'Google';
} catch (ClientException $e) {
return false;
} catch (ServerException $e) {
return false;
} catch (RequestException $e) {
return false;
}
}
/**
* Implements FetchAuthTokenInterface#fetchAuthToken.
*
* Fetches the auth tokens from the GCE metadata host if it is available.
* If $httpHandler is not specified a the default HttpHandler is used.
*
* @param callable $httpHandler callback which delivers psr7 request
*
* @return array the response
*
* @throws \Exception
*/
public function fetchAuthToken(callable $httpHandler = null)
{
if (is_null($httpHandler)) {
$httpHandler = HttpHandlerFactory::build();
}
if (!$this->hasCheckedOnGce) {
$this->isOnGce = self::onGce($httpHandler);
}
if (!$this->isOnGce) {
return array(); // return an empty array with no access token
}
$resp = $httpHandler(
new Request(
'GET',
self::getTokenUri(),
[self::FLAVOR_HEADER => 'Google']
)
);
$body = (string)$resp->getBody();
// Assume it's JSON; if it's not throw an exception
if (null === $json = json_decode($body, true)) {
throw new \Exception('Invalid JSON response');
}
// store this so we can retrieve it later
$this->lastReceivedToken = $json;
$this->lastReceivedToken['expires_at'] = time() + $json['expires_in'];
return $json;
}
/**
* @return string
*/
public function getCacheKey()
{
return self::cacheKey;
}
/**
* @return array|null
*/
public function getLastReceivedToken()
{
if ($this->lastReceivedToken) {
return [
'access_token' => $this->lastReceivedToken['access_token'],
'expires_at' => $this->lastReceivedToken['expires_at'],
];
}
return null;
}
}

89
vendor/google/auth/src/Credentials/IAMCredentials.php vendored Normal file
View File

@@ -0,0 +1,89 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Credentials;
/**
* Authenticates requests using IAM credentials.
*/
class IAMCredentials
{
const SELECTOR_KEY = 'x-goog-iam-authority-selector';
const TOKEN_KEY = 'x-goog-iam-authorization-token';
/**
* @var string
*/
private $selector;
/**
* @var string
*/
private $token;
/**
* @param $selector string the IAM selector
* @param $token string the IAM token
*/
public function __construct($selector, $token)
{
if (!is_string($selector)) {
throw new \InvalidArgumentException(
'selector must be a string');
}
if (!is_string($token)) {
throw new \InvalidArgumentException(
'token must be a string');
}
$this->selector = $selector;
$this->token = $token;
}
/**
* export a callback function which updates runtime metadata.
*
* @return array updateMetadata function
*/
public function getUpdateMetadataFunc()
{
return array($this, 'updateMetadata');
}
/**
* Updates metadata with the appropriate header metadata.
*
* @param array $metadata metadata hashmap
* @param string $unusedAuthUri optional auth uri
* @param callable $httpHandler callback which delivers psr7 request
* Note: this param is unused here, only included here for
* consistency with other credentials class
*
* @return array updated metadata hashmap
*/
public function updateMetadata(
$metadata,
$unusedAuthUri = null,
callable $httpHandler = null
) {
$metadata_copy = $metadata;
$metadata_copy[self::SELECTOR_KEY] = $this->selector;
$metadata_copy[self::TOKEN_KEY] = $this->token;
return $metadata_copy;
}
}

177
vendor/google/auth/src/Credentials/ServiceAccountCredentials.php vendored Normal file
View File

@@ -0,0 +1,177 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Credentials;
use Google\Auth\CredentialsLoader;
use Google\Auth\OAuth2;
/**
* ServiceAccountCredentials supports authorization using a Google service
* account.
*
* (cf https://developers.google.com/accounts/docs/OAuth2ServiceAccount)
*
* It's initialized using the json key file that's downloadable from developer
* console, which should contain a private_key and client_email fields that it
* uses.
*
* Use it with AuthTokenMiddleware to authorize http requests:
*
* use Google\Auth\Credentials\ServiceAccountCredentials;
* use Google\Auth\Middleware\AuthTokenMiddleware;
* use GuzzleHttp\Client;
* use GuzzleHttp\HandlerStack;
*
* $sa = new ServiceAccountCredentials(
* 'https://www.googleapis.com/auth/taskqueue',
* '/path/to/your/json/key_file.json'
* );
* $middleware = new AuthTokenMiddleware($sa);
* $stack = HandlerStack::create();
* $stack->push($middleware);
*
* $client = new Client([
* 'handler' => $stack,
* 'base_uri' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/',
* 'auth' => 'google_auth' // authorize all requests
* ]);
*
* $res = $client->get('myproject/taskqueues/myqueue');
*/
class ServiceAccountCredentials extends CredentialsLoader
{
/**
* The OAuth2 instance used to conduct authorization.
*
* @var OAuth2
*/
protected $auth;
/**
* Create a new ServiceAccountCredentials.
*
* @param string|array $scope the scope of the access request, expressed
* either as an Array or as a space-delimited String.
* @param string|array $jsonKey JSON credential file path or JSON credentials
* as an associative array
* @param string $sub an email address account to impersonate, in situations when
* the service account has been delegated domain wide access.
*/
public function __construct(
$scope,
$jsonKey,
$sub = null
) {
if (is_string($jsonKey)) {
if (!file_exists($jsonKey)) {
throw new \InvalidArgumentException('file does not exist');
}
$jsonKeyStream = file_get_contents($jsonKey);
if (!$jsonKey = json_decode($jsonKeyStream, true)) {
throw new \LogicException('invalid json for auth config');
}
}
if (!array_key_exists('client_email', $jsonKey)) {
throw new \InvalidArgumentException(
'json key is missing the client_email field');
}
if (!array_key_exists('private_key', $jsonKey)) {
throw new \InvalidArgumentException(
'json key is missing the private_key field');
}
$this->auth = new OAuth2([
'audience' => self::TOKEN_CREDENTIAL_URI,
'issuer' => $jsonKey['client_email'],
'scope' => $scope,
'signingAlgorithm' => 'RS256',
'signingKey' => $jsonKey['private_key'],
'sub' => $sub,
'tokenCredentialUri' => self::TOKEN_CREDENTIAL_URI,
]);
}
/**
* @param callable $httpHandler
*
* @return array
*/
public function fetchAuthToken(callable $httpHandler = null)
{
return $this->auth->fetchAuthToken($httpHandler);
}
/**
* @return string
*/
public function getCacheKey()
{
$key = $this->auth->getIssuer() . ':' . $this->auth->getCacheKey();
if ($sub = $this->auth->getSub()) {
$key .= ':' . $sub;
}
return $key;
}
/**
* @return array
*/
public function getLastReceivedToken()
{
return $this->auth->getLastReceivedToken();
}
/**
* Updates metadata with the authorization token.
*
* @param array $metadata metadata hashmap
* @param string $authUri optional auth uri
* @param callable $httpHandler callback which delivers psr7 request
*
* @return array updated metadata hashmap
*/
public function updateMetadata(
$metadata,
$authUri = null,
callable $httpHandler = null
) {
// scope exists. use oauth implementation
$scope = $this->auth->getScope();
if (!is_null($scope)) {
return parent::updateMetadata($metadata, $authUri, $httpHandler);
}
// no scope found. create jwt with the auth uri
$credJson = array(
'private_key' => $this->auth->getSigningKey(),
'client_email' => $this->auth->getIssuer(),
);
$jwtCreds = new ServiceAccountJwtAccessCredentials($credJson);
return $jwtCreds->updateMetadata($metadata, $authUri, $httpHandler);
}
/**
* @param string $sub an email address account to impersonate, in situations when
* the service account has been delegated domain wide access.
*/
public function setSub($sub)
{
$this->auth->setSub($sub);
}
}

131
vendor/google/auth/src/Credentials/ServiceAccountJwtAccessCredentials.php vendored Normal file
View File

@@ -0,0 +1,131 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Credentials;
use Google\Auth\CredentialsLoader;
use Google\Auth\OAuth2;
/**
* Authenticates requests using Google's Service Account credentials via
* JWT Access.
*
* This class allows authorizing requests for service accounts directly
* from credentials from a json key file downloaded from the developer
* console (via 'Generate new Json Key'). It is not part of any OAuth2
* flow, rather it creates a JWT and sends that as a credential.
*/
class ServiceAccountJwtAccessCredentials extends CredentialsLoader
{
/**
* The OAuth2 instance used to conduct authorization.
*
* @var OAuth2
*/
protected $auth;
/**
* Create a new ServiceAccountJwtAccessCredentials.
*
* @param string|array $jsonKey JSON credential file path or JSON credentials
* as an associative array
*/
public function __construct($jsonKey)
{
if (is_string($jsonKey)) {
if (!file_exists($jsonKey)) {
throw new \InvalidArgumentException('file does not exist');
}
$jsonKeyStream = file_get_contents($jsonKey);
if (!$jsonKey = json_decode($jsonKeyStream, true)) {
throw new \LogicException('invalid json for auth config');
}
}
if (!array_key_exists('client_email', $jsonKey)) {
throw new \InvalidArgumentException(
'json key is missing the client_email field');
}
if (!array_key_exists('private_key', $jsonKey)) {
throw new \InvalidArgumentException(
'json key is missing the private_key field');
}
$this->auth = new OAuth2([
'issuer' => $jsonKey['client_email'],
'sub' => $jsonKey['client_email'],
'signingAlgorithm' => 'RS256',
'signingKey' => $jsonKey['private_key'],
]);
}
/**
* Updates metadata with the authorization token.
*
* @param array $metadata metadata hashmap
* @param string $authUri optional auth uri
* @param callable $httpHandler callback which delivers psr7 request
*
* @return array updated metadata hashmap
*/
public function updateMetadata(
$metadata,
$authUri = null,
callable $httpHandler = null
) {
if (empty($authUri)) {
return $metadata;
}
$this->auth->setAudience($authUri);
return parent::updateMetadata($metadata, $authUri, $httpHandler);
}
/**
* Implements FetchAuthTokenInterface#fetchAuthToken.
*
* @param callable $httpHandler
*
* @return array|void
*/
public function fetchAuthToken(callable $httpHandler = null)
{
$audience = $this->auth->getAudience();
if (empty($audience)) {
return null;
}
$access_token = $this->auth->toJwt();
return array('access_token' => $access_token);
}
/**
* @return string
*/
public function getCacheKey()
{
return $this->auth->getCacheKey();
}
/**
* @return array
*/
public function getLastReceivedToken()
{
return $this->auth->getLastReceivedToken();
}
}

110
vendor/google/auth/src/Credentials/UserRefreshCredentials.php vendored Normal file
View File

@@ -0,0 +1,110 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Credentials;
use Google\Auth\CredentialsLoader;
use Google\Auth\OAuth2;
/**
* Authenticates requests using User Refresh credentials.
*
* This class allows authorizing requests from user refresh tokens.
*
* This the end of the result of a 3LO flow. E.g, the end result of
* 'gcloud auth login' saves a file with these contents in well known
* location
*
* @see [Application Default Credentials](http://goo.gl/mkAHpZ)
*/
class UserRefreshCredentials extends CredentialsLoader
{
/**
* The OAuth2 instance used to conduct authorization.
*
* @var OAuth2
*/
protected $auth;
/**
* Create a new UserRefreshCredentials.
*
* @param string|array $scope the scope of the access request, expressed
* either as an Array or as a space-delimited String.
* @param string|array $jsonKey JSON credential file path or JSON credentials
* as an associative array
*/
public function __construct(
$scope,
$jsonKey
) {
if (is_string($jsonKey)) {
if (!file_exists($jsonKey)) {
throw new \InvalidArgumentException('file does not exist');
}
$jsonKeyStream = file_get_contents($jsonKey);
if (!$jsonKey = json_decode($jsonKeyStream, true)) {
throw new \LogicException('invalid json for auth config');
}
}
if (!array_key_exists('client_id', $jsonKey)) {
throw new \InvalidArgumentException(
'json key is missing the client_id field');
}
if (!array_key_exists('client_secret', $jsonKey)) {
throw new \InvalidArgumentException(
'json key is missing the client_secret field');
}
if (!array_key_exists('refresh_token', $jsonKey)) {
throw new \InvalidArgumentException(
'json key is missing the refresh_token field');
}
$this->auth = new OAuth2([
'clientId' => $jsonKey['client_id'],
'clientSecret' => $jsonKey['client_secret'],
'refresh_token' => $jsonKey['refresh_token'],
'scope' => $scope,
'tokenCredentialUri' => self::TOKEN_CREDENTIAL_URI,
]);
}
/**
* @param callable $httpHandler
*
* @return array
*/
public function fetchAuthToken(callable $httpHandler = null)
{
return $this->auth->fetchAuthToken($httpHandler);
}
/**
* @return string
*/
public function getCacheKey()
{
return $this->auth->getClientId() . ':' . $this->auth->getCacheKey();
}
/**
* @return array
*/
public function getLastReceivedToken()
{
return $this->auth->getLastReceivedToken();
}
}

163
vendor/google/auth/src/CredentialsLoader.php vendored Normal file
View File

@@ -0,0 +1,163 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth;
use Google\Auth\Credentials\ServiceAccountCredentials;
use Google\Auth\Credentials\UserRefreshCredentials;
/**
* CredentialsLoader contains the behaviour used to locate and find default
* credentials files on the file system.
*/
abstract class CredentialsLoader implements FetchAuthTokenInterface
{
const TOKEN_CREDENTIAL_URI = 'https://www.googleapis.com/oauth2/v4/token';
const ENV_VAR = 'GOOGLE_APPLICATION_CREDENTIALS';
const WELL_KNOWN_PATH = 'gcloud/application_default_credentials.json';
const NON_WINDOWS_WELL_KNOWN_PATH_BASE = '.config';
const AUTH_METADATA_KEY = 'Authorization';
/**
* @param string $cause
* @return string
*/
private static function unableToReadEnv($cause)
{
$msg = 'Unable to read the credential file specified by ';
$msg .= ' GOOGLE_APPLICATION_CREDENTIALS: ';
$msg .= $cause;
return $msg;
}
/**
* @return bool
*/
private static function isOnWindows()
{
return strtoupper(substr(PHP_OS, 0, 3)) === 'WIN';
}
/**
* Load a JSON key from the path specified in the environment.
*
* Load a JSON key from the path specified in the environment
* variable GOOGLE_APPLICATION_CREDENTIALS. Return null if
* GOOGLE_APPLICATION_CREDENTIALS is not specified.
*
* @return array JSON key | null
*/
public static function fromEnv()
{
$path = getenv(self::ENV_VAR);
if (empty($path)) {
return;
}
if (!file_exists($path)) {
$cause = 'file ' . $path . ' does not exist';
throw new \DomainException(self::unableToReadEnv($cause));
}
$jsonKey = file_get_contents($path);
return json_decode($jsonKey, true);
}
/**
* Load a JSON key from a well known path.
*
* The well known path is OS dependent:
* - windows: %APPDATA%/gcloud/application_default_credentials.json
* - others: $HOME/.config/gcloud/application_default_credentials.json
*
* If the file does not exists, this returns null.
*
* @return array JSON key | null
*/
public static function fromWellKnownFile()
{
$rootEnv = self::isOnWindows() ? 'APPDATA' : 'HOME';
$path = [getenv($rootEnv)];
if (!self::isOnWindows()) {
$path[] = self::NON_WINDOWS_WELL_KNOWN_PATH_BASE;
}
$path[] = self::WELL_KNOWN_PATH;
$path = implode(DIRECTORY_SEPARATOR, $path);
if (!file_exists($path)) {
return;
}
$jsonKey = file_get_contents($path);
return json_decode($jsonKey, true);
}
/**
* Create a new Credentials instance.
*
* @param string|array scope the scope of the access request, expressed
* either as an Array or as a space-delimited String.
* @param array $jsonKey the JSON credentials.
*
* @return ServiceAccountCredentials|UserRefreshCredentials
*/
public static function makeCredentials($scope, array $jsonKey)
{
if (!array_key_exists('type', $jsonKey)) {
throw new \InvalidArgumentException('json key is missing the type field');
}
if ($jsonKey['type'] == 'service_account') {
return new ServiceAccountCredentials($scope, $jsonKey);
} elseif ($jsonKey['type'] == 'authorized_user') {
return new UserRefreshCredentials($scope, $jsonKey);
} else {
throw new \InvalidArgumentException('invalid value in the type field');
}
}
/**
* export a callback function which updates runtime metadata.
*
* @return array updateMetadata function
*/
public function getUpdateMetadataFunc()
{
return array($this, 'updateMetadata');
}
/**
* Updates metadata with the authorization token.
*
* @param array $metadata metadata hashmap
* @param string $authUri optional auth uri
* @param callable $httpHandler callback which delivers psr7 request
*
* @return array updated metadata hashmap
*/
public function updateMetadata(
$metadata,
$authUri = null,
callable $httpHandler = null
) {
$result = $this->fetchAuthToken($httpHandler);
if (!isset($result['access_token'])) {
return $metadata;
}
$metadata_copy = $metadata;
$metadata_copy[self::AUTH_METADATA_KEY] = array('Bearer ' . $result['access_token']);
return $metadata_copy;
}
}

108
vendor/google/auth/src/FetchAuthTokenCache.php vendored Normal file
View File

@@ -0,0 +1,108 @@
<?php
/*
* Copyright 2010 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth;
use Psr\Cache\CacheItemPoolInterface;
/**
* A class to implement caching for any object implementing
* FetchAuthTokenInterface
*/
class FetchAuthTokenCache implements FetchAuthTokenInterface
{
use CacheTrait;
/**
* @var FetchAuthTokenInterface
*/
private $fetcher;
/**
* @var array
*/
private $cacheConfig;
/**
* @var CacheItemPoolInterface
*/
private $cache;
public function __construct(
FetchAuthTokenInterface $fetcher,
array $cacheConfig = null,
CacheItemPoolInterface $cache
) {
$this->fetcher = $fetcher;
$this->cache = $cache;
$this->cacheConfig = array_merge([
'lifetime' => 1500,
'prefix' => '',
], (array) $cacheConfig);
}
/**
* Implements FetchAuthTokenInterface#fetchAuthToken.
*
* Checks the cache for a valid auth token and fetches the auth tokens
* from the supplied fetcher.
*
* @param callable $httpHandler callback which delivers psr7 request
*
* @return array the response
*
* @throws \Exception
*/
public function fetchAuthToken(callable $httpHandler = null)
{
// Use the cached value if its available.
//
// TODO: correct caching; update the call to setCachedValue to set the expiry
// to the value returned with the auth token.
//
// TODO: correct caching; enable the cache to be cleared.
$cacheKey = $this->fetcher->getCacheKey();
$cached = $this->getCachedValue($cacheKey);
if (!empty($cached)) {
return ['access_token' => $cached];
}
$auth_token = $this->fetcher->fetchAuthToken($httpHandler);
if (isset($auth_token['access_token'])) {
$this->setCachedValue($cacheKey, $auth_token['access_token']);
}
return $auth_token;
}
/**
* @return string
*/
public function getCacheKey()
{
return $this->getFullCacheKey($this->fetcher->getCacheKey());
}
/**
* @return array|null
*/
public function getLastReceivedToken()
{
return $this->fetcher->getLastReceivedToken();
}
}

55
vendor/google/auth/src/FetchAuthTokenInterface.php vendored Normal file
View File

@@ -0,0 +1,55 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth;
/**
* An interface implemented by objects that can fetch auth tokens.
*/
interface FetchAuthTokenInterface
{
/**
* Fetches the auth tokens based on the current state.
*
* @param callable $httpHandler callback which delivers psr7 request
*
* @return array a hash of auth tokens
*/
public function fetchAuthToken(callable $httpHandler = null);
/**
* Obtains a key that can used to cache the results of #fetchAuthToken.
*
* If the value is empty, the auth token is not cached.
*
* @return string a key that may be used to cache the auth token.
*/
public function getCacheKey();
/**
* Returns an associative array with the token and
* expiration time.
*
* @return null|array {
* The last received access token.
*
* @var string $access_token The access token string.
* @var int $expires_at The time the token expires as a UNIX timestamp.
* }
*/
public function getLastReceivedToken();
}

68
vendor/google/auth/src/HttpHandler/Guzzle5HttpHandler.php vendored Normal file
View File

@@ -0,0 +1,68 @@
<?php
/**
* Copyright 2015 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\HttpHandler;
use GuzzleHttp\ClientInterface;
use GuzzleHttp\Psr7\Response;
use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\ResponseInterface;
class Guzzle5HttpHandler
{
/**
* @var ClientInterface
*/
private $client;
/**
* @param ClientInterface $client
*/
public function __construct(ClientInterface $client)
{
$this->client = $client;
}
/**
* Accepts a PSR-7 Request and an array of options and returns a PSR-7 response.
*
* @param RequestInterface $request
* @param array $options
*
* @return ResponseInterface
*/
public function __invoke(RequestInterface $request, array $options = [])
{
$request = $this->client->createRequest(
$request->getMethod(),
$request->getUri(),
array_merge([
'headers' => $request->getHeaders(),
'body' => $request->getBody(),
], $options)
);
$response = $this->client->send($request);
return new Response(
$response->getStatusCode(),
$response->getHeaders() ?: [],
$response->getBody(),
$response->getProtocolVersion(),
$response->getReasonPhrase()
);
}
}

36
vendor/google/auth/src/HttpHandler/Guzzle6HttpHandler.php vendored Normal file
View File

@@ -0,0 +1,36 @@
<?php
namespace Google\Auth\HttpHandler;
use GuzzleHttp\ClientInterface;
use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\ResponseInterface;
class Guzzle6HttpHandler
{
/**
* @var ClientInterface
*/
private $client;
/**
* @param ClientInterface $client
*/
public function __construct(ClientInterface $client)
{
$this->client = $client;
}
/**
* Accepts a PSR-7 request and an array of options and returns a PSR-7 response.
*
* @param RequestInterface $request
* @param array $options
*
* @return ResponseInterface
*/
public function __invoke(RequestInterface $request, array $options = [])
{
return $this->client->send($request, $options);
}
}

47
vendor/google/auth/src/HttpHandler/HttpHandlerFactory.php vendored Normal file
View File

@@ -0,0 +1,47 @@
<?php
/**
* Copyright 2015 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\HttpHandler;
use GuzzleHttp\Client;
use GuzzleHttp\ClientInterface;
class HttpHandlerFactory
{
/**
* Builds out a default http handler for the installed version of guzzle.
*
* @param ClientInterface $client
*
* @return Guzzle5HttpHandler|Guzzle6HttpHandler
*
* @throws \Exception
*/
public static function build(ClientInterface $client = null)
{
$version = ClientInterface::VERSION;
$client = $client ?: new Client();
switch ($version[0]) {
case '5':
return new Guzzle5HttpHandler($client);
case '6':
return new Guzzle6HttpHandler($client);
default:
throw new \Exception('Version not supported');
}
}
}

126
vendor/google/auth/src/Middleware/AuthTokenMiddleware.php vendored Normal file
View File

@@ -0,0 +1,126 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Middleware;
use Google\Auth\FetchAuthTokenInterface;
use Psr\Http\Message\RequestInterface;
/**
* AuthTokenMiddleware is a Guzzle Middleware that adds an Authorization header
* provided by an object implementing FetchAuthTokenInterface.
*
* The FetchAuthTokenInterface#fetchAuthToken is used to obtain a hash; one of
* the values value in that hash is added as the authorization header.
*
* Requests will be accessed with the authorization header:
*
* 'Authorization' 'Bearer <value of auth_token>'
*/
class AuthTokenMiddleware
{
/**
* @var callback
*/
private $httpHandler;
/**
* @var FetchAuthTokenInterface
*/
private $fetcher;
/**
* @var callable
*/
private $tokenCallback;
/**
* Creates a new AuthTokenMiddleware.
*
* @param FetchAuthTokenInterface $fetcher is used to fetch the auth token
* @param callable $httpHandler (optional) callback which delivers psr7 request
* @param callable $tokenCallback (optional) function to be called when a new token is fetched.
*/
public function __construct(
FetchAuthTokenInterface $fetcher,
callable $httpHandler = null,
callable $tokenCallback = null
) {
$this->fetcher = $fetcher;
$this->httpHandler = $httpHandler;
$this->tokenCallback = $tokenCallback;
}
/**
* Updates the request with an Authorization header when auth is 'google_auth'.
*
* use Google\Auth\Middleware\AuthTokenMiddleware;
* use Google\Auth\OAuth2;
* use GuzzleHttp\Client;
* use GuzzleHttp\HandlerStack;
*
* $config = [..<oauth config param>.];
* $oauth2 = new OAuth2($config)
* $middleware = new AuthTokenMiddleware($oauth2);
* $stack = HandlerStack::create();
* $stack->push($middleware);
*
* $client = new Client([
* 'handler' => $stack,
* 'base_uri' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/',
* 'auth' => 'google_auth' // authorize all requests
* ]);
*
* $res = $client->get('myproject/taskqueues/myqueue');
*
* @param callable $handler
*
* @return \Closure
*/
public function __invoke(callable $handler)
{
return function (RequestInterface $request, array $options) use ($handler) {
// Requests using "auth"="google_auth" will be authorized.
if (!isset($options['auth']) || $options['auth'] !== 'google_auth') {
return $handler($request, $options);
}
$request = $request->withHeader('Authorization', 'Bearer ' . $this->fetchToken());
return $handler($request, $options);
};
}
/**
* Call fetcher to fetch the token.
*
* @return string
*/
private function fetchToken()
{
$auth_tokens = $this->fetcher->fetchAuthToken($this->httpHandler);
if (array_key_exists('access_token', $auth_tokens)) {
// notify the callback if applicable
if ($this->tokenCallback) {
call_user_func($this->tokenCallback, $this->fetcher->getCacheKey(), $auth_tokens['access_token']);
}
return $auth_tokens['access_token'];
}
}
}

175
vendor/google/auth/src/Middleware/ScopedAccessTokenMiddleware.php vendored Normal file
View File

@@ -0,0 +1,175 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Middleware;
use Google\Auth\CacheTrait;
use Psr\Cache\CacheItemPoolInterface;
use Psr\Http\Message\RequestInterface;
/**
* ScopedAccessTokenMiddleware is a Guzzle Middleware that adds an Authorization
* header provided by a closure.
*
* The closure returns an access token, taking the scope, either a single
* string or an array of strings, as its value. If provided, a cache will be
* used to preserve the access token for a given lifetime.
*
* Requests will be accessed with the authorization header:
*
* 'Authorization' 'Bearer <value of auth_token>'
*/
class ScopedAccessTokenMiddleware
{
use CacheTrait;
const DEFAULT_CACHE_LIFETIME = 1500;
/**
* @var CacheItemPoolInterface
*/
private $cache;
/**
* @var array configuration
*/
private $cacheConfig;
/**
* @var callable
*/
private $tokenFunc;
/**
* @var array|string
*/
private $scopes;
/**
* Creates a new ScopedAccessTokenMiddleware.
*
* @param callable $tokenFunc a token generator function
* @param array|string $scopes the token authentication scopes
* @param array $cacheConfig configuration for the cache when it's present
* @param CacheItemPoolInterface $cache an implementation of CacheItemPoolInterface
*/
public function __construct(
callable $tokenFunc,
$scopes,
array $cacheConfig = null,
CacheItemPoolInterface $cache = null
) {
$this->tokenFunc = $tokenFunc;
if (!(is_string($scopes) || is_array($scopes))) {
throw new \InvalidArgumentException(
'wants scope should be string or array');
}
$this->scopes = $scopes;
if (!is_null($cache)) {
$this->cache = $cache;
$this->cacheConfig = array_merge([
'lifetime' => self::DEFAULT_CACHE_LIFETIME,
'prefix' => '',
], $cacheConfig);
}
}
/**
* Updates the request with an Authorization header when auth is 'scoped'.
*
* E.g this could be used to authenticate using the AppEngine
* AppIdentityService.
*
* use google\appengine\api\app_identity\AppIdentityService;
* use Google\Auth\Middleware\ScopedAccessTokenMiddleware;
* use GuzzleHttp\Client;
* use GuzzleHttp\HandlerStack;
*
* $scope = 'https://www.googleapis.com/auth/taskqueue'
* $middleware = new ScopedAccessTokenMiddleware(
* 'AppIdentityService::getAccessToken',
* $scope,
* [ 'prefix' => 'Google\Auth\ScopedAccessToken::' ],
* $cache = new Memcache()
* );
* $stack = HandlerStack::create();
* $stack->push($middleware);
*
* $client = new Client([
* 'handler' => $stack,
* 'base_url' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/',
* 'auth' => 'google_auth' // authorize all requests
* ]);
*
* $res = $client->get('myproject/taskqueues/myqueue');
*
* @param callable $handler
*
* @return \Closure
*/
public function __invoke(callable $handler)
{
return function (RequestInterface $request, array $options) use ($handler) {
// Requests using "auth"="scoped" will be authorized.
if (!isset($options['auth']) || $options['auth'] !== 'scoped') {
return $handler($request, $options);
}
$request = $request->withHeader('Authorization', 'Bearer ' . $this->fetchToken());
return $handler($request, $options);
};
}
/**
* @return string
*/
private function getCacheKey()
{
$key = null;
if (is_string($this->scopes)) {
$key .= $this->scopes;
} elseif (is_array($this->scopes)) {
$key .= implode(':', $this->scopes);
}
return $key;
}
/**
* Determine if token is available in the cache, if not call tokenFunc to
* fetch it.
*
* @return string
*/
private function fetchToken()
{
$cacheKey = $this->getCacheKey();
$cached = $this->getCachedValue($cacheKey);
if (!empty($cached)) {
return $cached;
}
$token = call_user_func($this->tokenFunc, $this->scopes);
$this->setCachedValue($cacheKey, $token);
return $token;
}
}

93
vendor/google/auth/src/Middleware/SimpleMiddleware.php vendored Normal file
View File

@@ -0,0 +1,93 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Middleware;
use GuzzleHttp\Psr7;
use Psr\Http\Message\RequestInterface;
/**
* SimpleMiddleware is a Guzzle Middleware that implements Google's Simple API
* access.
*
* Requests are accessed using the Simple API access developer key.
*/
class SimpleMiddleware
{
/**
* @var array
*/
private $config;
/**
* Create a new Simple plugin.
*
* The configuration array expects one option
* - key: required, otherwise InvalidArgumentException is thrown
*
* @param array $config Configuration array
*/
public function __construct(array $config)
{
if (!isset($config['key'])) {
throw new \InvalidArgumentException('requires a key to have been set');
}
$this->config = array_merge(['key' => null], $config);
}
/**
* Updates the request query with the developer key if auth is set to simple.
*
* use Google\Auth\Middleware\SimpleMiddleware;
* use GuzzleHttp\Client;
* use GuzzleHttp\HandlerStack;
*
* $my_key = 'is not the same as yours';
* $middleware = new SimpleMiddleware(['key' => $my_key]);
* $stack = HandlerStack::create();
* $stack->push($middleware);
*
* $client = new Client([
* 'handler' => $stack,
* 'base_uri' => 'https://www.googleapis.com/discovery/v1/',
* 'auth' => 'simple'
* ]);
*
* $res = $client->get('drive/v2/rest');
*
* @param callable $handler
*
* @return \Closure
*/
public function __invoke(callable $handler)
{
return function (RequestInterface $request, array $options) use ($handler) {
// Requests using "auth"="scoped" will be authorized.
if (!isset($options['auth']) || $options['auth'] !== 'simple') {
return $handler($request, $options);
}
$query = Psr7\parse_query($request->getUri()->getQuery());
$params = array_merge($query, $this->config);
$uri = $request->getUri()->withQuery(Psr7\build_query($params));
$request = $request->withUri($uri);
return $handler($request, $options);
};
}
}

1306
vendor/google/auth/src/OAuth2.php vendored Normal file
View File

File diff suppressed because it is too large Load Diff

118
vendor/google/auth/src/Subscriber/AuthTokenSubscriber.php vendored Normal file
View File

@@ -0,0 +1,118 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Subscriber;
use Google\Auth\FetchAuthTokenInterface;
use GuzzleHttp\Event\BeforeEvent;
use GuzzleHttp\Event\RequestEvents;
use GuzzleHttp\Event\SubscriberInterface;
/**
* AuthTokenSubscriber is a Guzzle Subscriber that adds an Authorization header
* provided by an object implementing FetchAuthTokenInterface.
*
* The FetchAuthTokenInterface#fetchAuthToken is used to obtain a hash; one of
* the values value in that hash is added as the authorization header.
*
* Requests will be accessed with the authorization header:
*
* 'Authorization' 'Bearer <value of auth_token>'
*/
class AuthTokenSubscriber implements SubscriberInterface
{
/**
* @var callable
*/
private $httpHandler;
/**
* @var FetchAuthTokenInterface
*/
private $fetcher;
/**
* @var callable
*/
private $tokenCallback;
/**
* Creates a new AuthTokenSubscriber.
*
* @param FetchAuthTokenInterface $fetcher is used to fetch the auth token
* @param callable $httpHandler (optional) http client to fetch the token.
* @param callable $tokenCallback (optional) function to be called when a new token is fetched.
*/
public function __construct(
FetchAuthTokenInterface $fetcher,
callable $httpHandler = null,
callable $tokenCallback = null
) {
$this->fetcher = $fetcher;
$this->httpHandler = $httpHandler;
$this->tokenCallback = $tokenCallback;
}
/**
* @return array
*/
public function getEvents()
{
return ['before' => ['onBefore', RequestEvents::SIGN_REQUEST]];
}
/**
* Updates the request with an Authorization header when auth is 'fetched_auth_token'.
*
* use GuzzleHttp\Client;
* use Google\Auth\OAuth2;
* use Google\Auth\Subscriber\AuthTokenSubscriber;
*
* $config = [..<oauth config param>.];
* $oauth2 = new OAuth2($config)
* $subscriber = new AuthTokenSubscriber($oauth2);
*
* $client = new Client([
* 'base_url' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/',
* 'defaults' => ['auth' => 'google_auth']
* ]);
* $client->getEmitter()->attach($subscriber);
*
* $res = $client->get('myproject/taskqueues/myqueue');
*
* @param BeforeEvent $event
*/
public function onBefore(BeforeEvent $event)
{
// Requests using "auth"="google_auth" will be authorized.
$request = $event->getRequest();
if ($request->getConfig()['auth'] != 'google_auth') {
return;
}
// Fetch the auth token.
$auth_tokens = $this->fetcher->fetchAuthToken($this->httpHandler);
if (array_key_exists('access_token', $auth_tokens)) {
$request->setHeader('Authorization', 'Bearer ' . $auth_tokens['access_token']);
// notify the callback if applicable
if ($this->tokenCallback) {
call_user_func($this->tokenCallback, $this->fetcher->getCacheKey(), $auth_tokens['access_token']);
}
}
}
}

177
vendor/google/auth/src/Subscriber/ScopedAccessTokenSubscriber.php vendored Normal file
View File

@@ -0,0 +1,177 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Subscriber;
use Google\Auth\CacheTrait;
use GuzzleHttp\Event\BeforeEvent;
use GuzzleHttp\Event\RequestEvents;
use GuzzleHttp\Event\SubscriberInterface;
use Psr\Cache\CacheItemPoolInterface;
/**
* ScopedAccessTokenSubscriber is a Guzzle Subscriber that adds an Authorization
* header provided by a closure.
*
* The closure returns an access token, taking the scope, either a single
* string or an array of strings, as its value. If provided, a cache will be
* used to preserve the access token for a given lifetime.
*
* Requests will be accessed with the authorization header:
*
* 'Authorization' 'Bearer <access token obtained from the closure>'
*/
class ScopedAccessTokenSubscriber implements SubscriberInterface
{
use CacheTrait;
const DEFAULT_CACHE_LIFETIME = 1500;
/**
* @var CacheItemPoolInterface
*/
private $cache;
/**
* @var callable The access token generator function
*/
private $tokenFunc;
/**
* @var array|string The scopes used to generate the token
*/
private $scopes;
/**
* @var array
*/
private $cacheConfig;
/**
* Creates a new ScopedAccessTokenSubscriber.
*
* @param callable $tokenFunc a token generator function
* @param array|string $scopes the token authentication scopes
* @param array $cacheConfig configuration for the cache when it's present
* @param CacheItemPoolInterface $cache an implementation of CacheItemPoolInterface
*/
public function __construct(
callable $tokenFunc,
$scopes,
array $cacheConfig = null,
CacheItemPoolInterface $cache = null
) {
$this->tokenFunc = $tokenFunc;
if (!(is_string($scopes) || is_array($scopes))) {
throw new \InvalidArgumentException(
'wants scope should be string or array');
}
$this->scopes = $scopes;
if (!is_null($cache)) {
$this->cache = $cache;
$this->cacheConfig = array_merge([
'lifetime' => self::DEFAULT_CACHE_LIFETIME,
'prefix' => '',
], $cacheConfig);
}
}
/**
* @return array
*/
public function getEvents()
{
return ['before' => ['onBefore', RequestEvents::SIGN_REQUEST]];
}
/**
* Updates the request with an Authorization header when auth is 'scoped'.
*
* E.g this could be used to authenticate using the AppEngine
* AppIdentityService.
*
* use google\appengine\api\app_identity\AppIdentityService;
* use Google\Auth\Subscriber\ScopedAccessTokenSubscriber;
* use GuzzleHttp\Client;
*
* $scope = 'https://www.googleapis.com/auth/taskqueue'
* $subscriber = new ScopedAccessToken(
* 'AppIdentityService::getAccessToken',
* $scope,
* ['prefix' => 'Google\Auth\ScopedAccessToken::'],
* $cache = new Memcache()
* );
*
* $client = new Client([
* 'base_url' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/',
* 'defaults' => ['auth' => 'scoped']
* ]);
* $client->getEmitter()->attach($subscriber);
*
* $res = $client->get('myproject/taskqueues/myqueue');
*
* @param BeforeEvent $event
*/
public function onBefore(BeforeEvent $event)
{
// Requests using "auth"="scoped" will be authorized.
$request = $event->getRequest();
if ($request->getConfig()['auth'] != 'scoped') {
return;
}
$auth_header = 'Bearer ' . $this->fetchToken();
$request->setHeader('Authorization', $auth_header);
}
/**
* @return string
*/
private function getCacheKey()
{
$key = null;
if (is_string($this->scopes)) {
$key .= $this->scopes;
} elseif (is_array($this->scopes)) {
$key .= implode(':', $this->scopes);
}
return $key;
}
/**
* Determine if token is available in the cache, if not call tokenFunc to
* fetch it.
*
* @return string
*/
private function fetchToken()
{
$cacheKey = $this->getCacheKey();
$cached = $this->getCachedValue($cacheKey);
if (!empty($cached)) {
return $cached;
}
$token = call_user_func($this->tokenFunc, $this->scopes);
$this->setCachedValue($cacheKey, $token);
return $token;
}
}

90
vendor/google/auth/src/Subscriber/SimpleSubscriber.php vendored Normal file
View File

@@ -0,0 +1,90 @@
<?php
/*
* Copyright 2015 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Subscriber;
use GuzzleHttp\Event\BeforeEvent;
use GuzzleHttp\Event\RequestEvents;
use GuzzleHttp\Event\SubscriberInterface;
/**
* SimpleSubscriber is a Guzzle Subscriber that implements Google's Simple API
* access.
*
* Requests are accessed using the Simple API access developer key.
*/
class SimpleSubscriber implements SubscriberInterface
{
/**
* @var array
*/
private $config;
/**
* Create a new Simple plugin.
*
* The configuration array expects one option
* - key: required, otherwise InvalidArgumentException is thrown
*
* @param array $config Configuration array
*/
public function __construct(array $config)
{
if (!isset($config['key'])) {
throw new \InvalidArgumentException('requires a key to have been set');
}
$this->config = array_merge([], $config);
}
/**
* @return array
*/
public function getEvents()
{
return ['before' => ['onBefore', RequestEvents::SIGN_REQUEST]];
}
/**
* Updates the request query with the developer key if auth is set to simple.
*
* use Google\Auth\Subscriber\SimpleSubscriber;
* use GuzzleHttp\Client;
*
* $my_key = 'is not the same as yours';
* $subscriber = new SimpleSubscriber(['key' => $my_key]);
*
* $client = new Client([
* 'base_url' => 'https://www.googleapis.com/discovery/v1/',
* 'defaults' => ['auth' => 'simple']
* ]);
* $client->getEmitter()->attach($subscriber);
*
* $res = $client->get('drive/v2/rest');
*
* @param BeforeEvent $event
*/
public function onBefore(BeforeEvent $event)
{
// Requests using "auth"="simple" with the developer key.
$request = $event->getRequest();
if ($request->getConfig()['auth'] != 'simple') {
return;
}
$request->getQuery()->overwriteWith($this->config);
}
}