lars/accred
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Mise à jour des librairies

Browse Source
This commit is contained in:
lars
2019-03-10 23:30:23 +01:00
parent 2040b7be39
commit 7df3d72953
3603 changed files with 233169 additions and 107764 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
vendor/google/auth/.gitignore vendored
View File

@@ -1,3 +1,7 @@
*~
vendor
composer.lock
# IntelliJ
.idea
*.iml

27
vendor/google/auth/CHANGELOG.md vendored
View File

@@ -1,3 +1,30 @@
## 1.4.0 (09/17/2018)
### Changes
* Add support for insecure credentials (#208)
## 1.3.3 (08/27/2018)
### Changes
* Add retry and increase timeout for GCE credentials (#195)
* [Docs] Fix spelling (#204)
* Update token url (#206)
## 1.3.2 (07/23/2018)
### Changes
* Only emits a warning for gcloud credentials (#202)
## 1.3.1 (07/19/2018)
### Changes
* Added a warning for 3 legged OAuth credentials (#199)
* [Code cleanup] Removed useless else after return (#193)
## 1.3.0 (06/04/2018)
### Changes

43
vendor/google/auth/CODE_OF_CONDUCT.md vendored Normal file
View File

@@ -0,0 +1,43 @@
# Contributor Code of Conduct
As contributors and maintainers of this project,
and in the interest of fostering an open and welcoming community,
we pledge to respect all people who contribute through reporting issues,
posting feature requests, updating documentation,
submitting pull requests or patches, and other activities.
We are committed to making participation in this project
a harassment-free experience for everyone,
regardless of level of experience, gender, gender identity and expression,
sexual orientation, disability, personal appearance,
body size, race, ethnicity, age, religion, or nationality.
Examples of unacceptable behavior by participants include:
* The use of sexualized language or imagery
* Personal attacks
* Trolling or insulting/derogatory comments
* Public or private harassment
* Publishing other's private information,
such as physical or electronic
addresses, without explicit permission
* Other unethical or unprofessional conduct.
Project maintainers have the right and responsibility to remove, edit, or reject
comments, commits, code, wiki edits, issues, and other contributions
that are not aligned to this Code of Conduct.
By adopting this Code of Conduct,
project maintainers commit themselves to fairly and consistently
applying these principles to every aspect of managing this project.
Project maintainers who do not follow or enforce the Code of Conduct
may be permanently removed from the project team.
This code of conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community.
Instances of abusive, harassing, or otherwise unacceptable behavior
may be reported by opening an issue
or contacting one or more of the project maintainers.
This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.2.0,
available at [http://contributor-covenant.org/version/1/2/0/](http://contributor-covenant.org/version/1/2/0/)

3
vendor/google/auth/phpunit.xml.dist vendored
View File

@@ -1,5 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit bootstrap="tests/bootstrap.php" colors="true">
<php>
<env name="SUPPRESS_GCLOUD_CREDS_WARNING" value="true" force="true"/>
</php>
<testsuites>
<testsuite name="google-auth-tests">
<directory suffix="Test.php">tests</directory>

54
vendor/google/auth/src/Credentials/GCECredentials.php vendored
View File

@@ -69,6 +69,19 @@ class GCECredentials extends CredentialsLoader
*/
const FLAVOR_HEADER = 'Metadata-Flavor';
/**
* Note: the explicit `timeout` and `tries` below is a workaround. The underlying
* issue is that resolving an unknown host on some networks will take
* 20-30 seconds; making this timeout short fixes the issue, but
* could lead to false negatives in the event that we are on GCE, but
* the metadata resolution was particularly slow. The latter case is
* "unlikely" since the expected 4-nines time is about 0.5 seconds.
* This allows us to limit the total ping maximum timeout to 1.5 seconds
* for developer desktop scenarios.
*/
const MAX_COMPUTE_PING_TRIES = 3;
const COMPUTE_PING_CONNECTION_TIMEOUT_S = 0.5;
/**
* Flag used to ensure that the onGCE test is only done once;.
*
@@ -126,28 +139,29 @@ class GCECredentials extends CredentialsLoader
$httpHandler = HttpHandlerFactory::build();
}
$checkUri = 'http://' . self::METADATA_IP;
try {
// Comment from: oauth2client/client.py
//
// Note: the explicit `timeout` below is a workaround. The underlying
// issue is that resolving an unknown host on some networks will take
// 20-30 seconds; making this timeout short fixes the issue, but
// could lead to false negatives in the event that we are on GCE, but
// the metadata resolution was particularly slow. The latter case is
// "unlikely".
$resp = $httpHandler(
new Request('GET', $checkUri),
['timeout' => 0.3]
);
for ($i = 1; $i <= self::MAX_COMPUTE_PING_TRIES; $i++) {
try {
// Comment from: oauth2client/client.py
//
// Note: the explicit `timeout` below is a workaround. The underlying
// issue is that resolving an unknown host on some networks will take
// 20-30 seconds; making this timeout short fixes the issue, but
// could lead to false negatives in the event that we are on GCE, but
// the metadata resolution was particularly slow. The latter case is
// "unlikely".
$resp = $httpHandler(
new Request('GET', $checkUri),
['timeout' => self::COMPUTE_PING_CONNECTION_TIMEOUT_S]
);
return $resp->getHeaderLine(self::FLAVOR_HEADER) == 'Google';
} catch (ClientException $e) {
return false;
} catch (ServerException $e) {
return false;
} catch (RequestException $e) {
return false;
return $resp->getHeaderLine(self::FLAVOR_HEADER) == 'Google';
} catch (ClientException $e) {
} catch (ServerException $e) {
} catch (RequestException $e) {
}
$httpHandler = HttpHandlerFactory::build();
}
return false;
}
/**

68
vendor/google/auth/src/Credentials/InsecureCredentials.php vendored Normal file
View File

@@ -0,0 +1,68 @@
<?php
/*
* Copyright 2018 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Credentials;
use Google\Auth\FetchAuthTokenInterface;
/**
* Provides a set of credentials that will always return an empty access token.
* This is useful for APIs which do not require authentication, for local
* service emulators, and for testing.
*/
class InsecureCredentials implements FetchAuthTokenInterface
{
/**
* @var array
*/
private $token = [
'access_token' => ''
];
/**
* Fetches the auth token. In this case it returns an empty string.
*
* @param callable $httpHandler
* @return array
*/
public function fetchAuthToken(callable $httpHandler = null)
{
return $this->token;
}
/**
* Returns the cache key. In this case it returns a null value, disabling
* caching.
*
* @return string|null
*/
public function getCacheKey()
{
return null;
}
/**
* Fetches the last received token. In this case, it returns the same empty string
* auth token.
*
* @return array
*/
public function getLastReceivedToken()
{
return $this->token;
}
}

21
vendor/google/auth/src/Credentials/UserRefreshCredentials.php vendored
View File

@@ -33,6 +33,11 @@ use Google\Auth\OAuth2;
*/
class UserRefreshCredentials extends CredentialsLoader
{
const CLOUD_SDK_CLIENT_ID =
'764086051850-6qr4p6gpi6hn506pt8ejuq83di341hur.apps.googleusercontent.com';
const SUPPRESS_CLOUD_SDK_CREDS_WARNING_ENV = 'SUPPRESS_GCLOUD_CREDS_WARNING';
/**
* The OAuth2 instance used to conduct authorization.
*
@@ -80,6 +85,22 @@ class UserRefreshCredentials extends CredentialsLoader
'scope' => $scope,
'tokenCredentialUri' => self::TOKEN_CREDENTIAL_URI,
]);
if ($jsonKey['client_id'] === self::CLOUD_SDK_CLIENT_ID
&& getenv(self::SUPPRESS_CLOUD_SDK_CREDS_WARNING_ENV) !== 'true') {
trigger_error(
'Your application has authenticated using end user credentials '
. 'from Google Cloud SDK. We recommend that most server '
. 'applications use service accounts instead. If your '
. 'application continues to use end user credentials '
. 'from Cloud SDK, you might receive a "quota exceeded" '
. 'or "API not enabled" error. For more information about '
. 'service accounts, see '
. 'https://cloud.google.com/docs/authentication/. '
. 'To disable this warning, set '
. self::SUPPRESS_CLOUD_SDK_CREDS_WARNING_ENV
. ' environment variable to "true".',
E_USER_WARNING);
}
}
/**

23
vendor/google/auth/src/CredentialsLoader.php vendored
View File

@@ -17,6 +17,7 @@
namespace Google\Auth;
use Google\Auth\Credentials\InsecureCredentials;
use Google\Auth\Credentials\ServiceAccountCredentials;
use Google\Auth\Credentials\UserRefreshCredentials;
@@ -26,7 +27,7 @@ use Google\Auth\Credentials\UserRefreshCredentials;
*/
abstract class CredentialsLoader implements FetchAuthTokenInterface
{
const TOKEN_CREDENTIAL_URI = 'https://www.googleapis.com/oauth2/v4/token';
const TOKEN_CREDENTIAL_URI = 'https://oauth2.googleapis.com/token';
const ENV_VAR = 'GOOGLE_APPLICATION_CREDENTIALS';
const WELL_KNOWN_PATH = 'gcloud/application_default_credentials.json';
const NON_WINDOWS_WELL_KNOWN_PATH_BASE = '.config';
@@ -120,11 +121,13 @@ abstract class CredentialsLoader implements FetchAuthTokenInterface
if ($jsonKey['type'] == 'service_account') {
return new ServiceAccountCredentials($scope, $jsonKey);
} elseif ($jsonKey['type'] == 'authorized_user') {
return new UserRefreshCredentials($scope, $jsonKey);
} else {
throw new \InvalidArgumentException('invalid value in the type field');
}
if ($jsonKey['type'] == 'authorized_user') {
return new UserRefreshCredentials($scope, $jsonKey);
}
throw new \InvalidArgumentException('invalid value in the type field');
}
/**
@@ -174,6 +177,16 @@ abstract class CredentialsLoader implements FetchAuthTokenInterface
}
}
/**
* Create a new instance of InsecureCredentials.
*
* @return InsecureCredentials
*/
public static function makeInsecureCredentials()
{
return new InsecureCredentials();
}
/**
* export a callback function which updates runtime metadata.
*

44
vendor/google/auth/src/OAuth2.php vendored
View File

@@ -516,7 +516,9 @@ class OAuth2 implements FetchAuthTokenInterface
{
if (is_string($this->scope)) {
return $this->scope;
} elseif (is_array($this->scope)) {
}
if (is_array($this->scope)) {
return implode(':', $this->scope);
}
@@ -542,15 +544,15 @@ class OAuth2 implements FetchAuthTokenInterface
$res = array();
parse_str($body, $res);
return $res;
} else {
// Assume it's JSON; if it's not throw an exception
if (null === $res = json_decode($body, true)) {
throw new \Exception('Invalid JSON response');
}
return $res;
}
// Assume it's JSON; if it's not throw an exception
if (null === $res = json_decode($body, true)) {
throw new \Exception('Invalid JSON response');
}
return $res;
}
/**
@@ -804,15 +806,21 @@ class OAuth2 implements FetchAuthTokenInterface
// state.
if (!is_null($this->code)) {
return 'authorization_code';
} elseif (!is_null($this->refreshToken)) {
return 'refresh_token';
} elseif (!is_null($this->username) && !is_null($this->password)) {
return 'password';
} elseif (!is_null($this->issuer) && !is_null($this->signingKey)) {
return self::JWT_URN;
} else {
return null;
}
if (!is_null($this->refreshToken)) {
return 'refresh_token';
}
if (!is_null($this->username) && !is_null($this->password)) {
return 'password';
}
if (!is_null($this->issuer) && !is_null($this->signingKey)) {
return self::JWT_URN;
}
return null;
}
/**
@@ -1119,7 +1127,9 @@ class OAuth2 implements FetchAuthTokenInterface
{
if (!is_null($this->expiresAt)) {
return $this->expiresAt;
} elseif (!is_null($this->issuedAt) && !is_null($this->expiresIn)) {
}
if (!is_null($this->issuedAt) && !is_null($this->expiresIn)) {
return $this->issuedAt + $this->expiresIn;
}

42
vendor/google/auth/tests/Credentials/InsecureCredentialsTest.php vendored Normal file
View File

@@ -0,0 +1,42 @@
<?php
/*
* Copyright 2018 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Tests;
use Google\Auth\Credentials\InsecureCredentials;
use PHPUnit\Framework\TestCase;
class InsecureCredentialsTest extends TestCase
{
public function testFetchAuthToken()
{
$insecure = new InsecureCredentials();
$this->assertEquals(['access_token' => ''], $insecure->fetchAuthToken());
}
public function testGetCacheKey()
{
$insecure = new InsecureCredentials();
$this->assertNull($insecure->getCacheKey());
}
public function testGetLastReceivedToken()
{
$insecure = new InsecureCredentials();
$this->assertEquals(['access_token' => ''], $insecure->getLastReceivedToken());
}
}

27
vendor/google/auth/tests/Credentials/UserRefreshCredentialsTest.php vendored
View File

@@ -99,7 +99,7 @@ class URCConstructorTest extends TestCase
*/
public function testFailsToInitalizeFromANonExistentFile()
{
$keyFile = __DIR__ . '/../fixtures' . '/does-not-exist-private.json';
$keyFile = __DIR__ . '/../fixtures/does-not-exist-private.json';
new UserRefreshCredentials('scope/1', $keyFile);
}
@@ -110,6 +110,27 @@ class URCConstructorTest extends TestCase
new UserRefreshCredentials('scope/1', $keyFile)
);
}
/**
* @expectedException PHPUnit_Framework_Error_Warning
*/
public function testGcloudWarning()
{
putenv('SUPPRESS_GCLOUD_CREDS_WARNING=false');
$keyFile = __DIR__ . '/../fixtures2/gcloud.json';
$this->assertNotNull(
new UserRefreshCredentials('scope/1', $keyFile)
);
}
public function testValid3LOauthCreds()
{
putenv('SUPPRESS_GCLOUD_CREDS_WARNING=false');
$keyFile = __DIR__ . '/../fixtures2/valid_oauth_creds.json';
$this->assertNotNull(
new UserRefreshCredentials('scope/1', $keyFile)
);
}
}
class URCFromEnvTest extends TestCase
@@ -129,14 +150,14 @@ class URCFromEnvTest extends TestCase
*/
public function testFailsIfEnvSpecifiesNonExistentFile()
{
$keyFile = __DIR__ . '/../fixtures' . '/does-not-exist-private.json';
$keyFile = __DIR__ . '/../fixtures/does-not-exist-private.json';
putenv(UserRefreshCredentials::ENV_VAR . '=' . $keyFile);
UserRefreshCredentials::fromEnv('a scope');
}
public function testSucceedIfFileExists()
{
$keyFile = __DIR__ . '/../fixtures2' . '/private.json';
$keyFile = __DIR__ . '/../fixtures2/private.json';
putenv(UserRefreshCredentials::ENV_VAR . '=' . $keyFile);
$this->assertNotNull(ApplicationDefaultCredentials::getCredentials('a scope'));
}

6
vendor/google/auth/tests/fixtures2/gcloud.json vendored Normal file
View File

@@ -0,0 +1,6 @@
{
"client_id": "764086051850-6qr4p6gpi6hn506pt8ejuq83di341hur.apps.googleusercontent.com",
"client_secret": "dummy_client_secret",
"refresh_token": "dummy_refresh_token",
"type": "authorized_user"
}

6
vendor/google/auth/tests/fixtures2/valid_oauth_creds.json vendored Normal file
View File

@@ -0,0 +1,6 @@
{
"client_id": "valid.apps.googleusercontent.com",
"client_secret": "dummy_client_secret",
"refresh_token": "dummy_refresh_token",
"type": "authorized_user"
}