lars/accred
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Mise à jour des librairies

Browse Source
This commit is contained in:
lars
2019-03-10 23:30:23 +01:00
parent 2040b7be39
commit 7df3d72953
3603 changed files with 233169 additions and 107764 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
vendor/google/auth/src/Credentials/GCECredentials.php vendored
View File

@@ -69,6 +69,19 @@ class GCECredentials extends CredentialsLoader
*/
const FLAVOR_HEADER = 'Metadata-Flavor';
/**
* Note: the explicit `timeout` and `tries` below is a workaround. The underlying
* issue is that resolving an unknown host on some networks will take
* 20-30 seconds; making this timeout short fixes the issue, but
* could lead to false negatives in the event that we are on GCE, but
* the metadata resolution was particularly slow. The latter case is
* "unlikely" since the expected 4-nines time is about 0.5 seconds.
* This allows us to limit the total ping maximum timeout to 1.5 seconds
* for developer desktop scenarios.
*/
const MAX_COMPUTE_PING_TRIES = 3;
const COMPUTE_PING_CONNECTION_TIMEOUT_S = 0.5;
/**
* Flag used to ensure that the onGCE test is only done once;.
*
@@ -126,28 +139,29 @@ class GCECredentials extends CredentialsLoader
$httpHandler = HttpHandlerFactory::build();
}
$checkUri = 'http://' . self::METADATA_IP;
try {
// Comment from: oauth2client/client.py
//
// Note: the explicit `timeout` below is a workaround. The underlying
// issue is that resolving an unknown host on some networks will take
// 20-30 seconds; making this timeout short fixes the issue, but
// could lead to false negatives in the event that we are on GCE, but
// the metadata resolution was particularly slow. The latter case is
// "unlikely".
$resp = $httpHandler(
new Request('GET', $checkUri),
['timeout' => 0.3]
);
for ($i = 1; $i <= self::MAX_COMPUTE_PING_TRIES; $i++) {
try {
// Comment from: oauth2client/client.py
//
// Note: the explicit `timeout` below is a workaround. The underlying
// issue is that resolving an unknown host on some networks will take
// 20-30 seconds; making this timeout short fixes the issue, but
// could lead to false negatives in the event that we are on GCE, but
// the metadata resolution was particularly slow. The latter case is
// "unlikely".
$resp = $httpHandler(
new Request('GET', $checkUri),
['timeout' => self::COMPUTE_PING_CONNECTION_TIMEOUT_S]
);
return $resp->getHeaderLine(self::FLAVOR_HEADER) == 'Google';
} catch (ClientException $e) {
return false;
} catch (ServerException $e) {
return false;
} catch (RequestException $e) {
return false;
return $resp->getHeaderLine(self::FLAVOR_HEADER) == 'Google';
} catch (ClientException $e) {
} catch (ServerException $e) {
} catch (RequestException $e) {
}
$httpHandler = HttpHandlerFactory::build();
}
return false;
}
/**

68
vendor/google/auth/src/Credentials/InsecureCredentials.php vendored Normal file
View File

@@ -0,0 +1,68 @@
<?php
/*
* Copyright 2018 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Auth\Credentials;
use Google\Auth\FetchAuthTokenInterface;
/**
* Provides a set of credentials that will always return an empty access token.
* This is useful for APIs which do not require authentication, for local
* service emulators, and for testing.
*/
class InsecureCredentials implements FetchAuthTokenInterface
{
/**
* @var array
*/
private $token = [
'access_token' => ''
];
/**
* Fetches the auth token. In this case it returns an empty string.
*
* @param callable $httpHandler
* @return array
*/
public function fetchAuthToken(callable $httpHandler = null)
{
return $this->token;
}
/**
* Returns the cache key. In this case it returns a null value, disabling
* caching.
*
* @return string|null
*/
public function getCacheKey()
{
return null;
}
/**
* Fetches the last received token. In this case, it returns the same empty string
* auth token.
*
* @return array
*/
public function getLastReceivedToken()
{
return $this->token;
}
}

21
vendor/google/auth/src/Credentials/UserRefreshCredentials.php vendored
View File

@@ -33,6 +33,11 @@ use Google\Auth\OAuth2;
*/
class UserRefreshCredentials extends CredentialsLoader
{
const CLOUD_SDK_CLIENT_ID =
'764086051850-6qr4p6gpi6hn506pt8ejuq83di341hur.apps.googleusercontent.com';
const SUPPRESS_CLOUD_SDK_CREDS_WARNING_ENV = 'SUPPRESS_GCLOUD_CREDS_WARNING';
/**
* The OAuth2 instance used to conduct authorization.
*
@@ -80,6 +85,22 @@ class UserRefreshCredentials extends CredentialsLoader
'scope' => $scope,
'tokenCredentialUri' => self::TOKEN_CREDENTIAL_URI,
]);
if ($jsonKey['client_id'] === self::CLOUD_SDK_CLIENT_ID
&& getenv(self::SUPPRESS_CLOUD_SDK_CREDS_WARNING_ENV) !== 'true') {
trigger_error(
'Your application has authenticated using end user credentials '
. 'from Google Cloud SDK. We recommend that most server '
. 'applications use service accounts instead. If your '
. 'application continues to use end user credentials '
. 'from Cloud SDK, you might receive a "quota exceeded" '
. 'or "API not enabled" error. For more information about '
. 'service accounts, see '
. 'https://cloud.google.com/docs/authentication/. '
. 'To disable this warning, set '
. self::SUPPRESS_CLOUD_SDK_CREDS_WARNING_ENV
. ' environment variable to "true".',
E_USER_WARNING);
}
}
/**

23
vendor/google/auth/src/CredentialsLoader.php vendored
View File

@@ -17,6 +17,7 @@
namespace Google\Auth;
use Google\Auth\Credentials\InsecureCredentials;
use Google\Auth\Credentials\ServiceAccountCredentials;
use Google\Auth\Credentials\UserRefreshCredentials;
@@ -26,7 +27,7 @@ use Google\Auth\Credentials\UserRefreshCredentials;
*/
abstract class CredentialsLoader implements FetchAuthTokenInterface
{
const TOKEN_CREDENTIAL_URI = 'https://www.googleapis.com/oauth2/v4/token';
const TOKEN_CREDENTIAL_URI = 'https://oauth2.googleapis.com/token';
const ENV_VAR = 'GOOGLE_APPLICATION_CREDENTIALS';
const WELL_KNOWN_PATH = 'gcloud/application_default_credentials.json';
const NON_WINDOWS_WELL_KNOWN_PATH_BASE = '.config';
@@ -120,11 +121,13 @@ abstract class CredentialsLoader implements FetchAuthTokenInterface
if ($jsonKey['type'] == 'service_account') {
return new ServiceAccountCredentials($scope, $jsonKey);
} elseif ($jsonKey['type'] == 'authorized_user') {
return new UserRefreshCredentials($scope, $jsonKey);
} else {
throw new \InvalidArgumentException('invalid value in the type field');
}
if ($jsonKey['type'] == 'authorized_user') {
return new UserRefreshCredentials($scope, $jsonKey);
}
throw new \InvalidArgumentException('invalid value in the type field');
}
/**
@@ -174,6 +177,16 @@ abstract class CredentialsLoader implements FetchAuthTokenInterface
}
}
/**
* Create a new instance of InsecureCredentials.
*
* @return InsecureCredentials
*/
public static function makeInsecureCredentials()
{
return new InsecureCredentials();
}
/**
* export a callback function which updates runtime metadata.
*

44
vendor/google/auth/src/OAuth2.php vendored
View File

@@ -516,7 +516,9 @@ class OAuth2 implements FetchAuthTokenInterface
{
if (is_string($this->scope)) {
return $this->scope;
} elseif (is_array($this->scope)) {
}
if (is_array($this->scope)) {
return implode(':', $this->scope);
}
@@ -542,15 +544,15 @@ class OAuth2 implements FetchAuthTokenInterface
$res = array();
parse_str($body, $res);
return $res;
} else {
// Assume it's JSON; if it's not throw an exception
if (null === $res = json_decode($body, true)) {
throw new \Exception('Invalid JSON response');
}
return $res;
}
// Assume it's JSON; if it's not throw an exception
if (null === $res = json_decode($body, true)) {
throw new \Exception('Invalid JSON response');
}
return $res;
}
/**
@@ -804,15 +806,21 @@ class OAuth2 implements FetchAuthTokenInterface
// state.
if (!is_null($this->code)) {
return 'authorization_code';
} elseif (!is_null($this->refreshToken)) {
return 'refresh_token';
} elseif (!is_null($this->username) && !is_null($this->password)) {
return 'password';
} elseif (!is_null($this->issuer) && !is_null($this->signingKey)) {
return self::JWT_URN;
} else {
return null;
}
if (!is_null($this->refreshToken)) {
return 'refresh_token';
}
if (!is_null($this->username) && !is_null($this->password)) {
return 'password';
}
if (!is_null($this->issuer) && !is_null($this->signingKey)) {
return self::JWT_URN;
}
return null;
}
/**
@@ -1119,7 +1127,9 @@ class OAuth2 implements FetchAuthTokenInterface
{
if (!is_null($this->expiresAt)) {
return $this->expiresAt;
} elseif (!is_null($this->issuedAt) && !is_null($this->expiresIn)) {
}
if (!is_null($this->issuedAt) && !is_null($this->expiresIn)) {
return $this->issuedAt + $this->expiresIn;
}