AppIdentityCredentials
class AppIdentityCredentials extends CredentialsLoader implements SignBlobInterface, ProjectIdProviderInterface (View source)
AppIdentityCredentials supports authorization on Google App Engine.
It can be used to authorize requests using the AuthTokenMiddleware or AuthTokenSubscriber, but will only succeed if being run on App Engine:
Example:
use Google\Auth\Credentials\AppIdentityCredentials;
use Google\Auth\Middleware\AuthTokenMiddleware;
use GuzzleHttp\Client;
use GuzzleHttp\HandlerStack;
$gae = new AppIdentityCredentials('https://www.googleapis.com/auth/books');
$middleware = new AuthTokenMiddleware($gae);
$stack = HandlerStack::create();
$stack->push($middleware);
$client = new Client([
'handler' => $stack,
'base_uri' => 'https://www.googleapis.com/books/v1',
'auth' => 'google_auth'
]);
$res = $client->get('volumes?q=Henry+David+Thoreau&country=US');Constants
| TOKEN_CREDENTIAL_URI |
|
| ENV_VAR |
|
| WELL_KNOWN_PATH |
|
| NON_WINDOWS_WELL_KNOWN_PATH_BASE |
|
| MTLS_WELL_KNOWN_PATH |
|
| MTLS_CERT_ENV_VAR |
|
Properties
| protected array | $lastReceivedToken | Result of fetchAuthToken. |
Methods
Load a JSON key from the path specified in the environment.
Load a JSON key from a well known path.
Create a new Credentials instance.
Create an authorized HTTP Client from an instance of FetchAuthTokenInterface.
Create a new instance of InsecureCredentials.
Updates metadata with the authorization token.
Gets a callable which returns the default device certification.
Determines whether or not the default device certificate should be loaded.
No description
Determines if this an App Engine instance, by accessing the SERVER_SOFTWARE environment variable (prod) or the APPENGINE_RUNTIME environment variable (dev).
Implements FetchAuthTokenInterface#fetchAuthToken.
Sign a string using AppIdentityService.
Get the project ID from AppIdentityService.
Get the client name from AppIdentityService.
No description
Caching is handled by the underlying AppIdentityService, return empty string to prevent caching.
Details
static array|null
fromEnv()
Load a JSON key from the path specified in the environment.
Load a JSON key from the path specified in the environment variable GOOGLE_APPLICATION_CREDENTIALS. Return null if GOOGLE_APPLICATION_CREDENTIALS is not specified.
static array|null
fromWellKnownFile()
Load a JSON key from a well known path.
The well known path is OS dependent:
- windows: %APPDATA%/gcloud/application_default_credentials.json
- others: $HOME/.config/gcloud/application_default_credentials.json
If the file does not exist, this returns null.
static ServiceAccountCredentials|UserRefreshCredentials
makeCredentials(string|array $scope, array $jsonKey, string|array $defaultScope = null)
Create a new Credentials instance.
static Client
makeHttpClient(FetchAuthTokenInterface $fetcher, array $httpClientOptions = [], callable $httpHandler = null, callable $tokenCallback = null)
Create an authorized HTTP Client from an instance of FetchAuthTokenInterface.
static InsecureCredentials
makeInsecureCredentials()
Create a new instance of InsecureCredentials.
array
getUpdateMetadataFunc()
deprecated
deprecated
export a callback function which updates runtime metadata.
array
updateMetadata(array $metadata, string $authUri = null, callable $httpHandler = null)
Updates metadata with the authorization token.
static callable|null
getDefaultClientCertSource()
Gets a callable which returns the default device certification.
static bool
shouldLoadClientCertSource()
Determines whether or not the default device certificate should be loaded.
__construct(array $scope = array())
No description
static bool
onAppEngine()
Determines if this an App Engine instance, by accessing the SERVER_SOFTWARE environment variable (prod) or the APPENGINE_RUNTIME environment variable (dev).
array
fetchAuthToken(callable $httpHandler = null)
Implements FetchAuthTokenInterface#fetchAuthToken.
Fetches the auth tokens using the AppIdentityService if available. As the AppIdentityService uses protobufs to fetch the access token, the GuzzleHttp\ClientInterface instance passed in will not be used.
string
signBlob(string $stringToSign, bool $forceOpenSsl = false)
Sign a string using AppIdentityService.
string|null
getProjectId(callable $httpHander = null)
Get the project ID from AppIdentityService.
Returns null if AppIdentityService is unavailable.
string
getClientName(callable $httpHandler = null)
Get the client name from AppIdentityService.
Subsequent calls to this method will return a cached value.
null|array
getLastReceivedToken()
No description
string
getCacheKey()
Caching is handled by the underlying AppIdentityService, return empty string to prevent caching.