source: vendor/google/auth/src/IamSignerTrait.php@ f9c482b

Last change on this file since f9c482b was f9c482b, checked in by Vlado 222039 <vlado.popovski@…>, 9 days ago

Upload new project files

  • Property mode set to 100644
File size: 2.4 KB
Line 
1<?php
2
3/*
4 * Copyright 2022 Google Inc.
5 *
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 */
18
19namespace Google\Auth;
20
21use Exception;
22use Google\Auth\HttpHandler\HttpClientCache;
23use Google\Auth\HttpHandler\HttpHandlerFactory;
24
25trait IamSignerTrait
26{
27 /**
28 * @var Iam|null
29 */
30 private $iam;
31
32 /**
33 * Sign a string using the default service account private key.
34 *
35 * This implementation uses IAM's signBlob API.
36 *
37 * @see https://cloud.google.com/iam/credentials/reference/rest/v1/projects.serviceAccounts/signBlob SignBlob
38 *
39 * @param string $stringToSign The string to sign.
40 * @param bool $forceOpenSsl [optional] Does not apply to this credentials
41 * type.
42 * @param string $accessToken The access token to use to sign the blob. If
43 * provided, saves a call to the metadata server for a new access
44 * token. **Defaults to** `null`.
45 * @return string
46 * @throws Exception
47 */
48 public function signBlob($stringToSign, $forceOpenSsl = false, $accessToken = null)
49 {
50 $httpHandler = HttpHandlerFactory::build(HttpClientCache::getHttpClient());
51
52 // Providing a signer is useful for testing, but it's undocumented
53 // because it's not something a user would generally need to do.
54 $signer = $this->iam;
55 if (!$signer) {
56 $signer = $this instanceof GetUniverseDomainInterface
57 ? new Iam($httpHandler, $this->getUniverseDomain())
58 : new Iam($httpHandler);
59 }
60
61 $email = $this->getClientName($httpHandler);
62
63 if (is_null($accessToken)) {
64 $previousToken = $this->getLastReceivedToken();
65 $accessToken = $previousToken
66 ? $previousToken['access_token']
67 : $this->fetchAuthToken($httpHandler)['access_token'];
68 }
69
70 return $signer->signBlob($email, $accessToken, $stringToSign);
71 }
72}
Note: See TracBrowser for help on using the repository browser.