GoogleGAL_Auth_AppIdentity

Authentication via the Google App Engine App Identity service.

Defined (1)

The class is defined in the following location(s).

/core/Google/Auth/AppIdentity.php  
  1. class GoogleGAL_Auth_AppIdentity extends GoogleGAL_Auth_Abstract 
  2. const CACHE_PREFIX = "GoogleGAL_Auth_AppIdentity::"; 
  3. private $key = null; 
  4. private $client; 
  5. private $token = false; 
  6. private $tokenScopes = false; 
  7.  
  8. public function __construct(GoogleGAL_Client $client, $config = null) 
  9. $this->client = $client; 
  10.  
  11. /** 
  12. * Retrieve an access token for the scopes supplied. 
  13. */ 
  14. public function authenticateForScope($scopes) 
  15. if ($this->token && $this->tokenScopes == $scopes) { 
  16. return $this->token; 
  17.  
  18. $cacheKey = self::CACHE_PREFIX; 
  19. if (is_string($scopes)) { 
  20. $cacheKey .= $scopes; 
  21. } else if (is_array($scopes)) { 
  22. $cacheKey .= implode(":", $scopes); 
  23.  
  24. $this->token = $this->client->getCache()->get($cacheKey); 
  25. if (!$this->token) { 
  26. $this->token = AppIdentityService::getAccessToken($scopes); 
  27. if ($this->token) { 
  28. $this->client->getCache()->set( 
  29. $cacheKey,  
  30. $this->token 
  31. ); 
  32. $this->tokenScopes = $scopes; 
  33. return $this->token; 
  34.  
  35. /** 
  36. * Perform an authenticated / signed apiHttpRequest. 
  37. * This function takes the apiHttpRequest, calls apiAuth->sign on it 
  38. * (which can modify the request in what ever way fits the auth mechanism) 
  39. * and then calls apiCurlIO::makeRequest on the signed request 
  40. * @param GoogleGAL_Http_Request $request 
  41. * @return GoogleGAL_Http_Request The resulting HTTP response including the 
  42. * responseHttpCode, responseHeaders and responseBody. 
  43. */ 
  44. public function authenticatedRequest(GoogleGAL_Http_Request $request) 
  45. $request = $this->sign($request); 
  46. return $this->client->getIo()->makeRequest($request); 
  47.  
  48. public function sign(GoogleGAL_Http_Request $request) 
  49. if (!$this->token) { 
  50. // No token, so nothing to do. 
  51. return $request; 
  52.  
  53. $this->client->getLogger()->debug('App Identity authentication'); 
  54.  
  55. // Add the OAuth2 header to the request 
  56. $request->setRequestHeaders( 
  57. array('Authorization' => 'Bearer ' . $this->token['access_token']) 
  58. ); 
  59.  
  60. return $request;