Google_Auth_AppIdentity

Authentication via the Google App Engine App Identity service.

Defined (1)

The class is defined in the following location(s).

/includes/api-libs/Google/Auth/AppIdentity.php  
  1. class Google_Auth_AppIdentity extends Google_Auth_Abstract 
  2. const CACHE_PREFIX = "Google_Auth_AppIdentity::"; 
  3. private $key = null; 
  4. private $client; 
  5. private $token = false; 
  6. private $tokenScopes = false; 
  7.  
  8. public function __construct(Google_Client $client, $config = null) 
  9. $this->client = $client; 
  10.  
  11. /** 
  12. * Retrieve an access token for the scopes supplied. 
  13. */ 
  14. public function authenticateForScope($scopes) 
  15. if ($this->token && $this->tokenScopes == $scopes) { 
  16. return $this->token; 
  17.  
  18. $cacheKey = self::CACHE_PREFIX; 
  19. if (is_string($scopes)) { 
  20. $cacheKey .= $scopes; 
  21. } else if (is_array($scopes)) { 
  22. $cacheKey .= implode(":", $scopes); 
  23.  
  24. $this->token = $this->client->getCache()->get($cacheKey); 
  25. if (!$this->token) { 
  26. $this->retrieveToken($scopes, $cacheKey); 
  27. else if ($this->token['expiration_time'] < time()) { 
  28. $this->client->getCache()->delete($cacheKey); 
  29. $this->retrieveToken($scopes, $cacheKey); 
  30.  
  31. $this->tokenScopes = $scopes; 
  32. return $this->token; 
  33.  
  34. /** 
  35. * Retrieve a new access token and store it in cache 
  36. * @param mixed $scopes 
  37. * @param string $cacheKey 
  38. */ 
  39. private function retrieveToken($scopes, $cacheKey) 
  40. $this->token = AppIdentityService::getAccessToken($scopes); 
  41. if ($this->token) { 
  42. $this->client->getCache()->set( 
  43. $cacheKey,  
  44. $this->token 
  45. ); 
  46.  
  47. /** 
  48. * Perform an authenticated / signed apiHttpRequest. 
  49. * This function takes the apiHttpRequest, calls apiAuth->sign on it 
  50. * (which can modify the request in what ever way fits the auth mechanism) 
  51. * and then calls apiCurlIO::makeRequest on the signed request 
  52. * @param Google_Http_Request $request 
  53. * @return Google_Http_Request The resulting HTTP response including the 
  54. * responseHttpCode, responseHeaders and responseBody. 
  55. */ 
  56. public function authenticatedRequest(Google_Http_Request $request) 
  57. $request = $this->sign($request); 
  58. return $this->client->getIo()->makeRequest($request); 
  59.  
  60. public function sign(Google_Http_Request $request) 
  61. if (!$this->token) { 
  62. // No token, so nothing to do. 
  63. return $request; 
  64.  
  65. $this->client->getLogger()->debug('App Identity authentication'); 
  66.  
  67. // Add the OAuth2 header to the request 
  68. $request->setRequestHeaders( 
  69. array('Authorization' => 'Bearer ' . $this->token['access_token']) 
  70. ); 
  71.  
  72. return $request;