allow vendord
All checks were successful
Build, Push and Deploy / build-and-push (push) Successful in 3m3s
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 16s
Build, Push and Deploy / deploy-staging (push) Successful in 32s
Build, Push and Deploy / deploy-production (push) Has been skipped
Build, Push and Deploy / cleanup (push) Successful in 1s
All checks were successful
Build, Push and Deploy / build-and-push (push) Successful in 3m3s
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 16s
Build, Push and Deploy / deploy-staging (push) Successful in 32s
Build, Push and Deploy / deploy-production (push) Has been skipped
Build, Push and Deploy / cleanup (push) Successful in 1s
This commit is contained in:
163
vendor/google/auth/src/Middleware/AuthTokenMiddleware.php
vendored
Normal file
163
vendor/google/auth/src/Middleware/AuthTokenMiddleware.php
vendored
Normal file
@@ -0,0 +1,163 @@
|
||||
<?php
|
||||
/*
|
||||
* Copyright 2015 Google Inc.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
namespace Google\Auth\Middleware;
|
||||
|
||||
use Google\Auth\FetchAuthTokenCache;
|
||||
use Google\Auth\FetchAuthTokenInterface;
|
||||
use Google\Auth\GetQuotaProjectInterface;
|
||||
use Google\Auth\UpdateMetadataInterface;
|
||||
use GuzzleHttp\Psr7\Utils;
|
||||
use Psr\Http\Message\RequestInterface;
|
||||
|
||||
/**
|
||||
* AuthTokenMiddleware is a Guzzle Middleware that adds an Authorization header
|
||||
* provided by an object implementing FetchAuthTokenInterface.
|
||||
*
|
||||
* The FetchAuthTokenInterface#fetchAuthToken is used to obtain a hash; one of
|
||||
* the values value in that hash is added as the authorization header.
|
||||
*
|
||||
* Requests will be accessed with the authorization header:
|
||||
*
|
||||
* 'authorization' 'Bearer <value of auth_token>'
|
||||
*/
|
||||
class AuthTokenMiddleware
|
||||
{
|
||||
/**
|
||||
* @var callable
|
||||
*/
|
||||
private $httpHandler;
|
||||
|
||||
/**
|
||||
* It must be an implementation of FetchAuthTokenInterface.
|
||||
* It may also implement UpdateMetadataInterface allowing direct
|
||||
* retrieval of auth related headers
|
||||
* @var FetchAuthTokenInterface
|
||||
*/
|
||||
private $fetcher;
|
||||
|
||||
/**
|
||||
* @var ?callable
|
||||
*/
|
||||
private $tokenCallback;
|
||||
|
||||
/**
|
||||
* Creates a new AuthTokenMiddleware.
|
||||
*
|
||||
* @param FetchAuthTokenInterface $fetcher is used to fetch the auth token
|
||||
* @param callable|null $httpHandler (optional) callback which delivers psr7 request
|
||||
* @param callable|null $tokenCallback (optional) function to be called when a new token is fetched.
|
||||
*/
|
||||
public function __construct(
|
||||
FetchAuthTokenInterface $fetcher,
|
||||
?callable $httpHandler = null,
|
||||
?callable $tokenCallback = null
|
||||
) {
|
||||
$this->fetcher = $fetcher;
|
||||
$this->httpHandler = $httpHandler;
|
||||
$this->tokenCallback = $tokenCallback;
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the request with an Authorization header when auth is 'google_auth'.
|
||||
*
|
||||
* use Google\Auth\Middleware\AuthTokenMiddleware;
|
||||
* use Google\Auth\OAuth2;
|
||||
* use GuzzleHttp\Client;
|
||||
* use GuzzleHttp\HandlerStack;
|
||||
*
|
||||
* $config = [..<oauth config param>.];
|
||||
* $oauth2 = new OAuth2($config)
|
||||
* $middleware = new AuthTokenMiddleware($oauth2);
|
||||
* $stack = HandlerStack::create();
|
||||
* $stack->push($middleware);
|
||||
*
|
||||
* $client = new Client([
|
||||
* 'handler' => $stack,
|
||||
* 'base_uri' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/',
|
||||
* 'auth' => 'google_auth' // authorize all requests
|
||||
* ]);
|
||||
*
|
||||
* $res = $client->get('myproject/taskqueues/myqueue');
|
||||
*
|
||||
* @param callable $handler
|
||||
* @return \Closure
|
||||
*/
|
||||
public function __invoke(callable $handler)
|
||||
{
|
||||
return function (RequestInterface $request, array $options) use ($handler) {
|
||||
// Requests using "auth"="google_auth" will be authorized.
|
||||
if (!isset($options['auth']) || $options['auth'] !== 'google_auth') {
|
||||
return $handler($request, $options);
|
||||
}
|
||||
|
||||
$request = $this->addAuthHeaders($request);
|
||||
|
||||
if ($quotaProject = $this->getQuotaProject()) {
|
||||
$request = $request->withHeader(
|
||||
GetQuotaProjectInterface::X_GOOG_USER_PROJECT_HEADER,
|
||||
$quotaProject
|
||||
);
|
||||
}
|
||||
|
||||
return $handler($request, $options);
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds auth related headers to the request.
|
||||
*
|
||||
* @param RequestInterface $request
|
||||
* @return RequestInterface
|
||||
*/
|
||||
private function addAuthHeaders(RequestInterface $request)
|
||||
{
|
||||
if (!$this->fetcher instanceof UpdateMetadataInterface ||
|
||||
($this->fetcher instanceof FetchAuthTokenCache &&
|
||||
!$this->fetcher->getFetcher() instanceof UpdateMetadataInterface)
|
||||
) {
|
||||
$token = $this->fetcher->fetchAuthToken();
|
||||
$request = $request->withHeader(
|
||||
'authorization',
|
||||
'Bearer ' . ($token['access_token'] ?? $token['id_token'] ?? '')
|
||||
);
|
||||
} else {
|
||||
$headers = $this->fetcher->updateMetadata($request->getHeaders(), null, $this->httpHandler);
|
||||
$request = Utils::modifyRequest($request, ['set_headers' => $headers]);
|
||||
}
|
||||
|
||||
if ($this->tokenCallback && ($token = $this->fetcher->getLastReceivedToken())) {
|
||||
if (array_key_exists('access_token', $token)) {
|
||||
call_user_func($this->tokenCallback, $this->fetcher->getCacheKey(), $token['access_token']);
|
||||
}
|
||||
}
|
||||
|
||||
return $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string|null
|
||||
*/
|
||||
private function getQuotaProject()
|
||||
{
|
||||
if ($this->fetcher instanceof GetQuotaProjectInterface) {
|
||||
return $this->fetcher->getQuotaProject();
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
155
vendor/google/auth/src/Middleware/ProxyAuthTokenMiddleware.php
vendored
Normal file
155
vendor/google/auth/src/Middleware/ProxyAuthTokenMiddleware.php
vendored
Normal file
@@ -0,0 +1,155 @@
|
||||
<?php
|
||||
/*
|
||||
* Copyright 2015 Google Inc.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
namespace Google\Auth\Middleware;
|
||||
|
||||
use Google\Auth\FetchAuthTokenInterface;
|
||||
use Google\Auth\GetQuotaProjectInterface;
|
||||
use Psr\Http\Message\RequestInterface;
|
||||
|
||||
/**
|
||||
* ProxyAuthTokenMiddleware is a Guzzle Middleware that adds an Authorization header
|
||||
* provided by an object implementing FetchAuthTokenInterface.
|
||||
*
|
||||
* The FetchAuthTokenInterface#fetchAuthToken is used to obtain a hash; one of
|
||||
* the values value in that hash is added as the authorization header.
|
||||
*
|
||||
* Requests will be accessed with the authorization header:
|
||||
*
|
||||
* 'proxy-authorization' 'Bearer <value of auth_token>'
|
||||
*/
|
||||
class ProxyAuthTokenMiddleware
|
||||
{
|
||||
/**
|
||||
* @var callable
|
||||
*/
|
||||
private $httpHandler;
|
||||
|
||||
/**
|
||||
* @var FetchAuthTokenInterface
|
||||
*/
|
||||
private $fetcher;
|
||||
|
||||
/**
|
||||
* @var ?callable
|
||||
*/
|
||||
private $tokenCallback;
|
||||
|
||||
/**
|
||||
* Creates a new ProxyAuthTokenMiddleware.
|
||||
*
|
||||
* @param FetchAuthTokenInterface $fetcher is used to fetch the auth token
|
||||
* @param callable|null $httpHandler (optional) callback which delivers psr7 request
|
||||
* @param callable|null $tokenCallback (optional) function to be called when a new token is fetched.
|
||||
*/
|
||||
public function __construct(
|
||||
FetchAuthTokenInterface $fetcher,
|
||||
?callable $httpHandler = null,
|
||||
?callable $tokenCallback = null
|
||||
) {
|
||||
$this->fetcher = $fetcher;
|
||||
$this->httpHandler = $httpHandler;
|
||||
$this->tokenCallback = $tokenCallback;
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the request with an Authorization header when auth is 'google_auth'.
|
||||
*
|
||||
* use Google\Auth\Middleware\ProxyAuthTokenMiddleware;
|
||||
* use Google\Auth\OAuth2;
|
||||
* use GuzzleHttp\Client;
|
||||
* use GuzzleHttp\HandlerStack;
|
||||
*
|
||||
* $config = [..<oauth config param>.];
|
||||
* $oauth2 = new OAuth2($config)
|
||||
* $middleware = new ProxyAuthTokenMiddleware($oauth2);
|
||||
* $stack = HandlerStack::create();
|
||||
* $stack->push($middleware);
|
||||
*
|
||||
* $client = new Client([
|
||||
* 'handler' => $stack,
|
||||
* 'base_uri' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/',
|
||||
* 'proxy_auth' => 'google_auth' // authorize all requests
|
||||
* ]);
|
||||
*
|
||||
* $res = $client->get('myproject/taskqueues/myqueue');
|
||||
*
|
||||
* @param callable $handler
|
||||
* @return \Closure
|
||||
*/
|
||||
public function __invoke(callable $handler)
|
||||
{
|
||||
return function (RequestInterface $request, array $options) use ($handler) {
|
||||
// Requests using "proxy_auth"="google_auth" will be authorized.
|
||||
if (!isset($options['proxy_auth']) || $options['proxy_auth'] !== 'google_auth') {
|
||||
return $handler($request, $options);
|
||||
}
|
||||
|
||||
$request = $request->withHeader('proxy-authorization', 'Bearer ' . $this->fetchToken());
|
||||
|
||||
if ($quotaProject = $this->getQuotaProject()) {
|
||||
$request = $request->withHeader(
|
||||
GetQuotaProjectInterface::X_GOOG_USER_PROJECT_HEADER,
|
||||
$quotaProject
|
||||
);
|
||||
}
|
||||
|
||||
return $handler($request, $options);
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Call fetcher to fetch the token.
|
||||
*
|
||||
* @return string|null
|
||||
*/
|
||||
private function fetchToken()
|
||||
{
|
||||
$auth_tokens = $this->fetcher->fetchAuthToken($this->httpHandler);
|
||||
|
||||
if (array_key_exists('access_token', $auth_tokens)) {
|
||||
// notify the callback if applicable
|
||||
if ($this->tokenCallback) {
|
||||
call_user_func(
|
||||
$this->tokenCallback,
|
||||
$this->fetcher->getCacheKey(),
|
||||
$auth_tokens['access_token']
|
||||
);
|
||||
}
|
||||
|
||||
return $auth_tokens['access_token'];
|
||||
}
|
||||
|
||||
if (array_key_exists('id_token', $auth_tokens)) {
|
||||
return $auth_tokens['id_token'];
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string|null;
|
||||
*/
|
||||
private function getQuotaProject()
|
||||
{
|
||||
if ($this->fetcher instanceof GetQuotaProjectInterface) {
|
||||
return $this->fetcher->getQuotaProject();
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
165
vendor/google/auth/src/Middleware/ScopedAccessTokenMiddleware.php
vendored
Normal file
165
vendor/google/auth/src/Middleware/ScopedAccessTokenMiddleware.php
vendored
Normal file
@@ -0,0 +1,165 @@
|
||||
<?php
|
||||
/*
|
||||
* Copyright 2015 Google Inc.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
namespace Google\Auth\Middleware;
|
||||
|
||||
use Google\Auth\CacheTrait;
|
||||
use Psr\Cache\CacheItemPoolInterface;
|
||||
use Psr\Http\Message\RequestInterface;
|
||||
|
||||
/**
|
||||
* ScopedAccessTokenMiddleware is a Guzzle Middleware that adds an Authorization
|
||||
* header provided by a closure.
|
||||
*
|
||||
* The closure returns an access token, taking the scope, either a single
|
||||
* string or an array of strings, as its value. If provided, a cache will be
|
||||
* used to preserve the access token for a given lifetime.
|
||||
*
|
||||
* Requests will be accessed with the authorization header:
|
||||
*
|
||||
* 'authorization' 'Bearer <value of auth_token>'
|
||||
*/
|
||||
class ScopedAccessTokenMiddleware
|
||||
{
|
||||
use CacheTrait;
|
||||
|
||||
const DEFAULT_CACHE_LIFETIME = 1500;
|
||||
|
||||
/**
|
||||
* @var callable
|
||||
*/
|
||||
private $tokenFunc;
|
||||
|
||||
/**
|
||||
* @var array<string>|string
|
||||
*/
|
||||
private $scopes;
|
||||
|
||||
/**
|
||||
* Creates a new ScopedAccessTokenMiddleware.
|
||||
*
|
||||
* @param callable $tokenFunc a token generator function
|
||||
* @param array<string>|string $scopes the token authentication scopes
|
||||
* @param array<mixed>|null $cacheConfig configuration for the cache when it's present
|
||||
* @param CacheItemPoolInterface|null $cache an implementation of CacheItemPoolInterface
|
||||
*/
|
||||
public function __construct(
|
||||
callable $tokenFunc,
|
||||
$scopes,
|
||||
?array $cacheConfig = null,
|
||||
?CacheItemPoolInterface $cache = null
|
||||
) {
|
||||
$this->tokenFunc = $tokenFunc;
|
||||
if (!(is_string($scopes) || is_array($scopes))) {
|
||||
throw new \InvalidArgumentException(
|
||||
'wants scope should be string or array'
|
||||
);
|
||||
}
|
||||
$this->scopes = $scopes;
|
||||
|
||||
if (!is_null($cache)) {
|
||||
$this->cache = $cache;
|
||||
$this->cacheConfig = array_merge([
|
||||
'lifetime' => self::DEFAULT_CACHE_LIFETIME,
|
||||
'prefix' => '',
|
||||
], $cacheConfig);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the request with an Authorization header when auth is 'scoped'.
|
||||
*
|
||||
* E.g this could be used to authenticate using the AppEngine
|
||||
* AppIdentityService.
|
||||
*
|
||||
* use google\appengine\api\app_identity\AppIdentityService;
|
||||
* use Google\Auth\Middleware\ScopedAccessTokenMiddleware;
|
||||
* use GuzzleHttp\Client;
|
||||
* use GuzzleHttp\HandlerStack;
|
||||
*
|
||||
* $scope = 'https://www.googleapis.com/auth/taskqueue'
|
||||
* $middleware = new ScopedAccessTokenMiddleware(
|
||||
* 'AppIdentityService::getAccessToken',
|
||||
* $scope,
|
||||
* [ 'prefix' => 'Google\Auth\ScopedAccessToken::' ],
|
||||
* $cache = new Memcache()
|
||||
* );
|
||||
* $stack = HandlerStack::create();
|
||||
* $stack->push($middleware);
|
||||
*
|
||||
* $client = new Client([
|
||||
* 'handler' => $stack,
|
||||
* 'base_url' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/',
|
||||
* 'auth' => 'scoped' // authorize all requests
|
||||
* ]);
|
||||
*
|
||||
* $res = $client->get('myproject/taskqueues/myqueue');
|
||||
*
|
||||
* @param callable $handler
|
||||
* @return \Closure
|
||||
*/
|
||||
public function __invoke(callable $handler)
|
||||
{
|
||||
return function (RequestInterface $request, array $options) use ($handler) {
|
||||
// Requests using "auth"="scoped" will be authorized.
|
||||
if (!isset($options['auth']) || $options['auth'] !== 'scoped') {
|
||||
return $handler($request, $options);
|
||||
}
|
||||
|
||||
$request = $request->withHeader('authorization', 'Bearer ' . $this->fetchToken());
|
||||
|
||||
return $handler($request, $options);
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string
|
||||
*/
|
||||
private function getCacheKey()
|
||||
{
|
||||
$key = null;
|
||||
|
||||
if (is_string($this->scopes)) {
|
||||
$key .= $this->scopes;
|
||||
} elseif (is_array($this->scopes)) {
|
||||
$key .= implode(':', $this->scopes);
|
||||
}
|
||||
|
||||
return $key;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if token is available in the cache, if not call tokenFunc to
|
||||
* fetch it.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
private function fetchToken()
|
||||
{
|
||||
$cacheKey = $this->getCacheKey();
|
||||
$cached = $this->getCachedValue($cacheKey);
|
||||
|
||||
if (!empty($cached)) {
|
||||
return $cached;
|
||||
}
|
||||
|
||||
$token = call_user_func($this->tokenFunc, $this->scopes);
|
||||
$this->setCachedValue($cacheKey, $token);
|
||||
|
||||
return $token;
|
||||
}
|
||||
}
|
||||
92
vendor/google/auth/src/Middleware/SimpleMiddleware.php
vendored
Normal file
92
vendor/google/auth/src/Middleware/SimpleMiddleware.php
vendored
Normal file
@@ -0,0 +1,92 @@
|
||||
<?php
|
||||
/*
|
||||
* Copyright 2015 Google Inc.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
namespace Google\Auth\Middleware;
|
||||
|
||||
use GuzzleHttp\Psr7\Query;
|
||||
use Psr\Http\Message\RequestInterface;
|
||||
|
||||
/**
|
||||
* SimpleMiddleware is a Guzzle Middleware that implements Google's Simple API
|
||||
* access.
|
||||
*
|
||||
* Requests are accessed using the Simple API access developer key.
|
||||
*/
|
||||
class SimpleMiddleware
|
||||
{
|
||||
/**
|
||||
* @var array<mixed>
|
||||
*/
|
||||
private $config;
|
||||
|
||||
/**
|
||||
* Create a new Simple plugin.
|
||||
*
|
||||
* The configuration array expects one option
|
||||
* - key: required, otherwise InvalidArgumentException is thrown
|
||||
*
|
||||
* @param array<mixed> $config Configuration array
|
||||
*/
|
||||
public function __construct(array $config)
|
||||
{
|
||||
if (!isset($config['key'])) {
|
||||
throw new \InvalidArgumentException('requires a key to have been set');
|
||||
}
|
||||
|
||||
$this->config = array_merge(['key' => null], $config);
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the request query with the developer key if auth is set to simple.
|
||||
*
|
||||
* use Google\Auth\Middleware\SimpleMiddleware;
|
||||
* use GuzzleHttp\Client;
|
||||
* use GuzzleHttp\HandlerStack;
|
||||
*
|
||||
* $my_key = 'is not the same as yours';
|
||||
* $middleware = new SimpleMiddleware(['key' => $my_key]);
|
||||
* $stack = HandlerStack::create();
|
||||
* $stack->push($middleware);
|
||||
*
|
||||
* $client = new Client([
|
||||
* 'handler' => $stack,
|
||||
* 'base_uri' => 'https://www.googleapis.com/discovery/v1/',
|
||||
* 'auth' => 'simple'
|
||||
* ]);
|
||||
*
|
||||
* $res = $client->get('drive/v2/rest');
|
||||
*
|
||||
* @param callable $handler
|
||||
* @return \Closure
|
||||
*/
|
||||
public function __invoke(callable $handler)
|
||||
{
|
||||
return function (RequestInterface $request, array $options) use ($handler) {
|
||||
// Requests using "auth"="scoped" will be authorized.
|
||||
if (!isset($options['auth']) || $options['auth'] !== 'simple') {
|
||||
return $handler($request, $options);
|
||||
}
|
||||
|
||||
$query = Query::parse($request->getUri()->getQuery());
|
||||
$params = array_merge($query, $this->config);
|
||||
$uri = $request->getUri()->withQuery(Query::build($params));
|
||||
$request = $request->withUri($uri);
|
||||
|
||||
return $handler($request, $options);
|
||||
};
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user