1<?php 2/* 3 * Copyright 2015 Google Inc. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18namespace Google\Auth\Subscriber; 19 20use Google\Auth\FetchAuthTokenInterface; 21use GuzzleHttp\Event\BeforeEvent; 22use GuzzleHttp\Event\RequestEvents; 23use GuzzleHttp\Event\SubscriberInterface; 24 25/** 26 * AuthTokenSubscriber is a Guzzle Subscriber that adds an Authorization header 27 * provided by an object implementing FetchAuthTokenInterface. 28 * 29 * The FetchAuthTokenInterface#fetchAuthToken is used to obtain a hash; one of 30 * the values value in that hash is added as the authorization header. 31 * 32 * Requests will be accessed with the authorization header: 33 * 34 * 'authorization' 'Bearer <value of auth_token>' 35 */ 36class AuthTokenSubscriber implements SubscriberInterface 37{ 38 /** 39 * @var callable 40 */ 41 private $httpHandler; 42 43 /** 44 * @var FetchAuthTokenInterface 45 */ 46 private $fetcher; 47 48 /** 49 * @var callable 50 */ 51 private $tokenCallback; 52 53 /** 54 * Creates a new AuthTokenSubscriber. 55 * 56 * @param FetchAuthTokenInterface $fetcher is used to fetch the auth token 57 * @param callable $httpHandler (optional) http client to fetch the token. 58 * @param callable $tokenCallback (optional) function to be called when a new token is fetched. 59 */ 60 public function __construct( 61 FetchAuthTokenInterface $fetcher, 62 callable $httpHandler = null, 63 callable $tokenCallback = null 64 ) { 65 $this->fetcher = $fetcher; 66 $this->httpHandler = $httpHandler; 67 $this->tokenCallback = $tokenCallback; 68 } 69 70 /** 71 * @return array 72 */ 73 public function getEvents() 74 { 75 return ['before' => ['onBefore', RequestEvents::SIGN_REQUEST]]; 76 } 77 78 /** 79 * Updates the request with an Authorization header when auth is 'fetched_auth_token'. 80 * 81 * use GuzzleHttp\Client; 82 * use Google\Auth\OAuth2; 83 * use Google\Auth\Subscriber\AuthTokenSubscriber; 84 * 85 * $config = [..<oauth config param>.]; 86 * $oauth2 = new OAuth2($config) 87 * $subscriber = new AuthTokenSubscriber($oauth2); 88 * 89 * $client = new Client([ 90 * 'base_url' => 'https://www.googleapis.com/taskqueue/v1beta2/projects/', 91 * 'defaults' => ['auth' => 'google_auth'] 92 * ]); 93 * $client->getEmitter()->attach($subscriber); 94 * 95 * $res = $client->get('myproject/taskqueues/myqueue'); 96 * 97 * @param BeforeEvent $event 98 */ 99 public function onBefore(BeforeEvent $event) 100 { 101 // Requests using "auth"="google_auth" will be authorized. 102 $request = $event->getRequest(); 103 if ($request->getConfig()['auth'] != 'google_auth') { 104 return; 105 } 106 107 // Fetch the auth token. 108 $auth_tokens = $this->fetcher->fetchAuthToken($this->httpHandler); 109 if (array_key_exists('access_token', $auth_tokens)) { 110 $request->setHeader('authorization', 'Bearer ' . $auth_tokens['access_token']); 111 112 // notify the callback if applicable 113 if ($this->tokenCallback) { 114 call_user_func($this->tokenCallback, $this->fetcher->getCacheKey(), $auth_tokens['access_token']); 115 } 116 } 117 } 118} 119