private function createApplicationDefaultCredentials()
{
$scopes = $this->prepareScopes();
$sub = $this->config->get('subject');
$signingKey = $this->config->get('signing_key');
// create credentials using values supplied in setAuthConfig
if ($signingKey) {
$serviceAccountCredentials = array('client_id' => $this->config->get('client_id'), 'client_email' => $this->config->get('client_email'), 'private_key' => $signingKey, 'type' => 'service_account');
$keyStream = Stream::factory(json_encode($serviceAccountCredentials));
$credentials = CredentialsLoader::makeCredentials($scopes, $keyStream);
} else {
$credentials = ApplicationDefaultCredentials::getCredentials($scopes);
}
// for service account domain-wide authority (impersonating a user)
// @see https://developers.google.com/identity/protocols/OAuth2ServiceAccount
if ($sub) {
if (!$credentials instanceof ServiceAccountCredentials) {
throw new DomainException('domain-wide authority requires service account credentials');
}
$credentials->setSub($sub);
}
return $credentials;
}
protected function createDefaultAuthHttpClient($http = null)
{
$options = ['base_url' => $this->config->get('base_path'), 'defaults' => ['exceptions' => true, 'verify' => $http ? $http->getDefaultOption('verify') : true, 'proxy' => $http ? $http->getDefaultOption('proxy') : null]];
return new Client($options);
}
