private function createApplicationDefaultCredentials() { $scopes = $this->prepareScopes(); $sub = $this->config->get('subject'); $signingKey = $this->config->get('signing_key'); // create credentials using values supplied in setAuthConfig if ($signingKey) { $serviceAccountCredentials = array('client_id' => $this->config->get('client_id'), 'client_email' => $this->config->get('client_email'), 'private_key' => $signingKey, 'type' => 'service_account'); $keyStream = Stream::factory(json_encode($serviceAccountCredentials)); $credentials = CredentialsLoader::makeCredentials($scopes, $keyStream); } else { $credentials = ApplicationDefaultCredentials::getCredentials($scopes); } // for service account domain-wide authority (impersonating a user) // @see https://developers.google.com/identity/protocols/OAuth2ServiceAccount if ($sub) { if (!$credentials instanceof ServiceAccountCredentials) { throw new DomainException('domain-wide authority requires service account credentials'); } $credentials->setSub($sub); } return $credentials; }
protected function createDefaultAuthHttpClient($http = null) { $options = ['base_url' => $this->config->get('base_path'), 'defaults' => ['exceptions' => true, 'verify' => $http ? $http->getDefaultOption('verify') : true, 'proxy' => $http ? $http->getDefaultOption('proxy') : null]]; return new Client($options); }