/**
  * @param array $headers The HTTP request headers
  * to be set and normalized.
  */
 public function setRequestHeaders($headers)
 {
     $headers = GoogleGAL_Utils::normalize($headers);
     if ($this->requestHeaders) {
         $headers = array_merge($this->requestHeaders, $headers);
     }
     $this->requestHeaders = $headers;
 }
示例#2
0
 /**
  * Initialize this object's properties from an array.
  *
  * @param array $array Used to seed this object's properties.
  * @return void
  */
 protected function mapTypes($array)
 {
     // Hard initilise simple types, lazy load more complex ones.
     foreach ($array as $key => $val) {
         if (!property_exists($this, $this->keyType($key)) && property_exists($this, $key)) {
             $this->{$key} = $val;
             unset($array[$key]);
         } elseif (property_exists($this, $camelKey = GoogleGAL_Utils::camelCase($key))) {
             // This checks if property exists as camelCase, leaving it in array as snake_case
             // in case of backwards compatibility issues.
             $this->{$camelKey} = $val;
         }
     }
     $this->modelData = $array;
 }
 /**
  * Creates a signed JWT.
  * @param array $payload
  * @return string The signed JWT.
  */
 private function makeSignedJwt($payload)
 {
     $header = array('typ' => 'JWT', 'alg' => 'RS256');
     $payload = json_encode($payload);
     // Handle some overzealous escaping in PHP json that seemed to cause some errors
     // with claimsets.
     $payload = str_replace('\\/', '/', $payload);
     $segments = array(GoogleGAL_Utils::urlSafeB64Encode(json_encode($header)), GoogleGAL_Utils::urlSafeB64Encode($payload));
     $signingInput = implode('.', $segments);
     $signer = new GoogleGAL_Signer_P12($this->privateKey, $this->privateKeyPassword);
     $signature = $signer->sign($signingInput);
     $segments[] = GoogleGAL_Utils::urlSafeB64Encode($signature);
     return implode(".", $segments);
 }
 private function getResumeUri()
 {
     $result = null;
     $body = $this->request->getPostBody();
     if ($body) {
         $headers = array('content-type' => 'application/json; charset=UTF-8', 'content-length' => GoogleGAL_Utils::getStrLen($body), 'x-upload-content-type' => $this->mimeType, 'x-upload-content-length' => $this->size, 'expect' => '');
         $this->request->setRequestHeaders($headers);
     }
     $response = $this->client->getIo()->makeRequest($this->request);
     $location = $response->getResponseHeader('location');
     $code = $response->getResponseHttpCode();
     if (200 == $code && true == $location) {
         return $location;
     }
     $message = $code;
     $body = @json_decode($response->getResponseBody());
     if (!empty($body->error->errors)) {
         $message .= ': ';
         foreach ($body->error->errors as $error) {
             $message .= "{$error->domain}, {$error->message};";
         }
         $message = rtrim($message, ';');
     }
     $error = "Failed to start the resumable upload (HTTP {$message})";
     $this->client->getLogger()->error($error);
     throw new GoogleGAL_Exception($error);
 }
示例#5
0
 /**
  * Verifies the id token, returns the verified token contents.
  *
  * @param $jwt the token
  * @param $certs array of certificates
  * @param $required_audience the expected consumer of the token
  * @param [$issuer] the expected issues, defaults to Google
  * @param [$max_expiry] the max lifetime of a token, defaults to MAX_TOKEN_LIFETIME_SECS
  * @return token information if valid, false if not
  */
 public function verifySignedJwtWithCerts($jwt, $certs, $required_audience, $issuer = null, $max_expiry = null)
 {
     if (!$max_expiry) {
         // Set the maximum time we will accept a token for.
         $max_expiry = self::MAX_TOKEN_LIFETIME_SECS;
     }
     $segments = explode(".", $jwt);
     if (count($segments) != 3) {
         throw new GoogleGAL_Auth_Exception("Wrong number of segments in token: {$jwt}");
     }
     $signed = $segments[0] . "." . $segments[1];
     $signature = GoogleGAL_Utils::urlSafeB64Decode($segments[2]);
     // Parse envelope.
     $envelope = json_decode(GoogleGAL_Utils::urlSafeB64Decode($segments[0]), true);
     if (!$envelope) {
         throw new GoogleGAL_Auth_Exception("Can't parse token envelope: " . $segments[0]);
     }
     // Parse token
     $json_body = GoogleGAL_Utils::urlSafeB64Decode($segments[1]);
     $payload = json_decode($json_body, true);
     if (!$payload) {
         throw new GoogleGAL_Auth_Exception("Can't parse token payload: " . $segments[1]);
     }
     // Check signature
     $verified = false;
     foreach ($certs as $keyName => $pem) {
         $public_key = new GoogleGAL_Verifier_Pem($pem);
         if ($public_key->verify($signed, $signature)) {
             $verified = true;
             break;
         }
     }
     if (!$verified) {
         throw new GoogleGAL_Auth_Exception("Invalid token signature: {$jwt}");
     }
     // Check issued-at timestamp
     $iat = 0;
     if (array_key_exists("iat", $payload)) {
         $iat = $payload["iat"];
     }
     if (!$iat) {
         throw new GoogleGAL_Auth_Exception("No issue time in token: {$json_body}");
     }
     $earliest = $iat - self::CLOCK_SKEW_SECS;
     // Check expiration timestamp
     $now = time();
     $exp = 0;
     if (array_key_exists("exp", $payload)) {
         $exp = $payload["exp"];
     }
     if (!$exp) {
         throw new GoogleGAL_Auth_Exception("No expiration time in token: {$json_body}");
     }
     if ($exp >= $now + $max_expiry) {
         throw new GoogleGAL_Auth_Exception(sprintf("Expiration time too far in future: %s", $json_body));
     }
     $latest = $exp + self::CLOCK_SKEW_SECS;
     if ($now < $earliest) {
         throw new GoogleGAL_Auth_Exception(sprintf("Token used too early, %s < %s: %s", $now, $earliest, $json_body));
     }
     if ($now > $latest) {
         throw new GoogleGAL_Auth_Exception(sprintf("Token used too late, %s > %s: %s", $now, $latest, $json_body));
     }
     $iss = $payload['iss'];
     if ($issuer && $iss != $issuer) {
         throw new GoogleGAL_Auth_Exception(sprintf("Invalid issuer, %s != %s: %s", $iss, $issuer, $json_body));
     }
     // Check audience
     $aud = $payload["aud"];
     if ($aud != $required_audience) {
         throw new GoogleGAL_Auth_Exception(sprintf("Wrong recipient, %s != %s:", $aud, $required_audience, $json_body));
     }
     // All good.
     return new GoogleGAL_Auth_LoginTicket($envelope, $payload);
 }
 private function getResumeUri()
 {
     $result = null;
     $body = $this->request->getPostBody();
     if ($body) {
         $headers = array('content-type' => 'application/json; charset=UTF-8', 'content-length' => GoogleGAL_Utils::getStrLen($body), 'x-upload-content-type' => $this->mimeType, 'x-upload-content-length' => $this->size, 'expect' => '');
         $this->request->setRequestHeaders($headers);
     }
     $response = $this->client->getIo()->makeRequest($this->request);
     $location = $response->getResponseHeader('location');
     $code = $response->getResponseHttpCode();
     if (200 == $code && true == $location) {
         return $location;
     }
     throw new GoogleGAL_Exception("Failed to start the resumable upload");
 }