Download the PHP package google/auth without Composer
On this page you can find all versions of the php package google/auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Package auth
Short Description Google Auth Library for PHP
License Apache-2.0
Homepage http://github.com/google/google-auth-library-php
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package auth
Google Auth Library for PHP
- Homepage
- http://www.github.com/google/google-auth-library-php
- Reference Docs
- https://googleapis.github.io/google-auth-library-php/main/
- Authors
- Tim Emiola
- Stanley Cheung
- Brent Shaffer
- Copyright
- Copyright © 2015 Google, Inc.
- License
- Apache 2.0
Description
This is Google's officially supported PHP client library for using OAuth 2.0 authorization and authentication with Google APIs.
Installing via Composer
The recommended way to install the google auth library is through Composer.
Next, run the Composer command to install the latest stable version:
Application Default Credentials
This library provides an implementation of Application Default Credentials (ADC) for PHP.
Application Default Credentials provides a simple way to get authorization credentials for use in calling Google APIs, and is the recommended approach to authorize calls to Cloud APIs.
Set up ADC
To use ADC, you must set it up by providing credentials. How you set up ADC depends on the environment where your code is running, and whether you are running code in a test or production environment.
For more information, see Set up Application Default Credentials.
Enable the API you want to use
Before making your API call, you must be sure the API you're calling has been
enabled. Go to APIs & Auth > APIs in the
Google Developers Console and enable the APIs you'd like to
call. For the example below, you must enable the Drive API.
Call the APIs
As long as you update the environment variable below to point to your JSON credentials file, the following code should output a list of your Drive files.
Guzzle 5 Compatibility
If you are using Guzzle 5, replace the create middleware and
create the HTTP Client steps with the following:
Call using an ID Token
If your application is running behind Cloud Run, or using Cloud Identity-Aware
Proxy (IAP), you will need to fetch an ID token to access your application. For
this, use the static method getIdTokenMiddleware on
ApplicationDefaultCredentials.
For invoking Cloud Run services, your service account will need the
Cloud Run Invoker
IAM permission.
For invoking Cloud Identity-Aware Proxy, you will need to pass the Client ID used when you set up your protected resource as the target audience. See how to secure your IAP app with signed headers.
Call using a specific JSON key
If you want to use a specific JSON key instead of using GOOGLE_APPLICATION_CREDENTIALS environment variable, you can
do this:
Call using Proxy-Authorization Header
If your application is behind a proxy such as Google Cloud IAP,
and your application occupies the Authorization request header,
you can include the ID token in a Proxy-Authorization: Bearer
header instead. If a valid ID token is found in a Proxy-Authorization header,
IAP authorizes the request with it. After authorizing the request, IAP passes
the Authorization header to your application without processing the content.
For this, use the static method getProxyIdTokenMiddleware on
ApplicationDefaultCredentials.
External credentials (Workload identity federation)
Using workload identity federation, your application can access Google Cloud resources from Amazon Web Services (AWS), Microsoft Azure or any identity provider that supports OpenID Connect (OIDC).
Traditionally, applications running outside Google Cloud have used service account keys to access Google Cloud resources. Using identity federation, you can allow your workload to impersonate a service account. This lets you access Google Cloud resources directly, eliminating the maintenance and security burden associated with service account keys.
Follow the detailed instructions on how to Configure Workload Identity Federation.
Verifying JWTs
If you are using Google ID tokens to authenticate users, use
the Google\Auth\AccessToken class to verify the ID token:
If your app is running behind Google Identity-Aware Proxy (IAP), you can verify the ID token coming from the IAP server by pointing to the appropriate certificate URL for IAP. This is because IAP signs the ID tokens with a different key than the Google Identity service:
License
This library is licensed under Apache 2.0. Full license text is available in COPYING.
Contributing
See CONTRIBUTING.
Support
Please report bugs at the project on Github. Don't hesitate to ask questions about the client or APIs on StackOverflow.
All versions of auth with dependencies
firebase/php-jwt Version ^6.0
guzzlehttp/guzzle Version ^6.5.8||^7.4.5
guzzlehttp/psr7 Version ^2.4.5
psr/http-message Version ^1.1||^2.0
psr/cache Version ^1.0||^2.0||^3.0