Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: allow credentials object #2153

Merged
merged 3 commits into from
Nov 30, 2021
Merged

feat: allow credentials object #2153

merged 3 commits into from
Nov 30, 2021

Conversation

bshaffer
Copy link
Contributor

@bshaffer bshaffer commented Nov 14, 2021
edited
Loading

Allows for a Google\Auth\CredentialsLoader instance to be passed into the constructor of Google\Client using the credentials option, which currently exists but only supports an array or string.

$client = new Google\Client([
    'credentials' => new AnonymousCredentials()
]);

This also solves #2142, which provides a way to enable self-signed JWT, but in a more general (and useful) way.

$scope = 'https://www.googleapis.com/auth/cloud-platform';
$jsonKey = json_decode(file_get_contents('./path/to/key.json'), true);
$credentials = Google\Auth\ApplicationDefaultCredentials::makeCredentials([
    'scope' => $scope,
    'jsonKey' => $jsonKey,
]);

// Enable self-signed JWT
$credentials->useJwtAccessWithScope();

$service = new Google\Service\BigQuery([
    'credentials' => $credentials
]);

@bshaffer bshaffer requested a review from a team as a code owner November 14, 2021 23:08
@google-cla google-cla bot added the cla: yes This human has signed the Contributor License Agreement. label Nov 14, 2021
tmatsuo
tmatsuo reviewed Nov 16, 2021
View reviewed changes
Copy link

@tmatsuo tmatsuo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With this change, new user code can pass a CredentialLoader.

What happens if you use the new user code with an old client library? My guess is the user will get a confusing, non actionable message (I may be wrong).

@bshaffer
Copy link
Contributor Author

What happens if you use the new user code with an old client library? My guess is the user will get a confusing, non actionable message (I may be wrong).

Unfortunately, you're correct... a user would get an error like "Cannot use object Google\Auth\Credentials\ServiceAccountCredentials as array".

I don't see this as a blocker for two reasons: 1. we have the options documented for what's accepted, and 2) in the user guide where we're using this feature (configuring Self-Signed JWTs), we explicitly state that they will need to upgrade to v2.12 of this library to use the feature.

@tmatsuo
Copy link

tmatsuo commented Nov 29, 2021

@bshaffer I was wondering if there's a better way for handling this change, but... maybe the benefit outweighs the negatives.

@bshaffer
Copy link
Contributor Author

@tmatsuo we could certainly use a different option... something like credentialsLoader. That could potentially work better... the reason I went with this method is just that the term "credentials" is used to mean the CredentialsLoader object in our google/cloud library, so I was trying to stay consistent

@bshaffer bshaffer merged commit c9995b7 into master Nov 30, 2021
@bshaffer bshaffer deleted the allow-credentials-object branch November 30, 2021 20:41
@bshaffer bshaffer mentioned this pull request Nov 30, 2021
Merged
@stephanvierkant stephanvierkant mentioned this pull request Dec 1, 2021
Closed
@realtebo
Copy link

realtebo commented Dec 2, 2021

what is the last version without this issue?

@bshaffer
Copy link
Contributor Author

bshaffer commented Dec 2, 2021

@realtebo try v2.12.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@noahdietz noahdietz noahdietz approved these changes

@tmatsuo tmatsuo tmatsuo approved these changes

Assignees
No one assigned
Labels
cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@bshaffer @tmatsuo @realtebo @noahdietz