Page not found!
Sorry, this page is not available...
| Current Path : /home/thenclexdoctor.com/public_html/vendor/google/cloud-core/src/Testing/System/ |
| Current File : /home/thenclexdoctor.com/public_html/vendor/google/cloud-core/src/Testing/System/KeyManager.php |
<?php
/**
* Copyright 2019 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace Google\Cloud\Core\Testing\System;
use Google\Cloud\Core\Exception\ConflictException;
use Google\Cloud\Core\RequestWrapper;
use GuzzleHttp\Psr7\Request;
/**
* Manage KMS keys used for system tests.
*/
class KeyManager
{
const DEFAULT_LOCATION = 'us-west1';
private $keyFile;
private $serviceAccountEmail;
private $projectId;
private $requestWrapper;
private $location;
public function __construct(array $keyFile, $serviceAccountEmail = null, $projectId = null, $location = null)
{
$this->keyFile = $keyFile;
$this->serviceAccountEmail = $serviceAccountEmail
?: $keyFile['client_email'];
$this->projectId = $projectId
?: $keyFile['project_id'];
$this->setLocation($location ?: self::DEFAULT_LOCATION);
$this->requestWrapper = new RequestWrapper([
'keyFile' => $this->keyFile,
'scopes' => ['https://www.googleapis.com/auth/cloud-platform']
]);
}
/**
* Set the service account email used for IAM management.
*
* @param string $serviceAccountEmail
*/
public function setServiceAccountEmail($serviceAccountEmail)
{
$this->serviceAccountEmail = $serviceAccountEmail;
}
/**
* Set keyring location.
*
* Location name may be in upper or lower case.
*
* @param string $location
*/
public function setLocation($location)
{
$this->location = strtolower($location);
}
/**
* Get the project data.
*
* @param string $projectId [optional] If not provided, uses ID given in
* constructor or keyfile.
* @return array
*/
public function getProject($projectId = null)
{
$projectId = $projectId ?: $this->projectId;
$uri = 'https://cloudresourcemanager.googleapis.com/v1/projects/%s';
$res = $this->requestWrapper->send(
new Request(
'GET',
sprintf($uri, $projectId)
)
);
return json_decode($res->getBody(), true);
}
/**
* A helper to get KMS keys and set correct permissions.
*
* @param string $keyRingId
* @param string[] $keyIds
* @return array
*/
public function getKeyNames($keyRingId, array $keyIds)
{
$keyNames = [];
$this->buildKeyRing($keyRingId);
foreach ($keyIds as $keyId) {
$keyNames[] = $this->getCryptoKeyName(
$keyRingId,
$keyId
);
}
return $keyNames;
}
/**
* @param string $keyRingId
*/
private function buildKeyRing($keyRingId)
{
try {
$this->requestWrapper->send(
new Request(
'POST',
sprintf(
'https://cloudkms.googleapis.com/v1/projects/%s/locations/%s/keyRings?keyRingId=%s',
$this->projectId,
$this->location,
$keyRingId
)
)
);
} catch (ConflictException $ex) {
// If it already exists, great!
}
}
/**
* @param string $keyRingId
* @param string $cryptoKeyId
* @return string
*/
private function getCryptoKeyName(
$keyRingId,
$cryptoKeyId
) {
$name = null;
try {
$uri = 'https://cloudkms.googleapis.com/v1/projects/%s/locations/%s/keyRings/%s/cryptoKeys?cryptoKeyId=%s';
$response = $this->requestWrapper->send(
new Request(
'POST',
sprintf(
$uri,
$this->projectId,
$this->location,
$keyRingId,
$cryptoKeyId
),
[],
json_encode(['purpose' => 'ENCRYPT_DECRYPT'])
)
);
$name = json_decode((string) $response->getBody(), true)['name'];
} catch (ConflictException $ex) {
$name = sprintf(
'projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s' ,
$this->projectId,
$this->location,
$keyRingId,
$cryptoKeyId
);
}
$policy = [
'policy' => [
'bindings' => [
[
'role' => 'roles/cloudkms.cryptoKeyEncrypterDecrypter',
'members' => [
"serviceAccount:" . $this->serviceAccountEmail
]
]
]
]
];
$uri = 'https://cloudkms.googleapis.com/v1/projects/%s/locations/' .
'%s/keyRings/%s/cryptoKeys/%s:setIamPolicy';
$this->requestWrapper->send(
new Request(
'POST',
sprintf(
$uri,
$this->projectId,
$this->location,
$keyRingId,
$cryptoKeyId
),
[],
json_encode($policy)
)
);
return $name;
}
}
Sorry, this page is not available...