Merge branch 'main' into fix-release-job

Author: bshaffer

.github/conventional-commit-lint.yaml

@@ -0,0 +1,2 @@
+always_check_pr_title: true
+

.github/workflows/asset-release.yml

@@ -21,7 +21,7 @@ jobs:
         strategy:
             matrix:
                 operating-system: [ ubuntu-latest ]
-                php: [ "8.0", "8.3" ]
+                php: [ "8.1", "8.3" ]
 
         name: Upload Release Assets
         steps:

.github/workflows/tests.yml

@@ -11,10 +11,10 @@ jobs:
         strategy:
             fail-fast: false
             matrix:
-                php: [ "8.0", "8.1", "8.2", "8.3", "8.4" ]
+                php: [ "8.1", "8.2", "8.3", "8.4" ]
                 composer-flags: [""]
                 include:
-                  - php: "8.0"
+                  - php: "8.1"
                     composer-flags: "--prefer-lowest "
                   - php: "8.4"
                     composer-flags: "--prefer-lowest "

CHANGELOG.md

@@ -1,5 +1,19 @@
 # Changelog
 
+## [2.18.4](https://github.com/googleapis/google-api-php-client/compare/v2.18.3...v2.18.4) (2025-09-29)
+
+
+### Bug Fixes
+
+* Ensure credentials can be of type FetchAuthTokenInterface ([#2684](https://github.com/googleapis/google-api-php-client/issues/2684)) ([ed70802](https://github.com/googleapis/google-api-php-client/commit/ed70802cc4886ef1f513a2c0b56a8a972db5e7ab))
+
+## [2.18.3](https://github.com/googleapis/google-api-php-client/compare/v2.18.2...v2.18.3) (2025-04-08)
+
+
+### Bug Fixes
+
+* Convert Finder lazy iterator to array before deletion ([#2663](https://github.com/googleapis/google-api-php-client/issues/2663)) ([c699405](https://github.com/googleapis/google-api-php-client/commit/c6994051af1568359c97d267d9ef34ccbda31387))
+
 ## [2.18.2](https://github.com/googleapis/google-api-php-client/compare/v2.18.1...v2.18.2) (2024-12-16)
 
 

composer.json

@@ -6,7 +6,7 @@
     "homepage": "http://developers.google.com/api-client-library/php",
     "license": "Apache-2.0",
     "require": {
-        "php": "^8.0",
+        "php": "^8.1",
         "google/auth": "^1.37",
         "google/apiclient-services": "~0.350",
         "firebase/php-jwt": "^6.0",

docs/oauth-web.md

@@ -258,10 +258,10 @@ After completing the OAuth 2.0 flow, you should be redirected to `http://localho
 
 After the web server receives the authorization code, it can exchange the authorization code for an access token.
 
-To exchange an authorization code for an access token, use the `authenticate` method:
+To exchange an authorization code for an access token, use the `fetchAccessTokenWithAuthCode` method:
 
 ```php
-$client->authenticate($_GET['code']);
+$client->fetchAccessTokenWithAuthCode($_GET['code']);
 ```
 
 You can retrieve the access token with the `getAccessToken` method:
@@ -353,15 +353,15 @@ require_once __DIR__.'/vendor/autoload.php';
 session_start();
 
 $client = new Google\Client();
-$client->setAuthConfigFile('client_secrets.json');
+$client->setAuthConfig('client_secrets.json');
 $client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . '/oauth2callback.php');
 $client->addScope(Google\Service\Drive::DRIVE_METADATA_READONLY);
 
 if (! isset($_GET['code'])) {
   $auth_url = $client->createAuthUrl();
   header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
 } else {
-  $client->authenticate($_GET['code']);
+  $client->fetchAccessTokenWithAuthCode($_GET['code']);
   $_SESSION['access_token'] = $client->getAccessToken();
   $redirect_uri = 'http://' . $_SERVER['HTTP_HOST'] . '/';
   header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
@@ -421,4 +421,4 @@ $client->revokeToken();
 
 **Note:** Following a successful revocation response, it might take some time before the revocation has full effect.
 
-Except as otherwise noted, the content of this page is licensed under the [Creative Commons Attribution 4.0 License](https://creativecommons.org/licenses/by/4.0/), and code samples are licensed under the [Apache 2.0 License](https://www.apache.org/licenses/LICENSE-2.0). For details, see our [Site Policies](https://developers.google.com/terms/site-policies). Java is a registered trademark of Oracle and/or its affiliates.
+Except as otherwise noted, the content of this page is licensed under the [Creative Commons Attribution 4.0 License](https://creativecommons.org/licenses/by/4.0/), and code samples are licensed under the [Apache 2.0 License](https://www.apache.org/licenses/LICENSE-2.0). For details, see our [Site Policies](https://developers.google.com/terms/site-policies). Java is a registered trademark of Oracle and/or its affiliates.

src/AuthHandler/Guzzle6AuthHandler.php

@@ -2,8 +2,8 @@
 
 namespace Google\AuthHandler;
 
-use Google\Auth\CredentialsLoader;
 use Google\Auth\FetchAuthTokenCache;
+use Google\Auth\FetchAuthTokenInterface;
 use Google\Auth\HttpHandler\HttpHandlerFactory;
 use Google\Auth\Middleware\AuthTokenMiddleware;
 use Google\Auth\Middleware\ScopedAccessTokenMiddleware;
@@ -28,7 +28,7 @@ public function __construct(?CacheItemPoolInterface $cache = null, array $cacheC
 
     public function attachCredentials(
         ClientInterface $http,
-        CredentialsLoader $credentials,
+        FetchAuthTokenInterface $credentials,
         ?callable $tokenCallback = null
     ) {
         // use the provided cache
@@ -40,13 +40,21 @@ public function attachCredentials(
             );
         }
 
-        return $this->attachCredentialsCache($http, $credentials, $tokenCallback);
+        return $this->attachToHttp($http, $credentials, $tokenCallback);
     }
 
     public function attachCredentialsCache(
         ClientInterface $http,
         FetchAuthTokenCache $credentials,
         ?callable $tokenCallback = null
+    ) {
+        return $this->attachToHttp($http, $credentials, $tokenCallback);
+    }
+
+    private function attachToHttp(
+        ClientInterface $http,
+        FetchAuthTokenInterface $credentials,
+        ?callable $tokenCallback = null
     ) {
         // if we end up needing to make an HTTP request to retrieve credentials, we
         // can use our existing one, but we need to throw exceptions so the error
@@ -63,9 +71,7 @@ public function attachCredentialsCache(
         $config['handler']->remove('google_auth');
         $config['handler']->push($middleware, 'google_auth');
         $config['auth'] = 'google_auth';
-        $http = new Client($config);
-
-        return $http;
+        return new Client($config);
     }
 
     public function attachToken(ClientInterface $http, array $token, array $scopes)

src/Client.php

@@ -27,6 +27,7 @@
 use Google\Auth\Credentials\UserRefreshCredentials;
 use Google\Auth\CredentialsLoader;
 use Google\Auth\FetchAuthTokenCache;
+use Google\Auth\FetchAuthTokenInterface;
 use Google\Auth\GetUniverseDomainInterface;
 use Google\Auth\HttpHandler\HttpHandlerFactory;
 use Google\Auth\OAuth2;
@@ -90,7 +91,7 @@ class Client
     private $logger;
 
     /**
-     * @var ?CredentialsLoader $credentials
+     * @var ?FetchAuthTokenInterface $credentials
      */
     private $credentials;
 
@@ -118,10 +119,10 @@ class Client
      *           Your Google Cloud client ID found in https://developers.google.com/console
      *     @type string $client_secret
      *           Your Google Cloud client secret found in https://developers.google.com/console
-     *     @type string|array|CredentialsLoader $credentials
+     *     @type string|array|FetchAuthTokenInterface $credentials
      *           Can be a path to JSON credentials or an array representing those
      *           credentials (@see Google\Client::setAuthConfig), or an instance of
-     *           {@see CredentialsLoader}.
+     *           {@see FetchAuthTokenInterface}.
      *     @type string|array $scopes
      *           {@see Google\Client::setScopes}
      *     @type string $quota_project
@@ -213,7 +214,7 @@ public function __construct(array $config = [])
         ], $config);
 
         if (!is_null($this->config['credentials'])) {
-            if ($this->config['credentials'] instanceof CredentialsLoader) {
+            if ($this->config['credentials'] instanceof FetchAuthTokenInterface) {
                 $this->credentials = $this->config['credentials'];
             } else {
                 $this->setAuthConfig($this->config['credentials']);
@@ -460,7 +461,8 @@ public function authorize(?ClientInterface $http = null)
         $authHandler = $this->getAuthHandler();
 
         // These conditionals represent the decision tree for authentication
-        //   1.  Check if a Google\Auth\CredentialsLoader instance has been supplied via the "credentials" option
+        //   1.  Check if an instance of Google\Auth\FetchAuthTokenInterface has
+        //       been supplied via the "credentials" option
         //   2.  Check for Application Default Credentials
         //   3a. Check for an Access Token
         //   3b. If access token exists but is expired, try to refresh it

src/Task/Composer.php

@@ -34,35 +34,37 @@ public static function cleanup(
     ) {
         $composer = $event->getComposer();
         $extra = $composer->getPackage()->getExtra();
-        $servicesToKeep = isset($extra['google/apiclient-services'])
-            ? $extra['google/apiclient-services']
-            : [];
-        if ($servicesToKeep) {
-            $vendorDir = $composer->getConfig()->get('vendor-dir');
+        $servicesToKeep = $extra['google/apiclient-services'] ?? [];
+        if (empty($servicesToKeep)) {
+            return;
+        }
+        $vendorDir = $composer->getConfig()->get('vendor-dir');
+        $serviceDir = sprintf(
+            '%s/google/apiclient-services/src/Google/Service',
+            $vendorDir
+        );
+        if (!is_dir($serviceDir)) {
+            // path for google/apiclient-services >= 0.200.0
             $serviceDir = sprintf(
-                '%s/google/apiclient-services/src/Google/Service',
+                '%s/google/apiclient-services/src',
                 $vendorDir
             );
-            if (!is_dir($serviceDir)) {
-                // path for google/apiclient-services >= 0.200.0
-                $serviceDir = sprintf(
-                    '%s/google/apiclient-services/src',
-                    $vendorDir
-                );
-            }
-            self::verifyServicesToKeep($serviceDir, $servicesToKeep);
-            $finder = self::getServicesToRemove($serviceDir, $servicesToKeep);
-            $filesystem = $filesystem ?: new Filesystem();
-            if (0 !== $count = count($finder)) {
-                $event->getIO()->write(
-                    sprintf('Removing %s google services', $count)
-                );
-                foreach ($finder as $file) {
-                    $realpath = $file->getRealPath();
-                    $filesystem->remove($realpath);
-                    $filesystem->remove($realpath . '.php');
-                }
-            }
+        }
+        self::verifyServicesToKeep($serviceDir, $servicesToKeep);
+        $finder = self::getServicesToRemove($serviceDir, $servicesToKeep);
+        $filesystem = $filesystem ?: new Filesystem();
+        $servicesToRemoveCount = $finder->count();
+        if (0 === $servicesToRemoveCount) {
+            return;
+        }
+        $event->getIO()->write(
+            sprintf('Removing %d google services', $servicesToRemoveCount)
+        );
+        $pathsToRemove = iterator_to_array($finder);
+        foreach ($pathsToRemove as $pathToRemove) {
+            $realpath = $pathToRemove->getRealPath();
+            $filesystem->remove($realpath);
+            $filesystem->remove($realpath . '.php');
         }
     }
 

tests/Google/ClientTest.php

@@ -24,7 +24,7 @@
 use Google\Service\Drive;
 use Google\AuthHandler\AuthHandlerFactory;
 use Google\Auth\FetchAuthTokenCache;
-use Google\Auth\CredentialsLoader;
+use Google\Auth\FetchAuthTokenInterface;
 use Google\Auth\GCECache;
 use Google\Auth\Credentials\GCECredentials;
 use GuzzleHttp\Client as GuzzleClient;
@@ -40,6 +40,8 @@
 use InvalidArgumentException;
 use Exception;
 use DomainException;
+use Google\Auth\GetUniverseDomainInterface;
+use Google\Auth\UpdateMetadataInterface;
 
 class ClientTest extends BaseTest
 {
@@ -868,10 +870,12 @@ public function testClientOptions()
         $this->assertEquals('some-quota-project', $credentials->getQuotaProject());
     }
 
-    public function testCredentialsOptionWithCredentialsLoader()
+    public function testCredentialsOptionWithFetchAuthTokenInterface()
     {
         $request = null;
-        $credentials = $this->prophesize('Google\Auth\CredentialsLoader');
+        $credentials = $this->prophesize(FetchAuthTokenInterface::class)
+            ->willImplement(GetUniverseDomainInterface::class)
+            ->willImplement(UpdateMetadataInterface::class);
         $credentials->getCacheKey()
             ->willReturn('cache-key');
         $credentials->getUniverseDomain()
@@ -947,7 +951,8 @@ public function testUniverseDomainMismatch()
             'The configured universe domain (example.com) does not match the credential universe domain (foo.com)'
         );
 
-        $credentials = $this->prophesize(CredentialsLoader::class);
+        $credentials = $this->prophesize(FetchAuthTokenInterface::class)
+            ->willImplement(GetUniverseDomainInterface::class);
         $credentials->getUniverseDomain()
             ->shouldBeCalledOnce()
             ->willReturn('foo.com');