php-docs-samples/iap at master · s5treak/php-docs-samples · GitHub
Skip to content

Latest commit

 

History

History
 
 

Folders and files

README.md

Google Cloud Identity Aware Proxy Samples

Open in Cloud Shell

These samples show how to use the Google Cloud Identity Aware Proxy. Cloud Identity-Aware Proxy (Cloud IAP) controls access to your cloud applications running on Google Cloud Platform. Cloud IAP works by verifying a user’s identity and determining if that user should be allowed to access the application.

If this is your first time using the Google Cloud Identity Aware Proxy, try out our quickstart tutorial.

Visit the Programmatic authentication and Securing your app with signed headers tutorials to learn more about how these code samples work.

You can also learn more by reading the Cloud IAP conceptual overview.

Setup

  1. Deploy this basic web application to App Engine.
  2. Once the application is deployed, enable Cloud IAP for it using the Enabling Cloud IAP section of this tutorial.
  3. Create a service account that you will later use to access your Cloud IAP protected site. Give it the role of 'Project > Owner' and check the box for 'Furnish a new private key'.
  4. Save the service account key you created in the previous step to your local computer.
  5. Grant your service account access to your Cloud IAP application.
  6. Visit the Cloud IAP admin page and click the ellipses button on the same row as 'App Engine app'. Click 'Edit OAuth Client' and note the Client ID.
  7. Install dependencies via Composer. Run php composer.phar install (if composer is installed locally) or composer install (if composer is installed globally).

Samples

To run the Cloud Identity Aware Proxy Samples:

$ php iap.php
Cloud Identity Aware Proxy

Usage:
  command [options] [arguments]

Options:
  -h, --help            Display this help message
  -q, --quiet           Do not output any message
  -V, --version         Display this application version
      --ansi            Force ANSI output
      --no-ansi         Disable ANSI output
  -n, --no-interaction  Do not ask any interactive question
  -v|vv|vvv, --verbose  Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug

Available commands:
  request    Make a request to an IAP-protected resource using a service account.
  validate   Make a request to an IAP-protected resource using a service account and then validate the JWT.

Run Request

To run the Request sample:

$ php iap.php request [YOUR_CLOUD_IAP_URL] [YOUR_CLIENT_ID] [PATH_TO_YOUR_SERVICE_ACCOUNT]

Run Validate

To run the Analyze Sentiment sample:

$ php iap.php validate [YOUR_CLOUD_IAP_URL] [YOUR_CLIENT_ID] [PATH_TO_YOUR_SERVICE_ACCOUNT] [YOUR_PROJECT_NUMBER] [YOUR_PROJECT_ID]