public function validateEntity($entity, $prevConfig = null)
{
parent::validateEntity($entity, $prevConfig);
$ccProps = $entity->properties;
$prevCcProps = isset($prevConfig) ? $prevConfig->properties : null;
if ($this->needValidation($ccProps, $prevCcProps)) {
$ccProps[Entity\CloudCredentialsProperty::GCE_ACCESS_TOKEN] = "";
try {
$client = new \Google_Client();
$client->setApplicationName("Scalr GCE");
$client->setScopes(['https://www.googleapis.com/auth/compute']);
$key = base64_decode($ccProps[Entity\CloudCredentialsProperty::GCE_KEY]);
// If it's not a json key we need to convert PKCS12 to PEM
if (!$ccProps[Entity\CloudCredentialsProperty::GCE_JSON_KEY]) {
@openssl_pkcs12_read($key, $certs, 'notasecret');
$key = $certs['pkey'];
}
$client->setAuthConfig(['type' => 'service_account', 'project_id' => $ccProps[Entity\CloudCredentialsProperty::GCE_PROJECT_ID], 'private_key' => $key, 'client_email' => $ccProps[Entity\CloudCredentialsProperty::GCE_SERVICE_ACCOUNT_NAME], 'client_id' => $ccProps[Entity\CloudCredentialsProperty::GCE_CLIENT_ID]]);
$client->setClientId($ccProps[Entity\CloudCredentialsProperty::GCE_CLIENT_ID]);
$gce = new \Google_Service_Compute($client);
$gce->zones->listZones($ccProps[Entity\CloudCredentialsProperty::GCE_PROJECT_ID]);
} catch (Exception $e) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_VALUE, "Provided GCE credentials are incorrect: ({$e->getMessage()})");
}
$entity->status = Entity\CloudCredentials::STATUS_ENABLED;
}
}