def test_get_application_default_credential_from_malformed_file_2(self):
credentials_file = datafile(os.path.join("gcloud", "application_default_credentials_malformed_2.json"))
# we can't use self.assertRaisesRegexp() because it is only in Python 2.7+
try:
_get_application_default_credential_from_file(credentials_file)
self.fail("An exception was expected!")
except ApplicationDefaultCredentialsError as error:
self.assertEqual("The following field(s) must be defined: private_key_id", str(error))
def test_get_application_default_credential_from_malformed_file_2(self):
credentials_file = datafile(
os.path.join('gcloud',
'application_default_credentials_malformed_2.json'))
# we can't use self.assertRaisesRegexp() because it is only in Python 2.7+
try:
_get_application_default_credential_from_file(credentials_file)
self.fail('An exception was expected!')
except ApplicationDefaultCredentialsError as error:
self.assertEqual('The following field(s) must be defined: private_key_id',
str(error))
def test_get_application_default_credential_from_malformed_file_2(self):
credentials_file = datafile(
os.path.join('gcloud',
'application_default_credentials_malformed_2.json'))
# we can't use self.assertRaisesRegexp() because it is only in Python 2.7+
try:
_get_application_default_credential_from_file(credentials_file)
self.fail('An exception was expected!')
except InvalidCredentialModelError as error:
self.assertEqual('The following field(s) must be defined: private_key_id',
str(error))
def test_get_application_default_credential_from_malformed_file_1(self):
credentials_file = datafile(os.path.join("gcloud", "application_default_credentials_malformed_1.json"))
# we can't use self.assertRaisesRegexp() because it is only in Python 2.7+
try:
_get_application_default_credential_from_file(credentials_file)
self.fail("An exception was expected!")
except ApplicationDefaultCredentialsError as error:
self.assertEqual(
"'type' field should be defined "
"(and have one of the '" + AUTHORIZED_USER + "' or '" + SERVICE_ACCOUNT + "' values)",
str(error),
)
def test_get_application_default_credential_from_malformed_file_1(self):
credentials_file = datafile(
os.path.join('gcloud',
'application_default_credentials_malformed_1.json'))
# we can't use self.assertRaisesRegexp() because it is only in Python 2.7+
try:
_get_application_default_credential_from_file(credentials_file)
self.fail('An exception was expected!')
except InvalidCredentialModelError as error:
self.assertEqual('\'type\' field should be defined (and have one of ' +
'the \'' + GoogleCredentialsJson.TYPE_AUTHORIZED_USER +
'\' or \'' + GoogleCredentialsJson.TYPE_SERVICE_ACCOUNT +
'\' values)', str(error))
def test_get_application_default_credential_from_malformed_file_1(self):
credentials_file = datafile(
os.path.join('gcloud',
'application_default_credentials_malformed_1.json'))
# we can't use self.assertRaisesRegexp() because it is only in Python 2.7+
try:
_get_application_default_credential_from_file(credentials_file)
self.fail('An exception was expected!')
except ApplicationDefaultCredentialsError as error:
self.assertEqual("'type' field should be defined "
"(and have one of the '" + AUTHORIZED_USER +
"' or '" + SERVICE_ACCOUNT + "' values)",
str(error))
def get_for_service_account_json(json_credentials_path, scope=None):
"""Gets the credentials for a service account with JSON key.
:type json_credentials_path: string
:param json_credentials_path: The path to a private key file (this file was
given to you when you created the service
account). This file must contain a JSON
object with a private key and other
credentials information (downloaded from the
Google APIs console).
:type scope: string or tuple of string
:param scope: The scope against which to authenticate. (Different services
require different scopes, check the documentation for which
scope is required for the different levels of access to any
particular API.)
:rtype: :class:`oauth2client.client.GoogleCredentials`,
:class:`oauth2client.service_account._ServiceAccountCredentials`
:returns: New service account or Google (for a user JSON key file)
credentials object.
"""
credentials = _get_application_default_credential_from_file(
json_credentials_path)
if scope is not None:
credentials = credentials.create_scoped(scope)
return credentials
def test_get_application_default_credential_from_file_authorized_user(self):
credentials_file = datafile(
os.path.join('gcloud',
'application_default_credentials_authorized_user.json'))
credentials = _get_application_default_credential_from_file(
credentials_file)
self.validate_google_credentials(credentials)
def from_service_account_json(cls, json_credentials_path, project_id=None,
read_only=False, admin=False):
"""Factory to retrieve JSON credentials while creating client object.
:type json_credentials_path: str
:param json_credentials_path: The path to a private key file (this file
was given to you when you created the
service account). This file must contain
a JSON object with a private key and
other credentials information (downloaded
from the Google APIs console).
:type project_id: str
:param project_id: The ID of the project which owns the clusters,
tables and data. Will be passed to :class:`Client`
constructor.
:type read_only: bool
:param read_only: Boolean indicating if the data scope should be
for reading only (or for writing as well). Will be
passed to :class:`Client` constructor.
:type admin: bool
:param admin: Boolean indicating if the client will be used to
interact with the Cluster Admin or Table Admin APIs. Will
be passed to :class:`Client` constructor.
:rtype: :class:`Client`
:returns: The client created with the retrieved JSON credentials.
"""
credentials = _get_application_default_credential_from_file(
json_credentials_path)
return cls(credentials=credentials, project_id=project_id,
read_only=read_only, admin=admin)
def RevokeCredsInWellKnownFile(brief):
"""Revoke the credentials in ADC's well-known file."""
# pylint:disable=protected-access, refactor as per TODO above
credentials_filename = client._get_well_known_file()
if not os.path.isfile(credentials_filename):
if not brief:
log.status.write(
'\nApplication Default Credentials have not been\n'
'set up by a tool, so nothing was revoked.\n')
return
# We only want to get the credentials from the well-known file, because
# no other credentials can be revoked.
# pylint:disable=protected-access, refactor as per TODO above
creds = client._get_application_default_credential_from_file(
credentials_filename)
if creds.serialization_data['type'] != 'authorized_user':
if not brief:
log.status.write(
'\nThe credentials set up for Application Default Credentials\n'
'through the Google Cloud SDK are service account credentials,\n'
'so they were not revoked.\n')
else:
c_store.RevokeCredentials(creds)
if not brief:
log.status.write(
'\nThe credentials set up for Application Default Credentials\n'
'through the Google Cloud SDK have been revoked.\n')
os.remove(credentials_filename)
if not brief:
log.status.write(
'\nThe file storing the Application Default Credentials\n'
'has been removed.\n')
def test_get_application_default_credential_from_file_authorized_user(self):
credentials_file = datafile(
os.path.join('gcloud',
'application_default_credentials_authorized_user.json'))
credentials = _get_application_default_credential_from_file(
credentials_file)
self.validate_google_credentials(credentials)
def get_for_service_account_json(json_credentials_path, scope=None):
"""Gets the credentials for a service account with JSON key.
:type json_credentials_path: string
:param json_credentials_path: The path to a private key file (this file was
given to you when you created the service
account). This file must contain a JSON
object with a private key and other
credentials information (downloaded from the
Google APIs console).
:type scope: string or tuple of string
:param scope: The scope against which to authenticate. (Different services
require different scopes, check the documentation for which
scope is required for the different levels of access to any
particular API.)
:rtype: :class:`oauth2client.client.GoogleCredentials`,
:class:`oauth2client.service_account._ServiceAccountCredentials`
:returns: New service account or Google (for a user JSON key file)
credentials object.
"""
credentials = _get_application_default_credential_from_file(
json_credentials_path)
if scope is not None:
credentials = credentials.create_scoped(scope)
return credentials
def test_get_application_default_credential_from_file_service_account(
self):
credentials_file = datafile(
os.path.join('gcloud', 'application_default_credentials.json'))
credentials = _get_application_default_credential_from_file(
credentials_file)
self.validate_service_account_credentials(credentials)
def test_save_well_known_file_with_non_existent_config_dir(self):
credential_file = datafile(
os.path.join('gcloud', 'application_default_credentials.json'))
credentials = _get_application_default_credential_from_file(
credential_file)
ORIGINAL_ISDIR = os.path.isdir
try:
os.path.isdir = lambda path: False
self.assertRaises(OSError, save_to_well_known_file, credentials)
finally:
os.path.isdir = ORIGINAL_ISDIR
def test_save_well_known_file_with_non_existent_config_dir(self):
credential_file = datafile(
os.path.join('gcloud', 'application_default_credentials.json'))
credentials = _get_application_default_credential_from_file(
credential_file)
ORIGINAL_ISDIR = os.path.isdir
try:
os.path.isdir = lambda path: False
self.assertRaises(OSError, save_to_well_known_file, credentials)
finally:
os.path.isdir = ORIGINAL_ISDIR
def test_save_to_well_known_file_service_account(self):
credential_file = datafile(os.path.join("gcloud", "application_default_credentials.json"))
credentials = _get_application_default_credential_from_file(credential_file)
temp_credential_file = datafile(os.path.join("gcloud", "temp_well_known_file_service_account.json"))
save_to_well_known_file(credentials, temp_credential_file)
with open(temp_credential_file) as f:
d = json.load(f)
self.assertEqual("service_account", d["type"])
self.assertEqual("123", d["client_id"])
self.assertEqual("*****@*****.**", d["client_email"])
self.assertEqual("ABCDEF", d["private_key_id"])
os.remove(temp_credential_file)
def test_save_to_well_known_file_authorized_user(self):
credentials_file = datafile(os.path.join("gcloud", "application_default_credentials_authorized_user.json"))
credentials = _get_application_default_credential_from_file(credentials_file)
temp_credential_file = datafile(os.path.join("gcloud", "temp_well_known_file_authorized_user.json"))
save_to_well_known_file(credentials, temp_credential_file)
with open(temp_credential_file) as f:
d = json.load(f)
self.assertEqual("authorized_user", d["type"])
self.assertEqual("123", d["client_id"])
self.assertEqual("secret", d["client_secret"])
self.assertEqual("alabalaportocala", d["refresh_token"])
os.remove(temp_credential_file)
def test_save_to_well_known_file_service_account(self):
credential_file = datafile(
os.path.join('gcloud', 'application_default_credentials.json'))
credentials = _get_application_default_credential_from_file(
credential_file)
temp_credential_file = datafile(
os.path.join('gcloud', 'temp_well_known_file_service_account.json'))
save_to_well_known_file(credentials, temp_credential_file)
with open(temp_credential_file) as f:
d = json.load(f)
self.assertEqual('service_account', d['type'])
self.assertEqual('123', d['client_id'])
self.assertEqual('*****@*****.**', d['client_email'])
self.assertEqual('ABCDEF', d['private_key_id'])
os.remove(temp_credential_file)
def test_save_to_well_known_file_service_account(self):
credential_file = datafile(
os.path.join('gcloud', 'application_default_credentials.json'))
credentials = _get_application_default_credential_from_file(
credential_file)
temp_credential_file = datafile(
os.path.join('gcloud', 'temp_well_known_file_service_account.json'))
save_to_well_known_file(credentials, temp_credential_file)
with open(temp_credential_file) as f:
d = json.load(f)
self.assertEqual('service_account', d['type'])
self.assertEqual('123', d['client_id'])
self.assertEqual('*****@*****.**', d['client_email'])
self.assertEqual('ABCDEF', d['private_key_id'])
os.remove(temp_credential_file)
def test_save_to_well_known_file_authorized_user(self):
credentials_file = datafile(
os.path.join('gcloud',
'application_default_credentials_authorized_user.json'))
credentials = _get_application_default_credential_from_file(
credentials_file)
temp_credential_file = datafile(
os.path.join('gcloud', 'temp_well_known_file_authorized_user.json'))
save_to_well_known_file(credentials, temp_credential_file)
with open(temp_credential_file) as f:
d = json.load(f)
self.assertEqual('authorized_user', d['type'])
self.assertEqual('123', d['client_id'])
self.assertEqual('secret', d['client_secret'])
self.assertEqual('alabalaportocala', d['refresh_token'])
os.remove(temp_credential_file)
def test_save_to_well_known_file_authorized_user(self):
credentials_file = datafile(
os.path.join('gcloud',
'application_default_credentials_authorized_user.json'))
credentials = _get_application_default_credential_from_file(
credentials_file)
temp_credential_file = datafile(
os.path.join('gcloud', 'temp_well_known_file_authorized_user.json'))
save_to_well_known_file(credentials, temp_credential_file)
with open(temp_credential_file) as f:
d = json.load(f)
self.assertEqual('authorized_user', d['type'])
self.assertEqual('123', d['client_id'])
self.assertEqual('secret', d['client_secret'])
self.assertEqual('alabalaportocala', d['refresh_token'])
os.remove(temp_credential_file)
def get_vision_service(api_key=None, credentials=None, settings=None):
options = {}
# explicits
if api_key or credentials:
# credentials
if credentials and not api_key:
if isinstance(credentials, dict):
credentials = _get_application_default_credential_from_dict(
credentials)
logger.info('explicit credentials given.')
options['credentials'] = credentials
# api_key
elif not credentials and api_key:
logger.info('explicit api_key given.')
options['developerKey'] = api_key
#
else:
raise Exception("you can't pass both api_key= and credentials=")
# settings
elif settings:
api_key = getattr(settings, 'GOOGLE_SERVER_APIKEY_', None)
credentials = getattr(settings, 'GOOGLE_APPLICATION_CREDENTIALS', None)
if api_key and credentials:
raise Exception("you can't pass both api_key and credentials")
# GOOGLE_APPLICATION_CREDENTIALS=
if credentials and not api_key:
if isinstance(credentials, dict):
logger.info('credential dict given by settings')
credentials = _get_application_default_credential_from_dict(
credentials)
else:
logger.info('credential filename given by settings')
credentials = _get_application_default_credential_from_file(
credentials)
options['credentials'] = credentials
# GOOGLE_SERVER_APIKEY_=
elif api_key and not credentials:
logger.info('developer key given by settings')
options['developerKey'] = api_key
# merge keys starting with GOOGLE_APPLICATION_CREDENTIALS__
else:
settings_tuple = [(key, getattr(settings, key))
for key in dir(settings)]
# build with partials
PREFIX = 'GOOGLE_APPLICATION_CREDENTIALS__'
cred_dict = dict((key.replace(PREFIX, '').lower(), value)
for (key, value) in settings_tuple
if key.startswith(PREFIX))
#
logger.info('all credential key/values given by settings')
credentials = _get_application_default_credential_from_dict(
cred_dict)
options['credentials'] = credentials
# read from environment variables
else:
# GOOGLE_SERVER_APIKEY_=
api_key = os.environ.get('GOOGLE_SERVER_APIKEY_')
if api_key:
logger.info('developer key given by env variable')
options['developerKey'] = api_key
# default Service account keys
else:
logger.info('credentials filename given by env variable')
# look for GOOGLE_APPLICATION_CREDENTIALS= , and others
credentials = GoogleCredentials.get_application_default()
options['credentials'] = credentials
service = discovery.build('vision',
'v1',
discoveryServiceUrl=DISCOVERY_URL,
**options)
return service
# For license information, see LICENSE.TXT
import argparse, base64, httplib2
import re, os, fnmatch, codecs, json
import logging
logging.basicConfig()
from oauth2client.client import _get_application_default_credential_from_file
from apiclient import discovery
CACHE_FILENAME="cached_json.json"
API_DISCOVERY_FILE = 'https://{api}.googleapis.com/$discovery/rest?version={apiVersion}'
http = httplib2.Http()
credentials = _get_application_default_credential_from_file("credentials.json").create_scoped([
'https://www.googleapis.com/auth/cloud-platform'])
credentials.authorize(http)
service = discovery.build('vision', 'v1', http=http, discoveryServiceUrl=API_DISCOVERY_FILE)
from receipt_extractor import OCRReceiptExtractor
def process_ocr_text(extracted_text):
"""
"""
extractor=OCRReceiptExtractor(extracted_text)
return extractor.processData()
def extract_text(image_content):
"""
def test_get_application_default_credential_from_file_service_account(self):
credentials_file = datafile(
os.path.join('gcloud', 'application_default_credentials.json'))
credentials = _get_application_default_credential_from_file(
credentials_file)
self.validate_service_account_credentials(credentials)
def prepare_credentials(self):
from oauth2client.client import _get_application_default_credential_from_file
credentials = _get_application_default_credential_from_file(os.path.join(self.directory, 'service_account.json'))
return credentials.create_scoped(Service.SCOPE)
