def _CreateOauthUserCreds(creds_cache_file, client_id, client_secret,
user_agent, scopes):
"""Get user oauth2 credentials.
Args:
creds_cache_file: String, file name for the credential cache.
e.g. .acloud_oauth2.dat
Will be created at home folder.
client_id: String, client id from the cloud project.
client_secret: String, client secret for the client_id.
user_agent: The user agent for the credential, e.g. "acloud"
scopes: String, scopes separated by space.
Returns:
An oauth2client.OAuth2Credentials instance.
"""
if not client_id or not client_secret:
raise errors.AuthentcationError(
"Could not authenticate using Oauth2 flow, please set client_id "
"and client_secret in your config file. Contact the cloud project's "
"admin if you don't have the client_id and client_secret.")
storage = multistore_file.get_credential_storage(
filename=os.path.abspath(creds_cache_file),
client_id=client_id,
user_agent=user_agent,
scope=scopes)
credentials = storage.get()
if credentials is not None:
try:
credentials.refresh(httplib2.Http())
except oauth2_client.AccessTokenRefreshError:
pass
if not credentials.invalid:
return credentials
return _RunAuthFlow(storage, client_id, client_secret, user_agent, scopes)
def __init__(self, user_name, credential_file_path, client_secret_path=None, logger=None, max_retries=3):
OAUTH_SCOPE = 'https://mail.google.com/'
storage = multistore_file.get_credential_storage(filename=credential_file_path, client_id=user_name, user_agent=None, scope=OAUTH_SCOPE)
credentials = storage.get()
if credentials is None or credentials.invalid:
if client_secret_path is None or not os.path.exists(client_secret_path):
raise UnknownClientSecretsFlowError('Credentials unavailable. Please provide a valid client_secret_path to rerun authentication')
try:
import argparse
flags = argparse.ArgumentParser(parents=[argparser]).parse_args()
except ImportError:
flags = None
# Run through the OAuth flow and retrieve credentials
FLOW = flow_from_clientsecrets(client_secret_path, scope=OAUTH_SCOPE)
credentials = run_flow(FLOW, storage, flags)
# Create an httplib2.Http object and authorize it with our credentials
http = httplib2.Http()
http = credentials.authorize(http)
service = build('gmail', 'v1', http=http)
self._service = service
self._user = self._service.users()
self._messages = self._user.messages()
self._drafts = self._user.drafts()
self._logger = logger
self._max_retries = max_retries
def CredentialsFromFile(path, client_info, oauth2client_args=None):
"""Read credentials from a file."""
credential_store = multistore_file.get_credential_storage(
path, client_info['client_id'], client_info['user_agent'],
client_info['scope'])
if hasattr(FLAGS, 'auth_local_webserver'):
FLAGS.auth_local_webserver = False
credentials = credential_store.get()
if credentials is None or credentials.invalid:
print('Generating new OAuth credentials ...')
for _ in range(20):
# If authorization fails, we want to retry, rather than let this
# cascade up and get caught elsewhere. If users want out of the
# retry loop, they can ^C.
try:
flow = oauth2client.client.OAuth2WebServerFlow(**client_info)
flags = _GetRunFlowFlags(args=oauth2client_args)
credentials = tools.run_flow(flow, credential_store, flags)
break
except (oauth2client.client.FlowExchangeError, SystemExit) as e:
# Here SystemExit is "no credential at all", and the
# FlowExchangeError is "invalid" -- usually because
# you reused a token.
print('Invalid authorization: %s' % (e, ))
except httplib2.HttpLib2Error as e:
print('Communication error: %s' % (e, ))
raise exceptions.CredentialsError(
'Communication error creating credentials: %s' % e)
return credentials
def _GetCredentialsVia3LO(client_info, credentials_filename=None):
credentials_filename = os.path.expanduser(credentials_filename
or '~/.oauth2l.token')
credential_store = multistore_file.get_credential_storage(
credentials_filename, client_info['client_id'],
client_info['user_agent'], client_info['scope'])
credentials = credential_store.get()
if credentials is None or credentials.invalid:
for _ in range(10):
# If authorization fails, we want to retry, rather
# than let this cascade up and get caught elsewhere.
# If users want out of the retry loop, they can ^C.
try:
flow = client.OAuth2WebServerFlow(**client_info)
flags, _ = tools.argparser.parse_known_args(
['--noauth_local_webserver'])
credentials = tools.run_flow(flow, credential_store, flags)
break
except (SystemExit, client.FlowExchangeError) as e:
# Here SystemExit is "no credential at all", and the
# FlowExchangeError is "invalid" -- usually because
# you reused a token.
pass
except httplib2.HttpLib2Error as e:
raise ValueError('Communication error creating credentials:'
'{}'.format(e))
else:
credentials = None
return credentials
def test_multistore_non_existent_file(self):
store = multistore_file.get_credential_storage(
FILENAME, 'some_client_id', 'user-agent/1.0',
['some-scope', 'some-other-scope'])
credentials = store.get()
self.assertEquals(None, credentials)
def CredentialsFromFile(path, client_info, oauth2client_args=None):
"""Read credentials from a file."""
credential_store = multistore_file.get_credential_storage(
path,
client_info['client_id'],
client_info['user_agent'],
client_info['scope'])
if hasattr(FLAGS, 'auth_local_webserver'):
FLAGS.auth_local_webserver = False
credentials = credential_store.get()
if credentials is None or credentials.invalid:
print('Generating new OAuth credentials ...')
for _ in range(20):
# If authorization fails, we want to retry, rather than let this
# cascade up and get caught elsewhere. If users want out of the
# retry loop, they can ^C.
try:
flow = oauth2client.client.OAuth2WebServerFlow(**client_info)
flags = _GetRunFlowFlags(args=oauth2client_args)
credentials = tools.run_flow(flow, credential_store, flags)
break
except (oauth2client.client.FlowExchangeError, SystemExit) as e:
# Here SystemExit is "no credential at all", and the
# FlowExchangeError is "invalid" -- usually because
# you reused a token.
print('Invalid authorization: %s' % (e,))
except httplib2.HttpLib2Error as e:
print('Communication error: %s' % (e,))
raise exceptions.CredentialsError(
'Communication error creating credentials: %s' % e)
return credentials
def _GetCredentialsVia3LO(client_info, credentials_filename=None):
credentials_filename = os.path.expanduser(
credentials_filename or '~/.oauth2l.token')
credential_store = multistore_file.get_credential_storage(
credentials_filename,
client_info['client_id'],
client_info['user_agent'],
client_info['scope'])
credentials = credential_store.get()
if credentials is None or credentials.invalid:
for _ in range(10):
# If authorization fails, we want to retry, rather
# than let this cascade up and get caught elsewhere.
# If users want out of the retry loop, they can ^C.
try:
flow = client.OAuth2WebServerFlow(**client_info)
flags, _ = tools.argparser.parse_known_args(
['--noauth_local_webserver'])
credentials = tools.run_flow(
flow, credential_store, flags)
break
except (SystemExit, client.FlowExchangeError) as e:
# Here SystemExit is "no credential at all", and the
# FlowExchangeError is "invalid" -- usually because
# you reused a token.
pass
except httplib2.HttpLib2Error as e:
raise ValueError(
'Communication error creating credentials:'
'{}'.format(e))
else:
credentials = None
return credentials
def __init__(self, user_name, credential_file_path, client_secret_path=None, logger=None, max_retries=3):
OAUTH_SCOPE = 'https://www.googleapis.com/auth/drive'
storage = multistore_file.get_credential_storage(filename=credential_file_path, client_id=user_name, user_agent=None, scope=OAUTH_SCOPE)
credentials = storage.get()
if credentials is None or credentials.invalid:
if client_secret_path is None or not os.path.exists(client_secret_path):
raise UnknownClientSecretsFlowError('Credentials unavailable. Please provide a valid client_secret_path to rerun authentication')
try:
import argparse
flags = argparse.ArgumentParser(parents=[argparser]).parse_args()
except ImportError:
flags = None
# Run through the OAuth flow and retrieve credentials
FLOW = flow_from_clientsecrets(client_secret_path, scope=OAUTH_SCOPE)
credentials = run_flow(FLOW, storage, flags)
# Create an httplib2.Http object and authorize it with our credentials
http = httplib2.Http()
http = credentials.authorize(http)
service = build('drive', 'v3', http=http)
self._service = service
self._files = self._service.files()
self._about = self._service.about()
# Number of bytes to send/receive in each request.
self._CHUNKSIZE = 2 * 1024 * 1024
self._logger = logger
self._max_retries = max_retries
def test_multistore_file(self):
credentials = self._create_test_credentials()
store = multistore_file.get_credential_storage(
FILENAME,
credentials.client_id,
credentials.user_agent,
['some-scope', 'some-other-scope'])
# Save credentials
store.put(credentials)
credentials = store.get()
self.assertNotEquals(None, credentials)
self.assertEquals('foo', credentials.access_token)
# Delete credentials
store.delete()
credentials = store.get()
self.assertEquals(None, credentials)
if os.name == 'posix': # pragma: NO COVER
self.assertEquals(
0o600, stat.S_IMODE(os.stat(FILENAME).st_mode))
def test_multistore_non_existent_file(self):
store = multistore_file.get_credential_storage(
FILENAME,
'some_client_id',
'user-agent/1.0',
['some-scope', 'some-other-scope'])
credentials = store.get()
self.assertEquals(None, credentials)
def credential_store(self):
storage_path = os.path.join(
xdg.BaseDirectory.save_data_path(self.app._meta.label),
'oauth_credentials')
return get_credential_storage(
storage_path,
self.client_secrets['client_id'],
self.Meta.user_agent,
self.scopes
)
def test_multistore_no_symbolic_link_files(self):
SYMFILENAME = FILENAME + 'sym'
os.symlink(FILENAME, SYMFILENAME)
store = multistore_file.get_credential_storage(
SYMFILENAME, 'some_client_id', 'user-agent/1.0',
['some-scope', 'some-other-scope'])
try:
self.assertRaises(locked_file.CredentialsFileSymbolicLinkError,
store.get)
finally:
os.unlink(SYMFILENAME)
def test_multistore_no_symbolic_link_files(self):
SYMFILENAME = FILENAME + 'sym'
os.symlink(FILENAME, SYMFILENAME)
store = multistore_file.get_credential_storage(
SYMFILENAME,
'some_client_id',
'user-agent/1.0',
['some-scope', 'some-other-scope'])
try:
with self.assertRaises(IOError):
store.get()
finally:
os.unlink(SYMFILENAME)
def __init__(self,
user_name,
credential_file_path,
client_secret_path=None,
logger=None):
OAUTH_SCOPE = 'https://www.googleapis.com/auth/tagmanager.readonly'
storage = multistore_file.get_credential_storage(
filename=credential_file_path,
client_id=user_name,
user_agent=None,
scope=OAUTH_SCOPE)
credentials = storage.get()
if credentials is None or credentials.invalid:
if client_secret_path is None or not os.path.exists(
client_secret_path):
raise UnknownClientSecretsFlowError(
'Credentials unavailable. Please provide a valid client_secret_path to rerun authentication'
)
try:
import argparse
flags = argparse.ArgumentParser(
parents=[argparser]).parse_args()
except ImportError:
flags = None
# Run through the OAuth flow and retrieve credentials
FLOW = flow_from_clientsecrets(client_secret_path,
scope=OAUTH_SCOPE)
credentials = run_flow(FLOW, storage, flags)
# Create an httplib2.Http object and authorize it with our credentials
http = httplib2.Http()
http = credentials.authorize(http)
service = build('tagmanager', 'v1', http=http)
self._service = service
self._accounts = self._service.accounts()
self._permissions = self._accounts.permissions()
self._containers = self._accounts.containers()
self._versions = self._containers.versions()
self._variables = self._containers.variables()
self._tags = self._containers.tags()
self._triggers = self._containers.triggers()
self._logger = logger
def test_read_only_file_fail_lock(self):
credentials = self._create_test_credentials()
open(FILENAME, 'a+b').close()
os.chmod(FILENAME, 0o400)
store = multistore_file.get_credential_storage(
FILENAME, credentials.client_id, credentials.user_agent,
['some-scope', 'some-other-scope'])
store.put(credentials)
if os.name == 'posix':
self.assertTrue(store._multistore._read_only)
os.chmod(FILENAME, 0o600)
def get_service(service_name, **kwargs):
service_scope = SCOPES[service_name]
if 'json_credentials_path' in kwargs:
# store in multistore_file by default, requires client_id as a key
assert 'client_id' in kwargs, 'client_id required when using json_credential_path'
import httplib2
from oauth2client.contrib import multistore_file
storage = multistore_file.get_credential_storage(
filename=kwargs['json_credentials_path'],
client_id=kwargs['client_id'],
user_agent=None,
scope=service_scope['scope']
)
credentials = storage.get()
if credentials is None or credentials.invalid:
# rerun auth flow if credentials are missing or invalid
# flow requires client secret file
assert 'client_secret_path' in kwargs, 'Credentials invalid, client_secret_path required for reauthorization'
from oauth2client.client import flow_from_clientsecrets
from oauth2client.tools import run_flow
FLOW = flow_from_clientsecrets(kwargs['client_secret_path'], scope=service_scope['scope'])
credentials = run_flow(FLOW, storage, None)
# Create an httplib2.Http object and authorize it with your credentials
http = httplib2.Http()
http = credentials.authorize(http)
return build(
service_name,
service_scope['version'],
http=http
)
else:
from oauth2client.client import GoogleCredentials
credentials = GoogleCredentials.get_application_default()
return build(
service_name,
service_scope['version'],
credentials=credentials
)
def get_service(service_name, **kwargs):
service_scope = SCOPES[service_name]
if 'json_credentials_path' in kwargs:
# store in multistore_file by default, requires client_id as a key
assert 'client_id' in kwargs, 'client_id required when using json_credential_path'
import httplib2
from oauth2client.contrib import multistore_file
storage = multistore_file.get_credential_storage(
filename=kwargs['json_credentials_path'],
client_id=kwargs['client_id'],
user_agent=None,
scope=service_scope['scope']
)
credentials = storage.get()
if credentials is None or credentials.invalid:
# rerun auth flow if credentials are missing or invalid
# flow requires client secret file
assert 'client_secret_path' in kwargs, 'Credentials invalid, client_secret_path required for reauthorization'
from oauth2client.client import flow_from_clientsecrets
from oauth2client.tools import run_flow
FLOW = flow_from_clientsecrets(kwargs['client_secret_path'], scope=service_scope['scope'])
credentials = run_flow(FLOW, storage, None)
# Create an httplib2.Http object and authorize it with your credentials
http = httplib2.Http()
http = credentials.authorize(http)
return build(
service_name,
service_scope['version'],
http=http
)
else:
from oauth2client.client import GoogleCredentials
credentials = GoogleCredentials.get_application_default()
return build(
service_name,
service_scope['version'],
credentials=credentials
)
def __init__(self,
user_name,
credential_file_path,
client_secret_path=None,
logger=None,
max_retries=3):
OAUTH_SCOPE = 'https://www.googleapis.com/auth/drive'
storage = multistore_file.get_credential_storage(
filename=credential_file_path,
client_id=user_name,
user_agent=None,
scope=OAUTH_SCOPE)
credentials = storage.get()
if credentials is None or credentials.invalid:
if client_secret_path is None or not os.path.exists(
client_secret_path):
raise UnknownClientSecretsFlowError(
'Credentials unavailable. Please provide a valid client_secret_path to rerun authentication'
)
try:
import argparse
flags = argparse.ArgumentParser(
parents=[argparser]).parse_args()
except ImportError:
flags = None
# Run through the OAuth flow and retrieve credentials
FLOW = flow_from_clientsecrets(client_secret_path,
scope=OAUTH_SCOPE)
credentials = run_flow(FLOW, storage, flags)
# Create an httplib2.Http object and authorize it with our credentials
http = httplib2.Http()
http = credentials.authorize(http)
service = build('drive', 'v3', http=http)
self._service = service
self._files = self._service.files()
self._about = self._service.about()
# Number of bytes to send/receive in each request.
self._CHUNKSIZE = 2 * 1024 * 1024
self._logger = logger
self._max_retries = max_retries
def test_multistore_no_symbolic_link_files(self):
if hasattr(os, 'symlink'):
SYMFILENAME = FILENAME + 'sym'
os.symlink(FILENAME, SYMFILENAME)
store = multistore_file.get_credential_storage(
SYMFILENAME,
'some_client_id',
'user-agent/1.0',
['some-scope', 'some-other-scope'])
try:
self.assertRaises(
locked_file.CredentialsFileSymbolicLinkError,
store.get)
finally:
os.unlink(SYMFILENAME)
def test_read_only_file_fail_lock(self):
credentials = self._create_test_credentials()
open(FILENAME, 'a+b').close()
os.chmod(FILENAME, 0o400)
store = multistore_file.get_credential_storage(
FILENAME,
credentials.client_id,
credentials.user_agent,
['some-scope', 'some-other-scope'])
store.put(credentials)
if os.name == 'posix': # pragma: NO COVER
self.assertTrue(store._multistore._read_only)
os.chmod(FILENAME, 0o600)
def auth_result(db):
session = bottle.request.environ.get('beaker.session')
auth_code = request.query.code
credentials = flow.step2_exchange(auth_code)
google_id = get_user_info(credentials)
session['google_id'] = google_id
session.save()
storage = get_credential_storage('test_storage.txt',
google_id,
'user_agent',
scope)
storage.put(credentials)
get_user(db, google_id)
log.info('put credentials in storage file %s', credentials)
return redirect('/')
def __init__(self,
user_name,
credential_file_path,
client_secret_path=None,
logger=None,
max_retries=3):
OAUTH_SCOPE = 'https://mail.google.com/'
storage = multistore_file.get_credential_storage(
filename=credential_file_path,
client_id=user_name,
user_agent=None,
scope=OAUTH_SCOPE)
credentials = storage.get()
if credentials is None or credentials.invalid:
if client_secret_path is None or not os.path.exists(
client_secret_path):
raise UnknownClientSecretsFlowError(
'Credentials unavailable. Please provide a valid client_secret_path to rerun authentication'
)
try:
import argparse
flags = argparse.ArgumentParser(
parents=[argparser]).parse_args()
except ImportError:
flags = None
# Run through the OAuth flow and retrieve credentials
FLOW = flow_from_clientsecrets(client_secret_path,
scope=OAUTH_SCOPE)
credentials = run_flow(FLOW, storage, flags)
# Create an httplib2.Http object and authorize it with our credentials
http = httplib2.Http()
http = credentials.authorize(http)
service = build('gmail', 'v1', http=http)
self._service = service
self._user = self._service.users()
self._messages = self._user.messages()
self._drafts = self._user.drafts()
self._logger = logger
self._max_retries = max_retries
def test_multistore_file_backwards_compatibility(self):
credentials = self._create_test_credentials()
scopes = ['scope1', 'scope2']
# store the credentials using the legacy key method
store = multistore_file.get_credential_storage(
FILENAME, 'client_id', 'user_agent', scopes)
store.put(credentials)
# retrieve the credentials using a custom key that matches the
# legacy key
key = {'clientId': 'client_id', 'userAgent': 'user_agent',
'scope': util.scopes_to_string(scopes)}
store = multistore_file.get_credential_storage_custom_key(
FILENAME, key)
stored_credentials = store.get()
self.assertEqual(credentials.access_token,
stored_credentials.access_token)
def test_multistore_file_backwards_compatibility(self):
credentials = self._create_test_credentials()
scopes = ['scope1', 'scope2']
# store the credentials using the legacy key method
store = multistore_file.get_credential_storage(
FILENAME, 'client_id', 'user_agent', scopes)
store.put(credentials)
# retrieve the credentials using a custom key that matches the
# legacy key
key = {'clientId': 'client_id', 'userAgent': 'user_agent',
'scope': util.scopes_to_string(scopes)}
store = multistore_file.get_credential_storage_custom_key(
FILENAME, key)
stored_credentials = store.get()
self.assertEqual(credentials.access_token,
stored_credentials.access_token)
def test_multistore_file(self):
credentials = self._create_test_credentials()
store = multistore_file.get_credential_storage(
FILENAME, credentials.client_id, credentials.user_agent,
['some-scope', 'some-other-scope'])
store.put(credentials)
credentials = store.get()
self.assertNotEquals(None, credentials)
self.assertEquals('foo', credentials.access_token)
store.delete()
credentials = store.get()
self.assertEquals(None, credentials)
if os.name == 'posix':
self.assertEquals(0o600, stat.S_IMODE(os.stat(FILENAME).st_mode))
def __init__(self, user_name, credential_file_path, client_secret_path=None, logger=None):
OAUTH_SCOPE = 'https://www.googleapis.com/auth/tagmanager.readonly'
storage = multistore_file.get_credential_storage(filename=credential_file_path, client_id=user_name, user_agent=None, scope=OAUTH_SCOPE)
credentials = storage.get()
if credentials is None or credentials.invalid:
if client_secret_path is None or not os.path.exists(client_secret_path):
raise UnknownClientSecretsFlowError('Credentials unavailable. Please provide a valid client_secret_path to rerun authentication')
try:
import argparse
flags = argparse.ArgumentParser(parents=[argparser]).parse_args()
except ImportError:
flags = None
# Run through the OAuth flow and retrieve credentials
FLOW = flow_from_clientsecrets(client_secret_path, scope=OAUTH_SCOPE)
credentials = run_flow(FLOW, storage, flags)
# Create an httplib2.Http object and authorize it with our credentials
http = httplib2.Http()
http = credentials.authorize(http)
service = build('tagmanager', 'v1', http=http)
self._service = service
self._accounts = self._service.accounts()
self._permissions = self._accounts.permissions()
self._containers = self._accounts.containers()
self._versions = self._containers.versions()
self._variables = self._containers.variables()
self._tags = self._containers.tags()
self._triggers = self._containers.triggers()
self._logger = logger
def __init__(self, logger=None, authentication_type='Default Credentials', credential_file_path=None, user_name=None, client_secret_path=None, max_retries=3):
if authentication_type == 'Default Credentials':
# try building from application default
try:
credentials = GoogleCredentials.get_application_default()
service = build('bigquery', 'v2', credentials=credentials)
except ApplicationDefaultCredentialsError as e:
print 'Application Default Credentials unavailable. ' \
'To set up Default Credentials, download gcloud from https://cloud.google.com/sdk/gcloud/ ' \
'and authenticate through gcloud auth login'
raise e
elif authentication_type == 'Stored Credentials':
import httplib2
from oauth2client.contrib import multistore_file
OAUTH_SCOPE = 'https://www.googleapis.com/auth/bigquery'
assert user_name is not None and credential_file_path is not None
storage = multistore_file.get_credential_storage(
filename=credential_file_path,
client_id=user_name,
user_agent=None,
scope=OAUTH_SCOPE
)
credentials = storage.get()
if credentials is None or credentials.invalid:
if client_secret_path is None or not os.path.exists(client_secret_path):
raise UnknownClientSecretsFlowError(
'Credentials unavailable. Please provide a valid client_secret_path to rerun authentication'
)
from oauth2client.tools import run_flow, argparser
try:
import argparse
flags = argparse.ArgumentParser(parents=[argparser]).parse_args()
except ImportError:
flags = None
FLOW = flow_from_clientsecrets(client_secret_path, scope=OAUTH_SCOPE)
credentials = run_flow(FLOW, storage, flags)
# Create an httplib2.Http object and authorize it with your credentials
http = httplib2.Http()
http = credentials.authorize(http)
service = build('bigquery', 'v2', http=http)
else:
raise TypeError('Authentication types available are "Default Credentials" and "Stored Credentials"')
self._service = service
self._datasets = self._service.datasets()
self._jobs = self._service.jobs()
self._projects = self._service.projects()
self._tabledata = self._service.tabledata()
self._tables = self._service.tables()
self._logger = logger
self._max_retries = max_retries
def __init__(self, logger=None, authentication_type='Default Credentials', credential_file_path=None, user_name=None, client_secret_path=None, max_retries=3):
if authentication_type == 'Default Credentials':
# try building from application default
try:
credentials = GoogleCredentials.get_application_default()
service = build('storage', 'v1', credentials=credentials)
except ApplicationDefaultCredentialsError as e:
print 'Application Default Credentials unavailable. ' \
'To set up Default Credentials, download gcloud from https://cloud.google.com/sdk/gcloud/ ' \
'and authenticate through gcloud auth login'
raise e
elif authentication_type == 'Stored Credentials':
import httplib2
from oauth2client.contrib import multistore_file
OAUTH_SCOPE = 'https://www.googleapis.com/auth/cloud-platform'
assert user_name is not None and credential_file_path is not None
storage = multistore_file.get_credential_storage(
filename=credential_file_path,
client_id=user_name,
user_agent=None,
scope=OAUTH_SCOPE
)
credentials = storage.get()
if credentials is None or credentials.invalid:
if client_secret_path is None or not os.path.exists(client_secret_path):
raise UnknownClientSecretsFlowError(
'Credentials unavailable. Please provide a valid client_secret_path to rerun authentication'
)
from oauth2client.tools import run_flow, argparser
try:
import argparse
flags = argparse.ArgumentParser(parents=[argparser]).parse_args()
except ImportError:
flags = None
FLOW = flow_from_clientsecrets(client_secret_path, scope=OAUTH_SCOPE)
credentials = run_flow(FLOW, storage, flags)
# Create an httplib2.Http object and authorize it with your credentials
http = httplib2.Http()
http = credentials.authorize(http)
service = build('storage', 'v1', http=http)
else:
raise TypeError('Authentication types available are "Default Credentials" and "Stored Credentials"')
self._service = service
self._buckets = self._service.buckets()
self._objects = self._service.objects()
# Retry transport and file IO errors.
self._RETRYABLE_ERRORS = (HttpLib2Error, IOError)
self._max_retries = max_retries
# Number of bytes to send/receive in each request.
self._CHUNKSIZE = 2 * 1024 * 1024
# Mimetype to use if one can't be guessed from the file extension.
self._DEFAULT_MIMETYPE = 'application/octet-stream'
self._logger = logger
def main():
count = 0
count_files = 0
while True:
log.info("fetcher iteration")
time.sleep(5)
credential_keys = get_all_credential_keys('test_storage.txt')
for key in credential_keys:
user_info = db.query(User).filter(
User.google_id == key['clientId']).first()
if not user_info:
user_info = User(
google_id=key['clientId'],
is_download_data=False)
log.info(
'add new user %s'
' in User table', key['clientId'])
db.add(user_info)
db.commit()
log.info(
'getting documents for user %s',
key['clientId'])
user_info = db.query(User).filter(
User.google_id == key['clientId']).first()
log.info(
'is_download_data = %s',
user_info.is_download_data)
if not user_info.is_download_data:
log.info(
'is_download_data = %s',
user_info.is_download_data)
log.info(
'download files from google id %s',
key['clientId'])
storage = get_credential_storage(
'test_storage.txt',
key['clientId'],
key['userAgent'],
key['scope'])
credentials = storage.get()
log.info(
'get credential for google id %s',
key['clientId'])
while credentials and count == 0:
for document in get_documents(credentials,
key['clientId']):
db.add(document)
count_files = count_files + 1
db.commit()
count = count + 1
break
log.info('download %d files from google id %s',
count_files, key['clientId'])
user_info = db.query(User).filter(
User.google_id == key['clientId']).first()
if user_info:
if not user_info.is_download_data:
user_info.is_download_data = True
log.info(
'download files for user %s'
' is_download_data = %d',
str(key['clientId']),
user_info.is_download_data)
db.commit()
count_files = 0
count = 0
def __init__(self,
logger=None,
authentication_type='Default Credentials',
credential_file_path=None,
user_name=None,
client_secret_path=None,
max_retries=3):
if authentication_type == 'Default Credentials':
# try building from application default
try:
credentials = GoogleCredentials.get_application_default()
service = build('storage', 'v1', credentials=credentials)
except ApplicationDefaultCredentialsError as e:
print 'Application Default Credentials unavailable. ' \
'To set up Default Credentials, download gcloud from https://cloud.google.com/sdk/gcloud/ ' \
'and authenticate through gcloud auth login'
raise e
elif authentication_type == 'Stored Credentials':
import httplib2
from oauth2client.contrib import multistore_file
OAUTH_SCOPE = 'https://www.googleapis.com/auth/cloud-platform'
assert user_name is not None and credential_file_path is not None
storage = multistore_file.get_credential_storage(
filename=credential_file_path,
client_id=user_name,
user_agent=None,
scope=OAUTH_SCOPE)
credentials = storage.get()
if credentials is None or credentials.invalid:
if client_secret_path is None or not os.path.exists(
client_secret_path):
raise UnknownClientSecretsFlowError(
'Credentials unavailable. Please provide a valid client_secret_path to rerun authentication'
)
from oauth2client.tools import run_flow, argparser
try:
import argparse
flags = argparse.ArgumentParser(
parents=[argparser]).parse_args()
except ImportError:
flags = None
FLOW = flow_from_clientsecrets(client_secret_path,
scope=OAUTH_SCOPE)
credentials = run_flow(FLOW, storage, flags)
# Create an httplib2.Http object and authorize it with your credentials
http = httplib2.Http()
http = credentials.authorize(http)
service = build('storage', 'v1', http=http)
else:
raise TypeError(
'Authentication types available are "Default Credentials" and "Stored Credentials"'
)
self._service = service
self._buckets = self._service.buckets()
self._objects = self._service.objects()
# Retry transport and file IO errors.
self._RETRYABLE_ERRORS = (HttpLib2Error, IOError)
self._max_retries = max_retries
# Number of bytes to send/receive in each request.
self._CHUNKSIZE = 2 * 1024 * 1024
# Mimetype to use if one can't be guessed from the file extension.
self._DEFAULT_MIMETYPE = 'application/octet-stream'
self._logger = logger
