def store_oauth2_credentials(cls, email, access_token, refresh_token,
validity, type):
"""
store oauth_credentials
"""
oauth_file = '%s/%s.oauth2' % (gmvault_utils.get_home_dir_path(),
email)
# Open a file
fdesc = os.open(oauth_file, os.O_RDWR | os.O_CREAT)
#write new content
fobj = os.fdopen(fdesc, "w")
#empty file
fobj.truncate()
fobj.seek(0, os.SEEK_SET)
the_obj = {
"access_token": access_token,
"refresh_token": refresh_token,
"validity": validity,
"access_creation": gmvault_utils.get_utcnow_epoch(),
"type": type
}
json.dump(the_obj, fobj)
fobj.close()
def store_oauth2_credentials(cls, email, access_token, refresh_token, validity, type):
"""
store oauth_credentials
"""
oauth_file = '%s/%s.oauth2' % (gmvault_utils.get_home_dir_path(), email)
# Open a file
fdesc = os.open(oauth_file, os.O_RDWR|os.O_CREAT )
#write new content
fobj = os.fdopen(fdesc, "w")
#empty file
fobj.truncate()
fobj.seek(0, os.SEEK_SET)
the_obj = { "access_token" : access_token,
"refresh_token" : refresh_token,
"validity" : validity,
"access_creation" : gmvault_utils.get_utcnow_epoch(),
"type" : type}
json.dump(the_obj, fobj)
fobj.close()
def get_oauth2_credential(cls, email, renew_cred = False):
"""
Used once the connection has been lost. Return an auth_str obtained from a refresh token or
with the current access token if it is still valid
:param email: user email used to load refresh token from peristent file
:return: credential { 'type' : 'oauth2', 'value' : auth_str, 'option':None }
"""
oauth2_creds = cls.read_oauth2_tok_sec(email)
#workflow when you connect for the first time or want to renew the oauth2 credentials
if not oauth2_creds or renew_cred:
# No refresh token in stored so perform a new request
if renew_cred:
LOG.critical("Renew OAuth2 token (normal). Initiate interactive session to get it from Gmail.\n")
else:
LOG.critical("Initiate interactive session to get OAuth2 token from Gmail.\n")
#interactive session with default browser initiated
access_token, refresh_token, validity, type = cls._get_oauth2_tokens(email, use_webbrowser = True)
if not access_token or not refresh_token:
raise Exception("Cannot get OAuth2 access token from Gmail. See Gmail error message")
#store newly created token
cls.store_oauth2_credentials(email, access_token, refresh_token, validity, type)
else:
# check if the access token is still valid otherwise renew it from the refresh token
now = gmvault_utils.get_utcnow_epoch() #now time as epoch seconds
tok_creation = oauth2_creds['access_creation'] #creation time as epoch seconds
validity = oauth2_creds['validity']
LOG.debug("oauth2 creds = %s" % (oauth2_creds['refresh_token']))
#access token is still valid then use it
if now < tok_creation + validity:
LOG.debug("Access Token is still valid")
access_token = oauth2_creds['access_token']
else:
#expired so request a new access token and store it
LOG.debug("Access Token is expired. Renew it")
# get a new access token based on refresh_token
access_token, type = cls._get_oauth2_acc_tok_from_ref_tok(oauth2_creds['refresh_token'])
# update stored information
cls.store_oauth2_credentials(email, access_token, oauth2_creds['refresh_token'], validity, type)
auth_str = cls._generate_oauth2_auth_string(email, access_token, base64_encode=False)
LOG.debug("auth_str generated: %s" % (auth_str))
LOG.debug("Successfully read oauth2 credentials with get_oauth2_credential_from_refresh_token\n")
return { 'type' : 'oauth2', 'value' : auth_str, 'option':None }
