def _GetCredentials(self, credentials_file_path, client_secret_file_path):
""" Gets valid user credentials from storage. If nothing has been stored, or
if the stored credentials are invalid, the OAuth2 flow is completed to
obtain the new credentials.
When running in the buildbot, uses LUCI credentials instead.
Args:
credentials_file_path: str Absolute path to read/save user credentials.
client_secret_file_path: str Absolute path to read client_secret.json.
Returns:
OAuth2Credentials The obtained user credentials.
"""
if luci_auth.available():
return luci_auth.LUCICredentials(scopes=[self.SCOPES])
store = Storage(credentials_file_path)
credentials = store.get()
if not credentials or credentials.invalid:
flow = client.flow_from_clientsecrets(client_secret_file_path,
self.SCOPES)
flow.user_agent = self.APPLICATION_NAME
flags = tools.argparser.parse_args([])
credentials = tools.run_flow(flow, store, flags)
print("Storing credentials to " + credentials_file_path)
return credentials
def _FetchBuilderJsonFromMilo(master,
builder,
limit=100,
service_account_file=None): # pragma: no cover
LOGGER.debug('Fetching buildbot json for %s/%s from milo', master, builder)
body = {'master': master, 'builder': builder, 'limit': limit}
headers = {
'Accept': 'application/json',
'Content-Type': 'application/json',
}
http = httplib2.Http(timeout=300)
creds = None
if service_account_file:
creds = infra_libs.get_signed_jwt_assertion_credentials(
service_account_file, scope=OAUTH_SCOPES)
elif luci_auth.available():
creds = luci_auth.LUCICredentials(scopes=OAUTH_SCOPES)
if creds:
creds.authorize(http)
resp, content = http.request(MILO_JSON_ENDPOINT,
method='POST',
headers=headers,
body=json.dumps(body))
if resp.status != 200:
raise httplib2.HttpLib2Error('Invalid response status: %s\n%s' %
(resp.status, content))
# Strip off jsonp header.
data = json.loads(content[4:])
builds = [
json.loads(base64.b64decode(build['data'])) for build in data['builds']
]
return {build['number']: build for build in builds}
def _FetchFromBuildbucketImpl(project,
bucket_name,
builder,
service_account_file=None): # pragma: no cover
request_pb = rpc_pb2.SearchBuildsRequest()
request_pb.predicate.builder.project = project
request_pb.predicate.builder.bucket = bucket_name
request_pb.predicate.builder.builder = builder
request_pb.predicate.status = common_pb2.ENDED_MASK
request_pb.fields.paths.extend([
'builds.*.number',
'builds.*.status',
'builds.*.input.gitiles_commit.id',
])
headers = {
'Accept': 'application/prpc; encoding=binary',
'Content-Type': 'application/prpc; encoding=binary',
}
http = httplib2.Http(timeout=300)
creds = None
if service_account_file:
creds = infra_libs.get_signed_jwt_assertion_credentials(
service_account_file, scope=OAUTH_SCOPES)
elif luci_auth.available():
creds = luci_auth.LUCICredentials(scopes=OAUTH_SCOPES)
if creds:
creds.authorize(http)
resp, content = http.request(_BUILDBUCKET_SEARCH_ENDPOINT_V2.format(
buildbucket_instance=_DEFAULT_BUILDBUCKET_INSTANCE),
method='POST',
headers=headers,
body=request_pb.SerializeToString())
grpc_code = resp.get('X-Prpc-Grpc-Code'.lower())
if grpc_code != '0':
raise httplib2.HttpLib2Error('Invalid GRPC exit code: %s\n%s' %
(grpc_code, content))
response_pb = rpc_pb2.SearchBuildsResponse()
response_pb.ParseFromString(content)
return response_pb
def get_luci_credentials():
if luci_auth.available():
return luci_auth.LUCICredentials(scopes=OAUTH_SCOPES)
return None
def test_available_no_default_account(self):
local_auth = _LOCAL_AUTH.copy()
local_auth.pop('default_account_id')
with self.luci_ctx({'local_auth': local_auth}) as environ:
self.assertFalse(luci_auth.available(environ=environ))
def test_broken_ctx(self):
with self.luci_ctx({'local_auth': {'rpc_port': 'zzz'}}) as environ:
with self.assertRaises(luci_auth.LUCIAuthError):
luci_auth.available(environ=environ)
def test_available_no_ctx(self):
with self.luci_ctx({}) as environ:
self.assertFalse(luci_auth.available(environ=environ))
def test_available_yes(self):
with self.luci_ctx({'local_auth': _LOCAL_AUTH}) as environ:
self.assertTrue(luci_auth.available(environ=environ))