def _google_analytics_credentials_from_service_account_credentials(
private_key_id: str,
private_key: str,
client_email: str,
client_id: str
):
'''Returns the credentials for a service account
'''
import oauth2client
from oauth2client.service_account import ServiceAccountCredentials
from oauth2client import crypt
# adapted from ServiceAccountCredentials._from_parsed_json_keyfile()
service_account_email = client_email
private_key_pkcs8_pem = private_key
private_key_id = private_key_id
client_id = client_id
token_uri = oauth2client.GOOGLE_TOKEN_URI
revoke_uri = oauth2client.GOOGLE_REVOKE_URI
signer = crypt.Signer.from_string(private_key_pkcs8_pem)
credentials = ServiceAccountCredentials(service_account_email, signer, scopes=SCOPES,
private_key_id=private_key_id,
client_id=client_id, token_uri=token_uri,
revoke_uri=revoke_uri)
credentials._private_key_pkcs8_pem = private_key_pkcs8_pem
return credentials
def _google_sheet_credentials_from_service_account_credentials(
private_key_id: str, private_key: str, client_email: str,
client_id: str):
'''Returns the credentials for a service account
The credentials have the scope set to ['https://spreadsheets.google.com/feeds']
https://gspread.readthedocs.io/en/latest/oauth2.html
'''
import oauth2client
from oauth2client.service_account import ServiceAccountCredentials
from oauth2client import crypt
# adapted from ServiceAccountCredentials._from_parsed_json_keyfile()
service_account_email = client_email
private_key_pkcs8_pem = private_key
private_key_id = private_key_id
client_id = client_id
token_uri = oauth2client.GOOGLE_TOKEN_URI
revoke_uri = oauth2client.GOOGLE_REVOKE_URI
signer = crypt.Signer.from_string(private_key_pkcs8_pem)
credentials = ServiceAccountCredentials(service_account_email,
signer,
scopes=SCOPES,
private_key_id=private_key_id,
client_id=client_id,
token_uri=token_uri,
revoke_uri=revoke_uri)
credentials._private_key_pkcs8_pem = private_key_pkcs8_pem
return credentials
def GetCredentials(self):
return ServiceAccountCredentials(
service_account_id=self._client_id,
service_account_email=self._service_account_email,
private_key_id=self._private_key_id,
private_key_pkcs8_text=self._private_key_pkcs8_text,
scopes=[DEFAULT_SCOPE])
def get_workbook():
scopes = [
'https://spreadsheets.google.com/feeds',
'https://www.googleapis.com/auth/drive',
]
signer = crypt.Signer.from_string(DEV_DASHBOARD_PRIVATE_KEY)
credentials = ServiceAccountCredentials(
service_account_email=DEV_DASHBOARD_CLIENT_EMAIL,
signer=signer,
scopes=scopes,
)
try:
gc = gspread.authorize(credentials)
except HttpAccessTokenRefreshError:
logger.error('Invalid credentials')
return
try:
book = gc.open(DEV_DASHBOARD_WORKBOOK)
except gspread.exceptions.SpreadsheetNotFound:
logger.error(f'Could not find workbook named {DEV_DASHBOARD_WORKBOOK}')
return
return book
def __init__(self, service_email=None, private_key=None, user_email=None):
"""
Handles credentials and builds the google service.
:param service_email: String
:param private_key: Path
:param user_email: String
:raise ValueError:
"""
self._service_email = service_email or settings.GOOGLE_DRIVE_STORAGE_SERVICE_EMAIL
self._key = private_key or settings.GOOGLE_DRIVE_STORAGE_KEY
kwargs = {}
if user_email or settings.GOOGLE_DRIVE_STORAGE_USER_EMAIL:
self._user_email = kwargs[
'sub'] = user_email or settings.GOOGLE_DRIVE_STORAGE_USER_EMAIL
credentials = ServiceAccountCredentials(
self._service_email,
self._key,
scope="https://www.googleapis.com/auth/drive",
**kwargs)
http = httplib2.Http()
http = credentials.authorize(http)
self._drive_service = build('drive', 'v2', http=http)
def test_create_delegated(self):
signer = object()
sub = '*****@*****.**'
creds = ServiceAccountCredentials('*****@*****.**', signer)
self.assertNotIn('sub', creds._kwargs)
delegated_creds = creds.create_delegated(sub)
self.assertEqual(delegated_creds._kwargs['sub'], sub)
# Make sure the original is unchanged.
self.assertNotIn('sub', creds._kwargs)
def get_gsheets_creds():
global _gsheets_creds
scope = ['https://spreadsheets.google.com/feeds']
if not _gsheets_creds:
_gsheets_creds = ServiceAccountCredentials(
settings.GOOGLE_SHEETS_EMAIL, settings.GOOGLE_SHEETS_PRIVATE_KEY,
scope)
return _gsheets_creds
def test_create_scoped_required_with_scopes(self):
signer = object()
self.credentials = ServiceAccountCredentials(
self.service_account_email,
signer,
scopes=self.scopes,
private_key_id=self.private_key_id,
client_id=self.client_id,
)
self.assertFalse(self.credentials.create_scoped_required())
def api_service(endpoint, version):
""" Builds service object to interface with the google api """
with open('data/' + SETTINGS['P12_KEY_FILE']) as f:
private_key = f.read()
creds = ServiceAccountCredentials(SETTINGS['GSERVEMAIL'], private_key,
SETTINGS['SCOPE'])
service = build(endpoint, version, http=creds.authorize(Http()))
return service
def get_client():
scope = ['https://spreadsheets.google.com/feeds']
s = Signer.from_string(
base64.b64decode(os.environ['GOOGLE_API_PRIVATE_KEY']))
credentials = ServiceAccountCredentials(
os.environ['GOOGLE_API_CLIENT_EMAIL'],
s,
scope,
)
return gspread.authorize(credentials)
def test_create_delegated_existing_sub(self):
signer = object()
sub1 = '*****@*****.**'
sub2 = '*****@*****.**'
creds = ServiceAccountCredentials('*****@*****.**', signer, sub=sub1)
self.assertEqual(creds._kwargs['sub'], sub1)
delegated_creds = creds.create_delegated(sub2)
self.assertEqual(delegated_creds._kwargs['sub'], sub2)
# Make sure the original is unchanged.
self.assertEqual(creds._kwargs['sub'], sub1)
def GetCredentials(self):
if OAUTH2CLIENT_V2:
return ServiceAccountCredentials.from_json_keyfile_dict(
self._json_key_dict, scopes=[DEFAULT_SCOPE], token_uri=self.token_uri)
else:
return ServiceAccountCredentials(
service_account_id=self._client_id,
service_account_email=self._service_account_email,
private_key_id=self._private_key_id,
private_key_pkcs8_text=self._private_key_pkcs8_text,
scopes=[DEFAULT_SCOPE], token_uri=self.token_uri)
def test_p12_type_non_bytes_to_sign(self):
from oauth2client.service_account import ServiceAccountCredentials
ACCOUNT_NAME = 'dummy_service_account_name'
PRIVATE_KEY_TEXT = b'dummy_private_key_text'
STRING_TO_SIGN = u'dummy_signature'
SIGNER = object()
CREDENTIALS = ServiceAccountCredentials(ACCOUNT_NAME, SIGNER)
CREDENTIALS._private_key_pkcs12 = PRIVATE_KEY_TEXT
CREDENTIALS._private_key_password = '******'
self._run_with_fake_crypto(CREDENTIALS, PRIVATE_KEY_TEXT,
STRING_TO_SIGN)
def __init__(self, client_email, private_key, private_key_id, client_id):
service_account_email = client_email
private_key_pkcs8_pem = private_key
private_key_id = private_key_id
signer = crypt.Signer.from_string(private_key_pkcs8_pem)
credentials = ServiceAccountCredentials(service_account_email,
signer,
scopes=SCOPES,
private_key_id=private_key_id,
client_id=client_id)
credentials._private_key_pkcs8_pem = private_key_pkcs8_pem
# Build the service object.
self.service = build('calendar', 'v3', credentials=credentials)
def setUp(self):
self.client_id = '123'
self.service_account_email = '*****@*****.**'
self.private_key_id = 'ABCDEF'
self.private_key = datafile('pem_from_pkcs12.pem')
self.scopes = ['dummy_scope']
self.signer = crypt.Signer.from_string(self.private_key)
self.credentials = ServiceAccountCredentials(
self.service_account_email,
self.signer,
private_key_id=self.private_key_id,
client_id=self.client_id,
)
def handle(self, *args, **options):
def get_hour_fraction(timedelta_object):
"""
Convert seconds to hour fraction. i. e. 1 hour and 60 seconds are 1,016~ hours.
"""
print('--------')
print(timedelta_object.days, timedelta_object.seconds)
hours = timedelta_object.days * 24
seconds = timedelta_object.seconds
fraction_of_hour = seconds / 3600.0
print(hours, fraction_of_hour)
return hours + fraction_of_hour
leaderboard = get_leaderboard()
print(leaderboard)
avg_time_first_mod_rev_all = get_hour_fraction(
leaderboard['avg']['all_time']['review'][0])
avg_time_first_mod_rev_week = get_hour_fraction(
leaderboard['avg']['seven_days']['review'][0])
avg_time_mod_res_all = get_hour_fraction(
leaderboard['avg']['all_time']['resolution'][0])
avg_time_mod_res_week = get_hour_fraction(
leaderboard['avg']['seven_days']['resolution'][0])
signer = crypt.Signer.from_string(GOOGLE_DOCS_API_PRIVATE_KEY)
scope = ['https://spreadsheets.google.com/feeds']
creds = ServiceAccountCredentials(
GOOGLE_DOCS_API_SERVICE_ACCOUNT_EMAIL,
signer,
scopes=scope,
private_key_id=None,
client_id=None,
user_agent=None,
token_uri='https://www.googleapis.com/oauth2/v4/token',
revoke_uri='https://accounts.google.com/o/oauth2/revoke')
client = gspread.authorize(creds)
sheet = client.open('cv-mod-stats').sheet1
# The list of the values that stores the stats needed (should be in this order)
timestamp = timezone.now().strftime('%Y-%m-%d')
values = (timestamp, avg_time_first_mod_rev_week,
avg_time_first_mod_rev_all, avg_time_mod_res_week,
avg_time_mod_res_all)
# Insert at index 2 (index 1 is the header)
sheet.insert_row(values, 2)
def _make_credentials(self):
private_key = datafile('privatekey.' + self.format_)
signer = crypt.Signer.from_string(private_key)
credentials = ServiceAccountCredentials(
'*****@*****.**', signer,
scopes='read+write',
sub='*****@*****.**')
if self.format_ == 'pem':
credentials._private_key_pkcs8_pem = private_key
elif self.format_ == 'p12':
credentials._private_key_pkcs12 = private_key
credentials._private_key_password = _PASSWORD_DEFAULT
else: # pragma: NO COVER
raise ValueError('Unexpected format.')
return credentials
def test__to_json_override(self):
signer = object()
creds = ServiceAccountCredentials('*****@*****.**', signer)
self.assertEqual(creds._signer, signer)
# Serialize over-ridden data (unrelated to ``creds``).
to_serialize = {'unrelated': 'data'}
serialized_str = creds._to_json([], to_serialize.copy())
serialized_data = json.loads(serialized_str)
expected_serialized = {
'_class': 'ServiceAccountCredentials',
'_module': 'oauth2client.service_account',
'token_expiry': None,
}
expected_serialized.update(to_serialize)
self.assertEqual(serialized_data, expected_serialized)
def __authenticate(self):
if self.verbose:
print('Authenticating for Google Sheets')
creds = self.__sheet_cfg['creds']
signer = Signer.from_string(creds['private_key'])
scope = self.__sheet_cfg['scope']
return ServiceAccountCredentials(
client_id=creds['client_id'],
service_account_email=creds['client_email'],
private_key_id=creds['private_key_id'],
token_uri=creds['token_uri'],
scopes=scope,
signer=signer)
def GetCredentials(self):
# TODO: Plumb through auth_uri and token_uri support,
# which in turn means amending oauth2client to support them.
if OAUTH2CLIENT_V2:
return ServiceAccountCredentials.from_json_keyfile_dict(
self._json_key_dict,
scopes=[DEFAULT_SCOPE],
token_uri=self.token_uri)
else:
return ServiceAccountCredentials(
service_account_id=self._client_id,
service_account_email=self._service_account_email,
private_key_id=self._private_key_id,
private_key_pkcs8_text=self._private_key_pkcs8_text,
scopes=[DEFAULT_SCOPE],
token_uri=self.token_uri)
def get_creds():
scopes = ''
service_account_email = os.environ['goog_client_email']
private_key_pkcs8_pem = os.environ['goog_private_key'].replace(r"\n", "\n")
private_key_id = os.environ['goog_private_key_id']
client_id = os.environ['goog_client_id']
token_uri = os.environ['goog_token_uri']
revoke_uri = GOOGLE_REVOKE_URI
signer = crypt.Signer.from_string(private_key_pkcs8_pem)
credentials = ServiceAccountCredentials(service_account_email,
signer,
scopes=scopes,
private_key_id=private_key_id,
client_id=client_id,
token_uri=token_uri,
revoke_uri=revoke_uri)
credentials._private_key_pkcs8_pem = private_key_pkcs8_pem
return credentials
def from_json(cls, s):
try:
data = json.loads(s)
retval = ServiceAccountCredentials(
service_account_id=data['_service_account_id'],
service_account_email=data['_service_account_email'],
private_key_id=data['_private_key_id'],
private_key_pkcs8_text=data['_private_key_pkcs8_text'],
scopes=[DEFAULT_SCOPE])
# TODO: Need to define user agent here,
# but it is not known until runtime.
retval.invalid = data['invalid']
retval.access_token = data['access_token']
if 'token_expiry' in data:
retval.token_expiry = datetime.datetime.strptime(
data['token_expiry'], EXPIRY_FORMAT)
return retval
except KeyError as e:
raise Exception('Your JSON credentials are invalid; '
'missing required entry %s.' % e[0])
def credentials_from_env(self, scopes):
keyfile_dict = {}
keyfile_dict["token_uri"] = get_env('SC_TOKEN_URI')
keyfile_dict["auth_uri"] = get_env('SC_AUTH_URI')
# TODO: clean this part
tmp = get_env('SC_PRIVATE_KEY').replace("\n", "\\n")
buff = '{"a": "' + tmp + '"}'
buff = json.loads(buff)
keyfile_dict["private_key"] = buff['a']
#######################
signer = crypt.Signer.from_string(keyfile_dict["private_key"])
credential = ServiceAccountCredentials(
get_env('SC_CLIENT_EMAIL'),
signer,
scopes=scopes,
private_key_id=get_env('SC_PRIVATE_KEY_ID'),
client_id=get_env('SC_CLIENT_ID'),
token_uri=keyfile_dict.get('token_uri', GOOGLE_TOKEN_URI),
revoke_uri=keyfile_dict.get('revoke_uri', GOOGLE_REVOKE_URI),
)
credential._private_key_pkcs8_pem = keyfile_dict['private_key']
return credential
def get_credentials(credential_file=None, credentials=None):
if credential_file:
return GoogleCredentials.from_stream(credential_file)
if credentials and credentials["type"] == "service_account":
return ServiceAccountCredentials(
service_account_id=credentials["client_id"],
service_account_email=credentials["client_email"],
private_key_id=credentials["private_key_id"],
private_key_pkcs8_text=credentials["private_key"],
scopes=[])
if credentials and credentials["type"] == "authorized_user":
return GoogleCredentials(access_token=None,
client_id=credentials["client_id"],
client_secret=credentials["client_secret"],
refresh_token=credentials["refresh_token"],
token_expiry=None,
token_uri=GOOGLE_TOKEN_URI,
user_agent="pghoard")
return GoogleCredentials.get_application_default()
from __future__ import absolute_import
import pickle
import sys
from oauth2client.service_account import ServiceAccountCredentials
from oauth2_test import utils
# Sanity check: It is easy to be confused about what environment you
# are in; if this is not being done with oauth2client 4.0.0, complain.
utils.expect_version('4.0.0')
# Create a _ServiceAccountCredentials object.
sac = ServiceAccountCredentials(
service_account_email='*****@*****.**',
signer=None,
scopes=['SCOPE1', 'SCOPE2', 'SCOPE3'],
private_key_id='private-key-id',
user_agent='user-agent/1.0',
)
# Write the pickle to disk.
filename = '{target}/service-acct-4.0.0-py{py_major}{py_minor}.pickle'.format(
py_major=sys.version_info[0],
py_minor=sys.version_info[1],
target=utils.target,
)
with open(filename, 'wb') as f:
f.write(pickle.dumps(sac))
def __init__(self, parsed_url):
duplicity.backend.Backend.__init__(self, parsed_url)
try:
global pydrive
import httplib2
from apiclient.discovery import build
from pydrive.auth import GoogleAuth
from pydrive.drive import GoogleDrive
from pydrive.files import ApiRequestError, FileNotUploadedError
except ImportError as e:
raise BackendException(u"""\
PyDrive backend requires PyDrive installation. Please read the manpage for setup details.
Exception: %s""" % str(e))
# let user get by with old client while he can
try:
from oauth2client.client import SignedJwtAssertionCredentials
self.oldClient = True
except:
from oauth2client.service_account import ServiceAccountCredentials
from oauth2client import crypt
self.oldClient = False
if u'GOOGLE_DRIVE_ACCOUNT_KEY' in os.environ:
account_key = os.environ[u'GOOGLE_DRIVE_ACCOUNT_KEY']
if self.oldClient:
credentials = SignedJwtAssertionCredentials(
parsed_url.username + u'@' + parsed_url.hostname,
account_key,
scopes=u'https://www.googleapis.com/auth/drive')
else:
signer = crypt.Signer.from_string(account_key)
credentials = ServiceAccountCredentials(
parsed_url.username + u'@' + parsed_url.hostname,
signer,
scopes=u'https://www.googleapis.com/auth/drive')
credentials.authorize(httplib2.Http())
gauth = GoogleAuth()
gauth.credentials = credentials
elif u'GOOGLE_DRIVE_SETTINGS' in os.environ:
gauth = GoogleAuth(
settings_file=os.environ[u'GOOGLE_DRIVE_SETTINGS'])
gauth.CommandLineAuth()
elif (u'GOOGLE_SECRETS_FILE' in os.environ
and u'GOOGLE_CREDENTIALS_FILE' in os.environ):
gauth = GoogleAuth()
gauth.LoadClientConfigFile(os.environ[u'GOOGLE_SECRETS_FILE'])
gauth.LoadCredentialsFile(os.environ[u'GOOGLE_CREDENTIALS_FILE'])
if gauth.credentials is None:
gauth.CommandLineAuth()
elif gauth.access_token_expired:
gauth.Refresh()
else:
gauth.Authorize()
gauth.SaveCredentialsFile(os.environ[u'GOOGLE_CREDENTIALS_FILE'])
else:
raise BackendException(
u'GOOGLE_DRIVE_ACCOUNT_KEY or GOOGLE_DRIVE_SETTINGS environment '
u'variable not set. Please read the manpage to fix.')
self.drive = GoogleDrive(gauth)
# Dirty way to find root folder id
file_list = self.drive.ListFile({
u'q':
u"'Root' in parents and trashed=false"
}).GetList()
if file_list:
parent_folder_id = file_list[0][u'parents'][0][u'id']
else:
file_in_root = self.drive.CreateFile({u'title': u'i_am_in_root'})
file_in_root.Upload()
parent_folder_id = file_in_root[u'parents'][0][u'id']
file_in_root.Delete()
# Fetch destination folder entry and create hierarchy if required.
folder_names = parsed_url.path.split(u'/')
for folder_name in folder_names:
if not folder_name:
continue
file_list = self.drive.ListFile({
u'q':
u"'" + parent_folder_id + u"' in parents and trashed=false"
}).GetList()
folder = next(
(item
for item in file_list if item[u'title'] == folder_name and
item[u'mimeType'] == u'application/vnd.google-apps.folder'),
None)
if folder is None:
folder = self.drive.CreateFile({
u'title':
folder_name,
u'mimeType':
u"application/vnd.google-apps.folder",
u'parents': [{
u'id': parent_folder_id
}]
})
folder.Upload()
parent_folder_id = folder[u'id']
self.folder = parent_folder_id
self.id_cache = {}
def test_access_token(self, utcnow):
# Configure the patch.
seconds = 11
NOW = datetime.datetime(1992, 12, 31, second=seconds)
utcnow.return_value = NOW
# Create a custom credentials with a mock signer.
signer = mock.MagicMock()
signed_value = b'signed-content'
signer.sign = mock.MagicMock(name='sign', return_value=signed_value)
credentials = ServiceAccountCredentials(
self.service_account_email,
signer,
private_key_id=self.private_key_id,
client_id=self.client_id,
)
# Begin testing.
lifetime = 2 # number of seconds in which the token expires
EXPIRY_TIME = datetime.datetime(1992,
12,
31,
second=seconds + lifetime)
token1 = u'first_token'
token_response_first = {
'access_token': token1,
'expires_in': lifetime,
}
token2 = u'second_token'
token_response_second = {
'access_token': token2,
'expires_in': lifetime,
}
http = HttpMockSequence([
({
'status': '200'
}, json.dumps(token_response_first).encode('utf-8')),
({
'status': '200'
}, json.dumps(token_response_second).encode('utf-8')),
])
# Get Access Token, First attempt.
self.assertEqual(credentials.access_token, None)
self.assertFalse(credentials.access_token_expired)
self.assertEqual(credentials.token_expiry, None)
token = credentials.get_access_token(http=http)
self.assertEqual(credentials.token_expiry, EXPIRY_TIME)
self.assertEqual(token1, token.access_token)
self.assertEqual(lifetime, token.expires_in)
self.assertEqual(token_response_first, credentials.token_response)
# Two utcnow calls are expected:
# - get_access_token() -> _do_refresh_request (setting expires in)
# - get_access_token() -> _expires_in()
expected_utcnow_calls = [mock.call()] * 2
self.assertEqual(expected_utcnow_calls, utcnow.mock_calls)
# One call to sign() expected: Actual refresh was needed.
self.assertEqual(len(signer.sign.mock_calls), 1)
# Get Access Token, Second Attempt (not expired)
self.assertEqual(credentials.access_token, token1)
self.assertFalse(credentials.access_token_expired)
token = credentials.get_access_token(http=http)
# Make sure no refresh occurred since the token was not expired.
self.assertEqual(token1, token.access_token)
self.assertEqual(lifetime, token.expires_in)
self.assertEqual(token_response_first, credentials.token_response)
# Three more utcnow calls are expected:
# - access_token_expired
# - get_access_token() -> access_token_expired
# - get_access_token -> _expires_in
expected_utcnow_calls = [mock.call()] * (2 + 3)
self.assertEqual(expected_utcnow_calls, utcnow.mock_calls)
# No call to sign() expected: the token was not expired.
self.assertEqual(len(signer.sign.mock_calls), 1 + 0)
# Get Access Token, Third Attempt (force expiration)
self.assertEqual(credentials.access_token, token1)
credentials.token_expiry = NOW # Manually force expiry.
self.assertTrue(credentials.access_token_expired)
token = credentials.get_access_token(http=http)
# Make sure refresh occurred since the token was not expired.
self.assertEqual(token2, token.access_token)
self.assertEqual(lifetime, token.expires_in)
self.assertFalse(credentials.access_token_expired)
self.assertEqual(token_response_second, credentials.token_response)
# Five more utcnow calls are expected:
# - access_token_expired
# - get_access_token -> access_token_expired
# - get_access_token -> _do_refresh_request
# - get_access_token -> _expires_in
# - access_token_expired
expected_utcnow_calls = [mock.call()] * (2 + 3 + 5)
self.assertEqual(expected_utcnow_calls, utcnow.mock_calls)
# One more call to sign() expected: Actual refresh was needed.
self.assertEqual(len(signer.sign.mock_calls), 1 + 0 + 1)
self.assertEqual(credentials.access_token, token2)
import pandas as pd
import gspread as gs
import gspread_dataframe as gd
from oauth2client.service_account import ServiceAccountCredentials
scope = ['https://docs.google.com', 'https://googleapis.com/auth/drive']
credentials = ServiceAccountCredentials('/home/userbmc/aps_bmc_screening.json',
scope)
gc = gs.authorize(credentials)
sheet = gc.open("Screening Results").sheet1
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
"""
Created on Mon Feb 18 11:20:58 2019
@author: r.mishra
"""
import json
import gspread
from oauth2client.service_account import ServiceAccountCredentials
json_key = json.load(
open('SheetAccess.json')) # json credentials you downloaded earlier
scope = ['https://spreadsheets.google.com/feeds']
credentials = ServiceAccountCredentials(json_key['client_email'],
json_key['private_key'].encode(),
scope) # get email and key from creds
file = gspread.authorize(credentials) # authenticate with Google
sheet = file.open("Copy of pacing calender").Math # open sheet
##pip install google-api-python-client google-auth-httplib2 google-auth-oauthlib
