def get_globus_client(self, username=None):
"""
Get Globus SDK RESTful clients
Args:
username (str): User's GlobusID username
Returns:
auth_client (Globus SDK Client): Globus Auth RESTful client
nexus_client (Globus Nexus Client): Globus Auth-based RESTful
Globus Nexus client
"""
if username is None:
username = self.config["globus"]["root_user"]["username"]
log.debug("Getting Globus SDK Auth and Nexus client for user %s",
username)
# Setting up Globus SDK client
client_id = self.config["globus"]["app"]["client_id"]
client_secret = self.config["globus"]["app"]["client_secret"]
confidential_client = globus_sdk.ConfidentialAppAuthClient(
client_id, client_secret)
# Getting Authorizers
auth_token, nexus_token = self.get_tokens(username)
auth_authorizer = globus_sdk.RefreshTokenAuthorizer(
auth_token, confidential_client)
nexus_authorizer = globus_sdk.RefreshTokenAuthorizer(
nexus_token, confidential_client)
auth_client = globus_sdk.AuthClient(authorizer=auth_authorizer)
nexus_client = NexusClient(authorizer=nexus_authorizer)
return auth_client, nexus_client
def get_native_app_authorizer(client_id, service):
tokens = None
try:
# if we already have tokens, load and use them
tokens = load_tokens_from_file(TOKEN_FILE)
except:
pass
if not tokens:
tokens = do_native_app_authentication(client_id=client_id,
redirect_uri=REDIRECT_URI,
requested_scopes=SCOPES)
try:
save_tokens_to_file(TOKEN_FILE, tokens)
except:
pass
tokens = tokens[service]
auth_client = globus_sdk.NativeAppAuthClient(client_id=client_id)
return globus_sdk.RefreshTokenAuthorizer(
tokens['refresh_token'],
auth_client,
access_token=tokens['access_token'],
expires_at=tokens['expires_at_seconds'],
on_refresh=update_tokens_file_on_refresh)
def _get_native_app_authorizer(client_id):
tokens = None
try:
tokens = _load_tokens_from_file(TOKEN_FILE)
except Exception:
pass
if not tokens:
tokens = _do_native_app_authentication(client_id=client_id,
redirect_uri=REDIRECT_URI,
requested_scopes=SCOPES)
try:
_save_tokens_to_file(TOKEN_FILE, tokens)
except Exception:
pass
transfer_tokens = tokens['transfer.api.globus.org']
auth_client = globus_sdk.NativeAppAuthClient(client_id=client_id)
return globus_sdk.RefreshTokenAuthorizer(
transfer_tokens['refresh_token'],
auth_client,
access_token=transfer_tokens['access_token'],
expires_at=transfer_tokens['expires_at_seconds'],
on_refresh=_update_tokens_file_on_refresh)
def get_search_client():
storage_adapter = token_storage_adapter()
maybe_existing = storage_adapter.read_as_dict()
refresh_token, access_token, access_token_expires = None, None, None
if maybe_existing is not None and SEARCH_RESOURCE_SERVER in maybe_existing:
searchdata = maybe_existing[SEARCH_RESOURCE_SERVER]
access_token = searchdata["access_token"]
refresh_token = searchdata["refresh_token"]
access_token_expires = searchdata["expires_at_seconds"]
authorizer = None
if access_token_expires is not None:
authorizer = globus_sdk.RefreshTokenAuthorizer(
refresh_token,
internal_auth_client(),
access_token=access_token,
expires_at=int(access_token_expires),
on_refresh=storage_adapter.on_refresh,
)
add_kwargs = {}
if BASE_URL:
add_kwargs["base_url"] = BASE_URL
return SearchClient(
authorizer=authorizer,
app_name="search-client-cli v{}".format(version.__version__),
**add_kwargs
)
def globus_get_authorizer() -> globus_sdk.RefreshTokenAuthorizer:
"""Returns Globus authorization information (requires user interaction)
Return:
The authorizer instance
"""
auth_client = globus_sdk.NativeAppAuthClient(GLOBUS_CLIENT_ID)
auth_client.oauth2_start_flow(refresh_tokens=True)
authorize_url = auth_client.oauth2_get_authorize_url()
print("Authorization URL: %s" % authorize_url)
print("Go to the following URL to obtain the authorization code:",
authorize_url)
get_input = getattr(__builtins__, 'raw_input', input)
auth_code = get_input('Enter the authorization code: ').strip()
token_response = auth_client.oauth2_exchange_code_for_tokens(auth_code)
transfer_info = token_response.by_resource_server[
'transfer.api.globus.org']
return globus_sdk.RefreshTokenAuthorizer(
transfer_info['refresh_token'],
auth_client,
access_token=transfer_info['access_token'],
expires_at=transfer_info['expires_at_seconds'])
def get_transfer_client(client_id, transfer_rt, transfer_at, expires_at_s):
client = globus_sdk.NativeAppAuthClient(client_id)
client.oauth2_start_flow(refresh_tokens=True)
authorizer = globus_sdk.RefreshTokenAuthorizer(
transfer_rt, client, access_token=transfer_at, expires_at=int(expires_at_s))
tc = globus_sdk.TransferClient(authorizer=authorizer)
return tc
def get_transfer_client():
tokens = None
try:
# if we already have tokens, load and use them
tokens = load_tokens_from_file(p.opt["globusTokenFile"])
except:
pass
if not tokens:
# if we need to get tokens, start the Native App authentication process
tokens = do_native_app_authentication(CLIENT_ID, REDIRECT_URI, SCOPES)
try:
save_tokens_to_file(p.opt["globusTokenFile"], tokens)
except:
pass
transfer_tokens = tokens['transfer.api.globus.org']
auth_client = globus_sdk.NativeAppAuthClient(client_id=CLIENT_ID)
authorizer = globus_sdk.RefreshTokenAuthorizer(
transfer_tokens['refresh_token'],
auth_client,
access_token=transfer_tokens['access_token'],
expires_at=transfer_tokens['expires_at_seconds'],
on_refresh=update_tokens_file_on_refresh)
transfer = globus_sdk.TransferClient(authorizer=authorizer)
myproxy_lifetime = 720 # in hours. What's the maximum?
try:
r = transfer.endpoint_autoactivate(p.opt["archiveEndPoint"],
if_expires_in=3600)
while (r["code"] == "AutoActivationFailed"):
print(
"Endpoint requires manual activation, please use your UCAS name/password for this activation. "
"You can activate via the command line or via web browser:\n"
"WEB BROWSER -- Open the following URL in a browser to activate the "
"endpoint:")
print(
f"https://app.globus.org/file-manager?origin_id={p.opt['archiveEndPoint']}"
)
print("CMD LINE -- run this from your shell: ")
print(
f"globus endpoint activate --myproxy --myproxy-lifetime {myproxy_lifetime} {p.opt['archiveEndPoint']}"
)
input("Press ENTER after activating the endpoint:")
r = transfer.endpoint_autoactivate(p.opt["archiveEndPoint"],
if_expires_in=3600)
except globus_sdk.exc.GlobusAPIError as ex:
print("endpoint_autoactivation failed.")
print(ex)
if ex.http_status == 401:
sys.exit('Refresh token has expired. '
'Please delete refresh-tokens.json and try again.')
else:
raise ex
return transfer
def login(base_url, default_index):
tok_path = os.path.expanduser('~/.globus_datasearch_client_tokens.json')
def _write_tokfile(tokens):
# deny rwx to Group and World -- don't bother storing the returned old
# mask value, since we'll never restore it anyway
# do this on every call to ensure that we're always consistent about it
os.umask(0o077)
with open(tok_path, 'w') as f:
f.write(json.dumps(tokens))
def _update_tokfile(token_response):
tokens = token_response.by_resource_server['datasearch.api.globus.org']
_write_tokfile(tokens)
if os.path.exists(tok_path):
with open(tok_path) as f:
tokens = json.load(f)
else:
tokens = _interactive_login()
_write_tokfile(tokens)
authorizer = globus_sdk.RefreshTokenAuthorizer(
tokens['refresh_token'],
_load_auth_client(),
tokens['access_token'],
tokens['expires_at_seconds'],
on_refresh=_update_tokfile)
return DataSearchClient(base_url,
default_index=default_index,
authorizer=authorizer)
def connect(self):
lg = self.config['login']
self.refresh_token_file = refresh_token_file = lg['refresh token file']
have_refresh = os.path.exists(refresh_token_file)
if have_refresh:
with open(refresh_token_file) as f:
token = f.readline().strip()
self.authorizer = globus_sdk.RefreshTokenAuthorizer(
refresh_token=token, auth_client=self.client)
return #have a refresh token, all we need
else:
aurl = self.client.oauth2_get_authorize_url()
browser = lg.getboolean('browser')
if browser:
webbrowser.open(aurl)
time.sleep(0.5)
else:
print("open url {}".format(aurl))
print("login and paste result")
auth_code = input("Paste globus response: ")
tokens = self.client.oauth2_exchange_code_for_tokens(auth_code)
transfer_data = tokens.by_resource_server['transfer.api.globus.org']
TRANSFER_TOKEN = transfer_data['access_token']
if not have_refresh:
refresh = transfer_data['refresh_token']
with open(refresh_token_file, 'w') as f:
print("{}".format(refresh), file=f)
self.authorizer = globus_sdk.AccessTokenAuthorizer(TRANSFER_TOKEN)
def refresh_tokens(self, tokens):
"""
Explicitly refresh a token. Called automatically by load_tokens().
"""
if not self._refreshable(tokens):
raise TokensExpired('No Refresh Token, cannot refresh tokens: ',
resource_servers=tokens.keys())
for rs, token_dict in tokens.items():
authorizer = globus_sdk.RefreshTokenAuthorizer(
token_dict['refresh_token'],
self.client,
access_token=token_dict['access_token'],
expires_at=token_dict['expires_at_seconds'],
)
try:
ensure_valid_token = (
getattr(authorizer, 'check_expiration_time', None)
or getattr(authorizer, 'ensure_valid_token', None))
ensure_valid_token()
token_dict['access_token'] = authorizer.access_token
token_dict['expires_at_seconds'] = authorizer.expires_at
except globus_sdk.AuthAPIError as aapie:
if aapie.message == 'invalid_grant':
raise TokensExpired('Refresh Token Expired: ',
resource_servers=[rs])
return tokens
def setUp(self):
"""
Makes a refresh_token grant to get new tokens for teseting
Sets up an AuthClient and a RefreshTokenAuthorizer with a mock
on_refresh function for testing their interactions
"""
super(RefreshTokenAuthorizerIntegrationTests, self).setUp()
client_id = get_client_data()["native_app_client1"]["id"]
form_data = {'refresh_token': SDKTESTER1A_NATIVE1_TRANSFER_RT,
'grant_type': 'refresh_token',
'client_id': client_id}
token_res = globus_sdk.AuthClient().oauth2_token(form_data)
token_res = token_res.by_resource_server
self.access_token = token_res[
'transfer.api.globus.org']['access_token']
self.expires_at = token_res[
'transfer.api.globus.org']['expires_at_seconds']
self.on_refresh = mock.Mock()
self.nac = globus_sdk.NativeAppAuthClient(
client_id=get_client_data()["native_app_client1"]["id"])
self.authorizer = globus_sdk.RefreshTokenAuthorizer(
SDKTESTER1A_NATIVE1_TRANSFER_RT, self.nac,
access_token=self.access_token, expires_at=self.expires_at,
on_refresh=self.on_refresh)
self.tc = globus_sdk.TransferClient(authorizer=self.authorizer)
def activate_token(token):
logging.debug("activate_token: Starting")
client = globus_sdk.NativeAppAuthClient(CLIENT_ID)
authorizer = globus_sdk.RefreshTokenAuthorizer(token['transfer_rt'],
client)
logging.debug(authorizer)
return authorizer
def get_native_app_authorizer(client_id):
tokens = None
client = NativeClient(client_id=client_id, app_name=APP_NAME)
try:
# if we already have tokens, load and use them
tokens = client.load_tokens(requested_scopes=SCOPES)
except:
pass
if not tokens:
tokens = client.login(requested_scopes=SCOPES, refresh_tokens=True)
try:
client.save_tokens(tokens)
except:
pass
transfer_tokens = tokens['transfer.api.globus.org']
auth_client = globus_sdk.NativeAppAuthClient(client_id=client_id)
return globus_sdk.RefreshTokenAuthorizer(
transfer_tokens['refresh_token'],
auth_client,
access_token=transfer_tokens['access_token'],
expires_at=transfer_tokens['expires_at_seconds'])
def get_search_client():
def search_refresh_callback(token_response):
tkn = token_response.by_resource_server
token = tkn["search.api.globus.org"]["access_token"]
expires_at = tkn["search.api.globus.org"]["expires_at_seconds"]
write_option(SEARCH_AT_OPTNAME, token)
write_option(SEARCH_AT_EXPIRES_OPTNAME, expires_at)
refresh_token = lookup_option(SEARCH_RT_OPTNAME)
access_token = lookup_option(SEARCH_AT_OPTNAME)
access_token_expires = lookup_option(SEARCH_AT_EXPIRES_OPTNAME)
authorizer = None
if access_token_expires is not None:
authorizer = globus_sdk.RefreshTokenAuthorizer(
refresh_token,
internal_auth_client(),
access_token,
int(access_token_expires),
on_refresh=search_refresh_callback,
)
return globus_sdk.SearchClient(
authorizer=authorizer,
app_name="search-client-cli v{}".format(version.__version__),
)
def status(source_name):
# Make MDFCC
try:
logger.debug("Creating MDFCC for status")
auth_client = globus_sdk.ConfidentialAppAuthClient(
app.config['PORTAL_CLIENT_ID'], app.config['PORTAL_CLIENT_SECRET'])
mdf_authorizer = globus_sdk.RefreshTokenAuthorizer(
session["tokens"]["mdf_dataset_submission"]["refresh_token"],
auth_client)
mdfcc = mdf_connect_client.MDFConnectClient(
service_instance=app.config["MDFCC_SERVICE"],
authorizer=mdf_authorizer)
except Exception as e:
logger.error("Status MDFCC init: {}".format(repr(e)))
json_res = {"success": False, "error": "Unable to initialize client."}
else:
try:
logger.debug("Requesting status")
json_res = mdfcc.check_status(source_name, raw=True)
except Exception as e:
logger.error("Status request: {}".format(repr(e)))
json_res = {"success": False, "error": "Status request failed."}
# return (jsonify(json_res), status_code)
return render_template("status.jinja2", status_res=json_res)
def get_transfer_client(self):
# Cache the client so we don't create a new one for every call, but don't hold on to it for too long.
if self.transfer_client is not None:
seconds = (self.transfer_client_date - datetime.now()).total_seconds()
if seconds < 3200:
return self.transfer_client
self.client = globus_sdk.NativeAppAuthClient(self.GLOBUS_CLIENT_ID)
self.client.oauth2_start_flow(refresh_tokens=True)
# Refresh the token - so we don't get logged out.
oauth_data = self.client.oauth2_refresh_token(self.GLOBUS_TRANSFER_RT)
new_at = oauth_data.data['access_token']
transfer_authorizer = globus_sdk.RefreshTokenAuthorizer(self.GLOBUS_TRANSFER_RT, self.client,
access_token=new_at,
expires_at=self.EXPIRES_AT)
transfer_client = globus_sdk.TransferClient(authorizer=transfer_authorizer)
# Be sure to activate both endpoints
r = transfer_client.endpoint_autoactivate(self.GLOBUS_DTN_ENDPOINT, if_expires_in=3600)
r2 = transfer_client.endpoint_autoactivate(self.GLOBUS_IVY_ENDPOINT, if_expires_in=3600)
if r['code'] == 'AutoActivationFailed' or r2['code'] == 'AutoActivationFailed':
app.logger.error('Endpoint({}) Not Active! Error! Source message: {}'.format(self.GLOBUS_CLIENT_ID, r['message']))
elif r['code'] == 'AutoActivated.CachedCredential' or r2['code'] == 'AutoActivated.CachedCredential':
app.logger.error('Endpoint({}) autoactivated using a cached credential.'.format(self.GLOBUS_CLIENT_ID))
elif r['code'] == 'AutoActivated.GlobusOnlineCredential' or r2['code'] == 'AutoActivated.GlobusOnlineCredential':
app.logger.error(('Endpoint({}) autoactivated using a built-in Globus credential.').format(self.GLOBUS_CLIENT_ID))
elif r['code'] == 'AlreadyActivated' or r2['code'] == 'AlreadyActivated':
app.logger.info('Endpoint({}) already active until at least {}'.format(self.GLOBUS_CLIENT_ID, 3600))
self.transfer_client = transfer_client
self.transfer_client_date = datetime.now()
return self.transfer_client
def get_authorizer(self):
"""Create an authorizer to use with Globus Service Clients."""
client, tokens = self.get_tokens()
# most specifically, you want these tokens as strings
refresh_token = tokens["refresh_token"]
authorizer = globus_sdk.RefreshTokenAuthorizer(refresh_token, client)
return authorizer
def globus_transfer_client():
transfer_rt = get_globus_transfer_rt()
if not transfer_rt:
create_globus_token()
transfer_rt = get_globus_transfer_rt()
client = create_globus_client()
authorizer = globus_sdk.RefreshTokenAuthorizer(transfer_rt, client)
tc = globus_sdk.TransferClient(authorizer=authorizer)
return tc
def setUpClass(self):
"""
Sets up transfer client for creating Data objects
"""
ac = globus_sdk.NativeAppAuthClient(
client_id=get_client_data()["native_app_client1"]["id"])
authorizer = globus_sdk.RefreshTokenAuthorizer(
SDKTESTER1A_NATIVE1_TRANSFER_RT, ac)
self.tc = globus_sdk.TransferClient(authorizer=authorizer)
def login_auto(globus_client_id, str_app='globus'):
token = params.read(str_app)
if not token:
raise ValueError(
"Token file doesn't exist, run ibllib.io.globus.setup first")
client = globus.NativeAppAuthClient(globus_client_id)
client.oauth2_start_flow(refresh_tokens=True)
authorizer = globus.RefreshTokenAuthorizer(token.transfer_rt, client)
return globus.TransferClient(authorizer=authorizer)
def __init__(self):
self.transfer_rt = TRANSFER_RT
self.transfer_at = TRANSFER_AT
self.client = globus_sdk.NativeAppAuthClient(CLIENT_ID)
self.authorizer = globus_sdk.RefreshTokenAuthorizer(
self.transfer_rt, self.client, access_token=self.transfer_at)
self.transfer_client = globus_sdk.TransferClient(
authorizer=self.authorizer)
def setUpClass(self):
"""
Does an auth flow to create an authorized client for
sdktester1a and sdktester2b
Cleans out any old sharing files before running tests
"""
ac = globus_sdk.NativeAppAuthClient(
client_id=get_client_data()["native_app_client1"]["id"])
authorizer1 = globus_sdk.RefreshTokenAuthorizer(
SDKTESTER1A_NATIVE1_TRANSFER_RT, ac)
self.tc = globus_sdk.TransferClient(authorizer=authorizer1)
authorizer2 = globus_sdk.RefreshTokenAuthorizer(
SDKTESTER2B_NATIVE1_TRANSFER_RT, ac)
self.tc2 = globus_sdk.TransferClient(authorizer=authorizer2)
cleanSharing(self.tc)
def main():
"""
main program
"""
my_end_points = (
'ncsa#BlueWaters',
'ncsa#BlueWaters-Duo',
'ncsa#BlueWatersAWS',
'BW Google Drive Endpoint',
'ncsa#jyc',
'umn#pgc-terranova',
'illinois_duo',
)
tokens = load_tokens_from_file(TOKEN_FILE)
if not tokens:
# if we need to get tokens, start the Native App authentication process
tokens = do_native_app_authentication(CLIENT_ID, REDIRECT_URI, SCOPES)
save_tokens_to_file(TOKEN_FILE, tokens)
transfer_tokens = tokens['transfer.api.globus.org']
auth_client = globus_sdk.NativeAppAuthClient(client_id=CLIENT_ID)
authorizer = globus_sdk.RefreshTokenAuthorizer(
transfer_tokens['refresh_token'],
auth_client,
access_token=transfer_tokens['access_token'],
expires_at=transfer_tokens['expires_at_seconds'],
on_refresh=update_tokens_file_on_refresh)
tclient = globus_sdk.TransferClient(authorizer=authorizer)
# for the GO endpoints listed above ...
total_servers_down = 0
for endpoint in my_end_points:
# Find the endpoint with search so that a replaced endpoint
# with a replacement id will still be checked.
for myep in tclient.endpoint_search(filter_fulltext=endpoint):
# Isolate the search results to an exact match by forcing
# /^endpoint$/ as the regex search we are matching.
epsearchstring = "^" + endpoint + "$"
if re.search(epsearchstring, myep['display_name'], flags=0):
print("-->", myep['display_name'], myep['id'])
total_servers_down += my_endpoint_manager_server_check(
tclient, myep['id'])
# Something is broken in the endpoint_search for illinois#iccp so this one is handled
# separately. The id below is updated manually from the GO web page of endpoints.
illinois_iccp_id = "9cd89c31-6d04-11e5-ba46-22000b92c6ec"
print("--> illinois#iccp", illinois_iccp_id)
total_servers_down += my_endpoint_manager_server_check(
tclient, illinois_iccp_id)
if total_servers_down > 0:
# for the Jenkins test harness
sys.exit(-1)
def get_deriva_token():
# TODO: When decision is made about user auth vs. conf client auth, implement.
# Currently using personal refresh token for scope.
# Refresh token will expire in six months(?)
# Date last generated: 9-26-2019
return globus_sdk.RefreshTokenAuthorizer(
refresh_token=CONFIG["TEMP_REFRESH_TOKEN"],
auth_client=globus_sdk.NativeAppAuthClient(
CONFIG["GLOBUS_NATIVE_APP"])).access_token
def __init__(self):
"""
The ACLManager is used to add and remove acl endpoints for KBase Users on our Globus Share
"""
logging.basicConfig(stream=sys.stdout, level=logging.DEBUG)
config = configparser.ConfigParser()
config.read("/etc/globus.cfg")
cf = config['globus']
self.endpoint_id = cf['endpoint_id']
client = globus_sdk.NativeAppAuthClient(cf['client_id'])
try:
transfer_authorizer = globus_sdk.RefreshTokenAuthorizer(cf['transfer_token'], client)
self.globus_transfer_client = globus_sdk.TransferClient(authorizer=transfer_authorizer)
auth_authorizer = globus_sdk.RefreshTokenAuthorizer(cf['auth_token'], client)
self.globus_auth_client = globus_sdk.AuthClient(authorizer=auth_authorizer)
except globus_sdk.GlobusAPIError as error:
logging.error(str(error.code) + error.raw_text)
raise HTTPInternalServerError(text=str("Invalid Token Specified in globus.cfg file"))
def login_auto(globus_client_id, str_app='globus/default'):
token = params.read(str_app)
required_fields = {'refresh_token', 'access_token', 'expires_at_seconds'}
if not (token and required_fields.issubset(token.as_dict())):
raise ValueError(
"Token file doesn't exist, run ibllib.io.globus.setup first")
client = globus.NativeAppAuthClient(globus_client_id)
client.oauth2_start_flow(refresh_tokens=True)
authorizer = globus.RefreshTokenAuthorizer(token.refresh_token, client)
return globus.TransferClient(authorizer=authorizer)
def setUpClass(self):
"""
Creates a BaseClient object for testing
"""
ac = globus_sdk.NativeAppAuthClient(
client_id=get_client_data()["native_app_client1"]["id"])
authorizer = globus_sdk.RefreshTokenAuthorizer(
SDKTESTER1A_NATIVE1_TRANSFER_RT, ac)
self.bc = BaseClient("transfer",
base_path="/v0.10/",
authorizer=authorizer)
def init_transfer_client(self):
'''return a transfer client for the user'''
if self._tokens_need_update():
self._update_tokens()
# Createe Refresh Token Authorizer
authorizer = globus_sdk.RefreshTokenAuthorizer(
self.transfer['refresh_token'],
self._client,
access_token=self.transfer['access_token'],
expires_at=self.transfer['expires_at_seconds'])
self.transfer_client = globus_sdk.TransferClient(authorizer=authorizer)
def acquire_clients(request):
# connect to the service
client = globus_sdk.NativeAppAuthClient(request["client_id"])
if request["transfer_rt"] is None:
authorizer = globus_sdk.AccessTokenAuthorizer(request["transfer_at"])
else:
authorizer = globus_sdk.RefreshTokenAuthorizer(
request["transfer_rt"],
client,
access_token=request["transfer_at"],
expires_at=int(request["transfer_at_exp"]),
)
transfer_client = globus_sdk.TransferClient(authorizer=authorizer)
return client, transfer_client
def get_refresh_token_authorizer(self):
""" Attempts to get an authorizer object that uses refresh tokens (for
automatic authentication). It requires a refresh token to work.
:returns: Globus SDK authorizer object """
# Get client from globus sdk to act on
client = globus_sdk.NativeAppAuthClient(self.CLIENT_ID)
client.oauth2_start_flow(refresh_tokens=True)
# Get authorizer that handles the refreshing of token
try:
return globus_sdk.RefreshTokenAuthorizer(self.TRANSFER_RT, client)
except globus_sdk.exc.AuthAPIError as e:
sys.exit("Transfer refresh token file {} is outdated, "
"please remove and try running again".format(
self.transfer_rt_filename))
