def WrapQuota(self, http_client, enable_resource_quota,
allow_account_impersonation, use_google_auth):
"""Returns an http_client with quota project handling."""
quota_project = self.QuotaProject(enable_resource_quota,
allow_account_impersonation,
use_google_auth)
if not quota_project:
return http_client
orig_request = http_client.request
wrapped_request = self.QuotaWrappedRequest(http_client, quota_project)
def RequestWithRetry(*args, **kwargs):
"""Retries the request after removing the quota project header.
Try the request with the X-Goog-User-Project header. If the account does
not have the permission to expense the quota of the user project in the
header, remove the header and retry.
Args:
*args: *args to send to requests.Session.request method.
**kwargs: **kwargs to send to requests.Session.request method.
Returns:
Response from requests.Session.request.
"""
response = wrapped_request(*args, **kwargs)
if response.status_code != 403:
return response
old_encoding = response.encoding
response.encoding = response.encoding or core_transport.ENCODING
try:
err_details = response.json()['error']['details']
except (KeyError, ValueError):
return response
finally:
response.encoding = old_encoding
for err_detail in err_details:
if (err_detail.get('@type')
== 'type.googleapis.com/google.rpc.ErrorInfo'
and err_detail.get('reason')
== transport.USER_PROJECT_ERROR_REASON
and err_detail.get('domain')
== transport.USER_PROJECT_ERROR_DOMAIN):
return orig_request(*args, **kwargs)
return response
if base.UserProjectQuotaWithFallbackEnabled():
http_client.request = RequestWithRetry
else:
http_client.request = wrapped_request
return http_client
def WrapQuota(self,
http_client,
enable_resource_quota,
force_resource_quota,
allow_account_impersonation,
use_google_auth):
"""Returns an http_client with quota project handling."""
quota_project = self.QuotaProject(enable_resource_quota,
force_resource_quota,
allow_account_impersonation,
use_google_auth)
if not quota_project:
return http_client
orig_request = http_client.request
wrapped_request = self.QuotaWrappedRequest(
http_client, quota_project)
def RequestWithRetry(*args, **kwargs):
"""Retries the request after removing the quota project header.
Try the request with the X-Goog-User-Project header. If the account does
not have the permission to expense the quota of the user project in the
header, remove the header and retry.
Args:
*args: *args to send to httplib2.Http.request method.
**kwargs: **kwargs to send to httplib2.Http.request method.
Returns:
Response from httplib2.Http.request.
"""
response, content = wrapped_request(*args, **kwargs)
if response.status != 403:
return response, content
content_text = six.ensure_text(content)
try:
err_msg = json.loads(content_text)['error']['message']
except (KeyError, json.JSONDecodeError):
return response, content
if transport.USER_PROJECT_OVERRIDE_ERR_MSG not in err_msg:
return response, content
return orig_request(*args, **kwargs)
if base.UserProjectQuotaWithFallbackEnabled():
http_client.request = RequestWithRetry
else:
http_client.request = wrapped_request
return http_client
def ShouldRecoverFromQuotaProject(credentials):
"""Returns a callback for handling Quota Project fallback."""
if not base.UserProjectQuotaWithFallbackEnabled():
return lambda _: False
def _ShouldRecover(response):
if response.code() != grpc.StatusCode.PERMISSION_DENIED:
return False
if IsUserProjectError(response.trailing_metadata()):
# pylint: disable=protected-access
credentials._quota_project_id = None
# pylint: enable=protected-access
return True
return False
return _ShouldRecover
def WrapQuota(self, http_client, enable_resource_quota,
force_resource_quota, allow_account_impersonation,
use_google_auth):
"""Returns an http_client with quota project handling."""
quota_project = self.QuotaProject(enable_resource_quota,
force_resource_quota,
allow_account_impersonation,
use_google_auth)
if not quota_project:
return http_client
orig_request = http_client.request
wrapped_request = self.QuotaWrappedRequest(http_client, quota_project)
def RequestWithRetry(*args, **kwargs):
"""Retries the request after removing the quota project header.
Try the request with the X-Goog-User-Project header. If the account does
not have the permission to expense the quota of the user project in the
header, remove the header and retry.
Args:
*args: *args to send to requests.Session.request method.
**kwargs: **kwargs to send to requests.Session.request method.
Returns:
Response from requests.Session.request.
"""
response = wrapped_request(*args, **kwargs)
if response.status_code != 403:
return response
old_encoding = response.encoding
response.encoding = response.encoding or core_transport.ENCODING
try:
err_msg = response.json()['error']['message']
except (KeyError, ValueError):
return response
finally:
response.encoding = old_encoding
if transport.USER_PROJECT_OVERRIDE_ERR_MSG not in err_msg:
return response
return orig_request(*args, **kwargs)
if base.UserProjectQuotaWithFallbackEnabled():
http_client.request = RequestWithRetry
else:
http_client.request = wrapped_request
return http_client