def DoInstalledAppBrowserFlowGoogleAuth(launch_browser, scopes, client_id_file=None): """Launches a 3LO oauth2 flow to get google-auth credentials. Args: launch_browser: bool, True to launch the browser, false to ask users to copy the auth url to a browser. scopes: [str], The list of scopes to authorize. client_id_file: str, The path to a file containing the client id and secret to use for the flow. If None, the default client id for the Cloud SDK is used. Returns: google.auth.credentials.Credentials, The credentials obtained from the flow. """ if client_id_file: AssertClientSecretIsInstalledType(client_id_file) google_auth_flow = c_flow.CreateGoogleAuthFlow(scopes, client_id_file) try: user_creds = c_flow.RunGoogleAuthFlow(google_auth_flow, launch_browser) return c_google_auth.UserCredWithReauth.FromGoogleAuthUserCredentials( user_creds) except c_flow.Error as e: if c_store.IsContextAwareAccessDeniedError(e): msg = c_store.CONTEXT_AWARE_ACCESS_HELP_MSG else: msg = 'There was a problem with web authentication.' if launch_browser: msg += ' Try running again with --no-launch-browser.' log.error(msg) raise
def _HandleAuthError(e): """Handle a generic auth error and raise a nicer message. Args: e: The exception that was caught. Raises: store.TokenRefreshError: If an auth error occurs. """ msg = six.text_type(e) log.debug('Exception caught during HTTP request: %s', msg, exc_info=True) if store.IsContextAwareAccessDeniedError(e): raise store.TokenRefreshDeniedByCAAError(msg) raise store.TokenRefreshError(msg)
def DoInstalledAppBrowserFlow(launch_browser, scopes, client_id_file=None, client_id=None, client_secret=None): """Launches a browser to get credentials. Args: launch_browser: bool, True to do a browser flow, false to allow the user to type in a token from a different browser. scopes: [str], The list of scopes to authorize. client_id_file: str, The path to a file containing the client id and secret to use for the flow. If None, the default client id for the Cloud SDK is used. client_id: str, An alternate client id to use. This is ignored if you give a client id file. If None, the default client id for the Cloud SDK is used. client_secret: str, The secret to go along with client_id if specified. Returns: The clients obtained from the web flow. """ try: if client_id_file: AssertClientSecretIsInstalledType(client_id_file) webflow = client.flow_from_clientsecrets(filename=client_id_file, scope=scopes) return c_store.RunWebFlow(webflow, launch_browser=launch_browser) else: return c_store.AcquireFromWebFlow(launch_browser=launch_browser, scopes=scopes, client_id=client_id, client_secret=client_secret) except c_store.FlowError as e: if c_store.IsContextAwareAccessDeniedError(e): msg = c_store.CONTEXT_AWARE_ACCESS_HELP_MSG else: msg = 'There was a problem with web authentication.' if launch_browser: msg += ' Try running again with --no-launch-browser.' log.error(msg) raise